Basically create an alias for every combination to prevent privacy cross contamination.

For instance, not only should you make an email alias for an Eventbrite account, but for every organization you sign up for events with. You are required to enter an email (any email) for the event, which can be seen by both Eventbrite and the organization. If you enter in the email of your Eventbrite account then the org could give that away, resulting in email spam and you can't be sure if it was either Eventbrite itself or the org that sold you out. If that happens then you would probably want to delete email address but then you have to change it in other places you need to send/receive emails from.

Another example is Discourse forum sites. While Discourse is open source and self-hostable, you may not always be sure if a Discourse site is self-hosted or using paid hosting. A lot online places have both their own website and a separate discourse site. Bitwarden's forum site doesn't have a sign-in option using your Bitwarden.com account, and Raindrop.io uses canny.io to track app feedback which has also uses its own login. (I'm actually glad I made an alias for every single Discourse forum site before realizing all of this).

I just did this on a website that said my Simplelogin alias isn't allowed for signup, but changed it successfully after the fact from a disposable email.

(I'm aware that many Lemmy users hate Reddit. this discussion would be useful for anyone that Lemmy users that also use Reddit)

This came as a big surprise to many users on places like r/help and r/bugs, including me. Reddit made this post last week on it: Say goodbye to new.reddit on Dec 11, 2024 : r/modnews.

Seeing this r/privacy post: sh.reddit (shreddit) is a Google spyware machine designed to de-anonymize you : r/privacy, New New reddit (2023 Reddit redesign) pings Google repatcha on every single page load. I saw the comments but its not clear how to counter this other than using old.reddit.com (which I like even less than 2023 reddit) or using 3rd party apps.

https://windowsreport.com/mozilla-firefox-removes-do-not-track-feature-support-heres-what-it-means-for-your-privacy/

For instance, People I know that are using Eventbrite for private event registration. To sign up for the event with or without an account, you have to write and confirm your email in the boxes, I did some looking up to see if hosts can see the email. I didn't find any answers so I made a Reddit post asking, and got a reply saying "No, they can't. Eventbrite deletes them as soon as you submit the form." I wanted to be sure so I created a private test event and registered for it in a private window. I then went to my event dashboard and clicked on the ticket # where I can in fact view it (the email shown is made up).

I only asked Perplexity after trying to find out myself. It did in fact find the answer (link #8: View your Attendee Summary report): "Review attendee purchase details like email address ..." I've found LLMs and search tools like Perplexity to be unreliable for answering questions like this for websites, as well as software. Which means I may not turn to them in cases where they actually would help. It's too bad they hallucinate a lot too.

Last month, Ente launched https://theyseeyourphotos.com/, a website and marketing stunt designed to turn Google’s technology against itself. People can upload any photo to the website, which is then sent to a Google Cloud computer vision program that writes a startlingly thorough three-paragraph description of it. (Ente prompts the AI model to document small details in the uploaded images.)

If you don’t want to upload your own picture, Ente gives people the option to experiment on Theyseeyourphotos using one of several stock images. Google’s computer vision is able to pick up on subtle details in them, like a person’s tattoo that appears to be of the letter G, or a child’s temporary tattoo of a leaf. “The whole point is that it is just a single photo,” Mohandas says. He hopes the website prompts people to imagine how much Google—or any AI company—can learn about them from analyzing thousands of their photos in the cloud in the same way.

A bipartisan group of 12 senators has urged the Transportation Security Administration’s inspector general to investigate the agency’s use of facial recognition, saying it poses a significant threat to privacy and civil liberties.

“This technology will soon be in use at hundreds of major and mid-size airports without an independent evaluation of the technology’s precision or an audit of whether there are sufficient safeguards in place to protect passenger privacy,” the senators wrote.

“While the TSA claims facial recognition is optional, it is confusing and intimidating to opt out of TSA’s facial recognition scans, and our offices have received numerous anecdotal reports of Transportation Security Officers (TSOs) becoming belligerent when a traveler askes to opt out, or simply being unaware of that right,” the senators wrote. They added that in some airports the signage instructing flyers to step in front of a camera is prominently displayed while signs advising passengers of their right to opt out of face scan is “strategically placed in inconspicuous locations.”

To opt out of a face scan at an airport, a traveler need only say that they decline facial recognition. They can then proceed normally through security by presenting an identification document, such as a driver’s license or passport.

New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.

Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.

But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.

A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.

This analysis uncovered concerning practices. There are enormous obstacles for consumers who want to find and understand the privacy terms. Some brands also make inaccurate claims that certain information is not “personal information”, implying the Privacy Act doesn’t apply to that data.

