[-] privsecfoss@feddit.dk 44 points 2 weeks ago

Someone mentioned that M365 is properly not legal. Guess what, it isn't.

The EDPS (European Data Protection Supervisor) investgated the EU-Commissions' use of M365 and found it to be illegal in march 2024. EPDS gave the Commission until December 2024 to, among other things, stop transfers of Personal Information to third countries in M365 outside the EU. Which of course made the Commission sue the EDPS. And MS to do the same..

So M365 is NOT legal to use for any Public Institution in the EU. Unless the Controller make Microsoft change their DPA, contract etc. Kinda like MS did for the Dutch government after the dutch firm Privacy Company made an in depth analysis of M365 and found numerous illegal processing etc.

Fun how Microsoft was made aware of how they acted illegal, and changed it - only for the Dutch Government...!! The rest of their Customers still have the illegal DPA, terms etc... Also fun how it is Common knowledge and IT-departments still choose to use M365, and move as much as possible there from more privacy and security oriented services.

EDPS investigation into the Commissions use of M365: https://www.edps.europa.eu/press-publications/press-news/press-releases/2024/european-commissions-use-microsoft-365-infringes-data-protection-law-eu-institutions-and-bodies_en

My point? EU-Linux is a fantastic idea! 🙂

[-] privsecfoss@feddit.dk 35 points 4 months ago
[-] privsecfoss@feddit.dk 11 points 6 months ago

Nice. Upgraded a Thinkpad, installed Linux Mint and gave it to my dad. I have not heard anything from him about it for a couple of months. Was reminded of it with your post.

So wrote him right now and asked how it was going, and he replied that he loved it and uses it every day.

And that he had not had any problems he could not solve on his own. He's 70 and a windows only heavy user - until now 🙂

As you said. Compelety painless.

[-] privsecfoss@feddit.dk 49 points 9 months ago* (last edited 9 months ago)

I don't where you live. But almost all of bigtech US cloud is problematic (Read: Illegal to use) for storing or processing of Personal information according to the GDPR if you're based in the EU. Don't know about HIPPA and other non-EU legislation. But almost all cloudservices use US bigtech as a subprocessor under the hood. Which means that the use of AI and cloud is most likely not GDPR-complaint. Which you could mention to the right people and hope they listen.

Edit: It's illegal to use for the processing of the patients PII, because of transfer to insecure third countries and because bigtech uses the data for their own purposes without any legal basis.

Edit 2: The same is the case with your, and your colleagues PII.

In my opinion privacy and GDPR is the same in this case. I think most public authorities is required to have a DPO, fx hospitals or the relevant health authority. The DPO can help answer your and your bosses questions on the mentioned questions.

Hope you figure it out.

[-] privsecfoss@feddit.dk 38 points 1 year ago

He made the world a better place.

[-] privsecfoss@feddit.dk 16 points 1 year ago* (last edited 1 year ago)

Something that would do that neoliberism in the 80's with Reagan and Thatcher would not become the dominating political and economic theory it has been since that time.

[-] privsecfoss@feddit.dk 40 points 1 year ago* (last edited 1 year ago)

It's Meta's nonsense reply to being forced by the European data protection authorities (EDPB) to get consent before processing users data, which they should have from the beginning: https://edpb.europa.eu/news/news/2023/edpb-urgent-binding-decision-processing-personal-data-behavioural-advertising-meta_en

[-] privsecfoss@feddit.dk 94 points 1 year ago

Work with informationsecurity and GDPR. And know as a fact that many danish municipalities which administrate the libraries are using, and are happy with, Linux as public facing citizen PC's in libraries.

They use OS2borgerPC, which translates to OS2citizenPC which is maintained and supported by the danish company Magenta. But it's open source, so if you are in another country you could just use it - or better, give Magenta a call. They're great and very reseaonable.

Magenta: https://www.magenta.dk/en/ OS2borgerPC on github: https://github.com/OS2borgerPC

[-] privsecfoss@feddit.dk 11 points 1 year ago

Nice try, Microsoft

[-] privsecfoss@feddit.dk 20 points 1 year ago

A Library. Or if digital, Wikipedia and Archive.org.

[-] privsecfoss@feddit.dk 23 points 1 year ago

I like Aegis being FOSS and for it's backup.

[-] privsecfoss@feddit.dk 26 points 1 year ago

As far as possible I try to avoid:

  • All things from big tech because privacy, see Schrems II and their terms on use of personal information for own purposes

  • Non Open Source tech because privacy or other malicious functions

  • Tech that are prone to planned obsolescence because of special batteries etc. and can't be fixed with for example a custom ROM on Android

2
submitted 1 year ago by privsecfoss@feddit.dk to c/foss@beehaw.org

How do you manage GPG / PGP Keys on android and Linux, and why?

0
submitted 1 year ago* (last edited 1 year ago) by privsecfoss@feddit.dk to c/firefox@lemmy.ml

I use uBlock Origin and make some changes to the default settings. Have seen recommend configs, but haven't gotten to implement them yet.

What do you do to make Firefox even more privacy respecting and secure?

55
submitted 1 year ago by privsecfoss@feddit.dk to c/foss@beehaw.org

Nice to haves:

  • Phone
  • GPS
  • Possibility for FOSS tracking fx using something like PhoneTrack and Nextcloud
100
submitted 1 year ago* (last edited 1 year ago) by privsecfoss@feddit.dk to c/foss@beehaw.org

I'll start:

  • RSS and blogs, news vs. social media
  • XMPP vs. WhatsApp/FB messenger/Snapchat
  • IRC vs. Matrix, Teams, Discord etc.
  • Forums vs. Social media, Reddit, Lemmy(?)
47
submitted 1 year ago* (last edited 1 year ago) by privsecfoss@feddit.dk to c/foss@beehaw.org

It is battle tested, standardized, widely used, have open source servers and apps, end-to-end encryption (OMEMO), self-hostable and are low on ressources and federated / decentralized.

I use it with family and friends. Conversations and blabber.im on android and Gajim on Linux. There's also apps for windows and Apple.

Curious if anyone here use it and why, why not?

EDIT: Doh. In these Lemmy times I forgot federated. Added.

1
submitted 1 year ago* (last edited 1 year ago) by privsecfoss@feddit.dk to c/linux@lemmy.ml

I use CalDav for calendar, contacts and tasks sync and share with the rest of the family.

Server is Nextcloud with WebDav/WebCal/CardDav and DavX5, Etar calendar, native contacts and OpenTasks on android. On Linux WebDav to access and sync Nextcloud files.

How do you use them?

Edit: Added CardDav for contacts.

1
submitted 1 year ago* (last edited 1 year ago) by privsecfoss@feddit.dk to c/foss@beehaw.org

I use it for news aggregation with Nextcloud news. Also for podcasts and PeerTube channels. Anyone using RSS for other things?

3
submitted 1 year ago by privsecfoss@feddit.dk to c/privacy@lemmy.ml

Currently using: Aeris, BitWarden, VeraCrypt, GPG etc. What are your standard and can't live without privacy/security apps?

0

As the title says: What is the best native Linux games?

1
submitted 1 year ago by privsecfoss@feddit.dk to c/foss@beehaw.org

I am using duplicati and thinking of switching to Borg. What do you use and why?

0
submitted 1 year ago by privsecfoss@feddit.dk to c/android@lemmy.ml

Is GrapheneOS the best, and why?

view more: next ›

privsecfoss

joined 1 year ago