What are your thoughts on the balance between national security and individual privacy? Where do you draw the line?
Leraje @ leraje @lemmy.blahaj.zone Posts 45Comments 834Joined 2 yr. ago
Leraje @ leraje @lemmy.blahaj.zone
Posts
45
Comments
834
Joined
2 yr. ago
More than happy for google to tie my searches to the VPS' IP.
Whoever wants to can profile as much as they like. My VPN's always on and I rent the VPS using Monero.
It's now a better search engine in that VPN users don't get thrown off after two searches anymore. But the fact that it's owned by a data harvesting company means it's a risk to use.
Lots of people mentioning Kagi. Sorry, but any engine that needs an account to work is not for me. They say you can pay anonymously, but none of their payment methods are anonymous. And $10 per month for unlimited searches?
I take the opposite view - you definitely should host it yourself. Any public instance you don't directly control can insert any sort of code they want to.
A cheap VPS, rented using Monero, with SearXNG on it ensures privacy.
There's a self-hosting Community here: !selfhosted@lemmy.world
But for a pretty easy and low cost way to get started you can't go wrong with yunohost - it has lots of music server apps such as funkwhale, amapache etc.
Ohio voters enshrine abortion access in constitution in latest statewide win for reproductive rights
Jump
Fucking well done Ohio.
That vpn analogy makes sense so I mean is it necessary for home/cell data use and have it running 24/7 or would I only need it when I’m say connecting to some other network
Your call really. I have mine running at all times on all my devices. There's no data limit and no downside to having it on. Some sites block VPN's but if that happens, or if you want to access something through your normal ISP connection, some VPN's let you do what's called Split Tunneling, which means you can temporarily let an application skip the VPN.
But I’m assuming it works like...
Exactly that. When you download the Filen application on your devices you can set as many what Filen calls 'Syncs' as you like. You tell it to constantly watch a directory on your machine and any changes that are made to the contents of that directory (such as you making a change to your Word doc or pasting in a bunch of files) get encrypted then uploaded instantly to a directory in your account on the Filen web server. It's like having a clone of the directories you choose to watch.
Then, if you want to have access to those same files on your lappy, you create a watched directory on that machine via Filen, do a one time download/sync and from that point on changes you make to those files/directories on either machine will be synced to the other one via your Filen acct.
You can also upload things in non-watched directories so they're there without being constantly overwritten - for backup purposes mainly.
As for Bitwarden and Tutanota (which someone else recommended) is there any reason to use those over proton
It's largely preference. Bitwarden and Tuta (they renamed themselves today lol) do one job each and do it really, really well. Proton do lots of different things and I've heard mutterings that their products are slightly lacking. There's also the 'eggs in one basket' thing too. If you use proton for your VPN, email, Drive etc etc then if they're down for a few hours or the company folds, you're screwed. That's not likely to happen of course but even so.
does Filen allow me to edit files without having to download, edit, then reupload
No, it doesn't. What Filen (and Proton I think) do is monitor directories and files on your devices for changes. So if I'm working in Word for example, I save the document to a directory that I know Filen is monitoring. Every time I save the file, Filen detects that and uploads an encrypted copy to my cloud account. So, unlike OneDrive or GDrive which allow you to edit files in the cloud, with Filen/Proton etc you make all your changes locally and just let it do its thing.
I mean is that what they do?
So imagine all your devices (PC, lappy, mobile etc) connected to your router at home. Lets pretend instead of wifi or cable, they're connected via a transparent garden hose. Your ISP can see everything that passes through these hoses because they're transparent.
A VPN is like an opaque, protected hose within that hose. It's technically known as a tunnel. Instead of data passing through the outer hose, it now passes through the inner, encrypted hose, meaning your ISP can't see anything inside it. Your data is now invisible to them. All they can see is that your using a VPN.
Your ISP also does all your DNS resolution. DNS is the thing that when you go to somewebsite.com it turns it into the IP address of the server that the website at somewebsite.com lives on. Most good VPN's also takeover DNS resolution too meaning that not only can your ISP not see your data they also can't see what sites you're visiting.
Lastly, when you visit any website, they now can't see your ISP provided IP address, they only see the IP address of the VPN server you're connected to. Some people use this to pretend they're in the USA when they're actually in, say, the UK so they can access things like the US version of Netflix.
Weird. Wonder why that is. I can see the three 3 posts but its says zero subs.
It's not exactly the same thing but Revolut is probably the closest thing to what Privacy.com offer.
That Community's deader than Thatcher. There's literally zero subscribers.
Thanks to everyone who suggested something. I've settled on a bottle of Angel's Envy.