Some companies are also repurposing personal information for “marketing” or “research”, and sharing data with third parties.

cross-posted from: https://lemmy.zip/post/26286036

A guide to keeping your plans private through every step of an abortion in any state, including Florida and South Dakota

404 Media, along with Haaretz, Notus, and Krebs On Security recently reported on a company that captures smartphone location data from a variety of sources and collates that data into an easy-to-use tool to track devices’ (and, by proxy, individuals’) locations. The dangers that this tool presents are especially grave for those traveling to or from out-of-state reproductive health clinics, places of worship, and the border.

The tool, called Locate X, is run by a company called Babel Street. Locate X is designed for law enforcement, but an investigator working with Atlas Privacy, a data removal service, was able to gain access to Locate X by simply asserting that they planned to work with law enforcement in the future.

With an incoming administration adversarial to those most at risk from location tracking using tools like Locate X, the time is ripe to bolster our digital defenses. Now more than ever, attorneys general in states hostile to reproductive choice will be emboldened to use every tool at their disposal to incriminate those exerting their bodily autonomy. Locate X is a powerful tool they can use to do this. So here are some timely tips to help protect your location privacy.

• PayPal to Share Shopping Details
• LinkedIn Opts You In for AI Data Sharing
• 23andMe May Sell Your DNA Data

I didn't know where else to go, so if this is not the place, please let me know and I'll delete this.

I'm ready to port over to JMP.chat, and was wondering if anyone could share a referral link/code for me to avoid the 15 dollars activation of the number. I would really appreciate it.

First and foremost, I'll get this out of the way: I abhor all commercial social media. I don't trust them, I know users are the product, and - ultimately, I feel they're nothing but a cancer on society.

But, I also have to acknowledge that, for one or two use cases at least, they seem pretty unavoidable.

For me, that one use case is Facebook Marketplace. Here in Australia, there's simply no better alternative if you want to reach a large number of potentially interested buyers (or even buy some stuff yourself). The supermarket noticeboard is no more; the Trading Post was bought long ago and died on the vine; and Gumtree has devolved into a cesspool of nothing but scammers and fuckwits.

So, I use FB Marketplace. My FB account isn't in my name, uses a throwaway email address, and has no followers or friends. It's only a member of the local buy/sell groups that I'm interested in, and it performs no "social" activities (posts, likes, etc) at all.

Until now, I generally only use FB marketplace with a "clean", dedicated browser on my computer, running in private mode and via a VPN. But, it means I frequently miss messages from interested parties when I'm away from my computer.

I also sometimes use the mbasic.facebook.com site from a private Firefox tab on my iPhone, but FB has just started telling me I need to use Chrome (no. fucking. way.) or Safari (maaaaaybeeeee?) after October 28th.

When I was on Android, there were a few wrapper apps that I was able to use but, so far, my searches for an equivalent on iOS have turned up nothing.

So, knowing full well this may lead to nowhere, I thought I'd ask this community: does anyone have a good, privacy-friendly way to use FB on iOS?

Thanks in advance for any useful tips or suggestions.

With the looming presidential election, a United States Supreme Court majority that is hostile to civil rights, and a conservative effort to rollback AI safeguards, strong state privacy laws have never been more important.

But late last month, efforts to pass a federal comprehensive privacy law died in committee, leaving the future of privacy in the US unclear. Who that future serves largely rests on one crucial issue: the preemption of state law.

On one side, the biggest names in technology are trying to use their might to force Congress to override crucial state-level privacy laws that have protected people for years.

On the other side is the American Civil Liberties Union and 55 other organizations. We explained in our own letter to Congress how a federal bill that preempts state law would leave millions with fewer rights than they had before. It would also forbid state legislatures from passing stronger protections in the future, smothering progress for generations to come.

Preemption has long been the tech industry’s holy grail. But few know its history. It turns out, Big Tech is pulling straight from the toxic strategy that Big Tobacco used in the 1990s. Back then, Big Tobacco invented the “Accommodation Program,” a national campaign ultimately aimed at federal preemption of indoor smoking laws.

Phillip Morris and others in the tobacco industry implemented a three-step strategy which is only known through documents made public in litigation years later. Those documents reveal the inner workings of a nefarious corporate influence machine designed to quietly snuff out a democratic movement that threatened their profits. And now Big Tech is trying to do the same.

But it’s not too late. We can ensure our civil rights and civil liberties are protected in the digital age. But to defeat Big Tech’s strategy, first we must understand it.

Since it looks like Firefox might not be a good option for the long haul due to some disappointing decisions from its management, I'm on the lookout for privacy-friendly alternatives. I came across Cromite, which is based on Chromium and has an ad blocker. Has anyone tried it? From what I've seen, the built-in ad blocker seems pretty basic and not very customizable. Still, I think any alternative we choose should be based on Chromium, especially if we don’t want to wait ages for Ladybird.

cross-posted from: https://links.hackliberty.org/post/2932106

Image Transcription:

WHAT WILL A CASHLESS SOCIETY MEAN?