For taking action regarding your OS, Shut Up Win is good. It works on both 10 and 11. You don't even need to install it, just download it (it's free) and double click to run it. If you stick to the 'recommended' settings you'll have a more private OS without disabling anything you might actually want. As you get more knowledgeable or confident you can apply the stricter settings. And to revert changes just run the file again and turn off what you turned on.
Switching to Firefox was a good step but I'd take it one step further, export your passwords from FFox, download BitWarden for each of your devices and import all your passwords into BitWarden. You need to create an account with them (all this is free by the way) and it would be good if you had a non-GMail account to create your BitWarden account.
Tutanota are a well respected company and offer a free (but limited in terms of storage space) option, including a calendar. If you like their service you can pay (about $3 per month) to get much more storage space and other things.
When I left GMail, I made a list of all the 'official' stuff (banking etc) and family/friends that had my email. I then emailed them informing them I was changing my email (one email, BCC'd). I then changed my email on all the less vital stuff I could remember and lastly set an auto responder on my old GMail saying the gmail account was no longer in use. This bit takes some time there's no getting around it.
Lots of people have recommended Proton, so I won't. But there are quite a few good, easy to use privacy respecting options to replace your OneDrive. I personally really like Filen. They have a free 'starter' option (10gb space) to see if you like the service. You just create an account and install the apps on all your devices.
Going back to FFox, install the extensions uBO which will kill trackers for you, MultiAccount Containers which allows you to use (and create your own) Containers so (for example) you could set a Container for Facebook and know that if you access facebook in that contained tab all the crap Meta put on your machine can't access any other part of your browser.
Search engines you can use that are privacy respecting include DuckDuckGo and StartPage.
You might also want to consider a VPN. They don't make you anonymous but because they encrypt your data before it leaves your device(s), your ISP won't know what site's you're viewing. Most of the good ones use their own privacy respecting DNS too. Good ones include, IVPN and Mullvad.
I would imagine it depends on the provider. I know you can change to a custom DNS in IVPN, AirVPN and Mullvad.
Not to be a crypto-bro, but if you bought a domain and hosting from, say njal.la or incognet using Monero and you only connected to your hosts to SSH/FTP behind a good VPN, there's not much anyone could do to discover who you are.
That's the beauty of the scheme! The kids will be so grateful, they'll work for free!!! And their fingers are so small and nimble, they'll only be about 75% likely to get hideously mutilated.
Good idea Suella! And after that, so they don't all freeze to death, we could build huge great 'houses' for the 'poor' (we can think of a catchy name later). And then obviously, as we can't just give these lucky people something for free, we can put them to work 18 hour days for the privilege of living there.
Hi fellow Brit :)
- VPN, they don't make you anonymous but they do encrypt your data between your machine(s) and your ISP so the ISP can no longer see (and record) every site you visit and the sites you do visit don't know the ISP you're using. IVPN and Mullvad are both good.
- Switch your email to a privacy friendly alternative like Tutanota, Startmail, Mailbox or Proton, especially one that lets you have aliases.
- Use Firefox (or even better, LibreWolf) with Containers enabled. If you set up a (for example) FB Container you could use FB in a contained tab secure in the knowledge any data it leaves on your machine can't escape the Container. Also install UBO extension to prevent tracking.
- Switch to a privacy respecting search engine - best of all are self hosted instances of SearX or Whoogle but, failing that, DDG and StartPage are both good.
- If you use cloud storage, change from Dropbox/GDrive etc to something like Filen or Proton.
- If you can, use Signal for chats. I say 'if you can' because obviously it means trying to persuade all your family/friends to use it too.
- If you use Android, degoogle your mobile as much as possible, try and ditch as many corporate controlled apps as possible, use open source alternatives, avoid the Play store etc.
The gvmt in my country (UK) have stoked fears about security to pass, and begin the process of passing, various bits of legislation to curtail both activity and privacy - laws to make strike action nearly impossible, laws to class any demonstration or protest as contravening public order, the online safety bill to break encryption, laws to criminalise dissent and perceived 'anti britishness' and are introducing plans to roll out more and more facial recognition systems everywhere.
Of course there is online crime, including CSAM and terrorists organising shit, but the legislation they've both passed and are planning to pass does nothing to stop these things e.g. making Signal break users encrypted messages won't prevent CSAM as the abuse has already happened to the victim, it's also trivial for anyone with a basic knowledge to set up their own encrypted service so that's where they'll go. Lastly the people it will affect is the faith of those using Signal et al quite legitimately.
What the gvmt are doing is assuming we're all criminals and that it's therefore totally legitimate to pry into every corner of our lives. What they should be doing is enacting legislation that will work to prevent things like CSAM from happening in the first place.