THE PROS

CONVENIENCE — THERE WILL NO LONGER BE ANY NEED TO CARRY CASH AROUND

THE CONS

EVERY TRANSACTION YOU MAKE WILL BE TRACKED YOUR SPENDING HABITS CAN BE LINKED TO YOUR CARBON FOOTPRINT

YOU WILL ONLY BE PERMITTED TO SPEND ON THINGS THE GOVERNMENT APPROVES OF. THINGS THAT ARE DEEMED TO BE LUXURIES — MEAT, FUEL, TRAVEL — CAN BE RESTRICTED

YOUR MONEY CAN BE PROGRAMMED WITH AN EXPIRY DATE — IF YOU DON’T SPEND IT BY A CERTAIN DATE, YOU'LL LOSE IT

THERE WILL BE NO ‘BLACK’ ECONOMY. IT WILL NOT BE POSSIBLE TO AVOID TAX, BUT THEN YOU WILL NOT BE ABLE TO GIVE POCKET MONEY TO CHILDREN OR GRANDCHILDREN AND NEITHER WILL YOU BE ABLE TO BORROW OR LEND MONEY TO FRIENDS WITHOUT THAT BEING TAXED BY THE GOVERNMENT

PARKING AND SPEEDING FINES WILL BE TAKEN AT SOURCE, WITHOUT THE POSSIBILITY OF CHALLENGE AND POSSIBLY EVEN WITHOUT YOUR KNOWLEDGE

IF YOU PROTEST THE ACTIONS OF THE GOVERNMENT, YOUR MONEY CAN BE SWITCHED OFF. IF YOU THINK THAT’S UNLIKELY, IT’S ALREADY HAPPENED TO TENS OF THOUSANDS OF CANADIANS WHEN THEY PROTESTED AND IT ALSO HAPPENED TO A BRITISH JOURNALIST

A CASHLESS SOCIETY MEANS THE END OF HUMAN FREEDOM

IF YOU WANT THAT, DO NOTHING

IF YOU DON'T, THE FIRST THING YOU MUST DO IS RESPOND TO THE GOVERNMENT'S PROPOSAL ON DIGITAL ID, UPON WHICH A CASHLESS SOCIETY MUST BE BASED

https://www.gov.uk/government/consultations/draft-legislation-to-help-more-people-prove-their- identity-online/consultation-on-draft-legislation-to-support-identity-verificat

Image Credit: Brett Scott

Another month, another attempt: Even though Hungary had to cancel the latest EU Council's vote on the Child Sexual Abuse (CSA) Regulation in June 2024 because there was no majority among member states, it tried again this Wednesday - without success. The tipping point was that the Dutch secret service clearly issued their opinion on the enormous threat to everybody's security should end-to-end encryption be weakened. Encryption is paramount for the digital resilience in Europe.

• https://blog.torproject.org/new-release-tor-browser-1357/
• https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680

Mozilla Firefox itself and all Mozilla Firefox forks should be updated accordingly once a new build is released.

Depending on where you're based, you'll find PayPal's new data-sharing option under a different name. Remember, you may not see this at all if you're based in a country that doesn't allow it.

If you're in the US, you should head to your profile Settings and tap on Data & privacy. Under Manage shared info, click on Personalized shopping. You should see the option enabled by default. Toggle off the button at the right to opt-out.

If you are in the UK like me, you'll see something different after you head to your profile Settings and tap on Data & privacy.

Under Manage your privacy settings, here you'll see an Interest-based marketing tab – click on it. At this point, two options will appear: Interest-based marketing on PayPal and Internet-based marketing on your accounts. You have to tap on each of these and toggle off the button at the right to opt-out. These instructions can also apply if you're based in the EU.

@privacyguides collaborators, it’s time to review the recommendation of Firefox as a good browser option…

From: @sarahjamielewis
https://mastodon.social/@sarahjamielewis/113245689258934184

cross-posted from: https://lemmy.zip/post/23512234

A new Federal Trade Commission (FTC) report confirms what EFF has been warning about for years: tech giants are widely harvesting and sharing your personal information to fuel their online behavioral advertising businesses.

Report: https://www.ftc.gov/news-events/news/press-releases/2024/09/ftc-staff-report-finds-large-social-media-video-streaming-companies-have-engaged-vast-surveillance

Tails will be incorporated “into the Tor Project’s structure,” which will allow for “easier collaboration, better sustainability, reduced overhead, and expanded training and outreach programs to counter a larger number of digital threats,” according to a blog post published today by the Tor Project