privacybro @ privacybro @lemmy.ninja

Posts

0

Comments

60

Joined

2 yr. ago

you're right about the IP thing. that's a good clarification rather than just "spy". i suppose it's less dire than Tutanota not encrypting incoming mails if you use tor and vpn by default.

yeah basically it more or less proves that swiss privacy is a bit stronger in this case vs Germany.

on the proton encryption, i did know about this but does that apply to proton-to-proton, proton-to-NonProton, or both? if you have details on this let me know.

either way the fact that they dont makes me feel that proton is a similar honeypot to signal and telegram, where they make a compromise with the five eyes, to give them metadata even if actual contents are safe. metadata can be much more powerful than contents often times

in general email is just the worst protocol when it comes to privacy. sadly.

You desperately need to use a custom rom. You have virtually zero mobile privacy until you do

False.

Proton can not be made to spy on customers most they can do is hand over info they already have

https://proton.me/blog/climate-activist-arrest

Proton's encryption cannot be bypassed by legal order. Tutanota's can.

https://techcrunch.com/2020/12/08/german-secure-email-provider-tutanota-forced-to-monitor-an-account-after-regional-court-ruling/

Great words

Anything beyond defaults will give you a permanent unique browser fingerprint, as ublock lists are detectable in the DOM

Just make another user profile and dont put a vpn on it (assuming android)

Also it still knows you're using vpn because split tunnel still uses the VPN provider's DNS server, so sounds like they are also checking who you DNS provider is.

They sound like complete scumbags. Switch banks lol.

I've never once seen a valid argument of why someone should not use a VPN.

This. They dont want you to make new disposable accounts.

Yeah mullvad browser plus vpn is the best bet for usability

Nah, Mull is a project of the guy that makes the DivestOS android os

Tutanota was (at least) compromised from the moment that they were ordered by German courts to spy on anyone that they were ordered to. Including skipping encryption upon email arrival. Why the hell they are suggested in the privacy space after that just proves how retarded most privacy bros are.

Why do people say these things on a privacy board? Are you a fed? Lol take ur icloud and gtfo

What's your badge number? Or are you contracted

Haha was thinking the same

Well said

What's wrong with Bandcamp? What drama?

Mullvad browser is the best i think

I have been doing fingerprint research for several years. I've done countless builds with various browsers, configurations, extensions, and strategies. (Yes i have too much time for this).

Here is what I've concluded. I hope this helps someone.

CoverYourTrack is crap, plain and simple. Your best option will always be to randomize. Always. You will not "blend in". I don't care if you run Google Chrome on Windows 10 or Safari on iOS, JavaScript exposes way too much info, you will always have a unique fingeprint. Just go play around with fingerprint.com on some normie browser/os setups and you will see what i mean.

You must randomize all the values that you see on sites like browserleaks.com. canvas, audio context, webgl hash, clientrects, fonts, etc etc. I'd also make sure you are proxifying all your browsers and using random locations. You can do this with Brave somewhat, which has some randomization stuff in it. You can do this with browser extensions as well. Ungoogled chromium also has some randomization for canvas and clientrects i think

There are only a couple options outside of this that I recommend, in the realm of "generic fingerprint" solutions. TOR browser (they have been on the front lines of this for many years). And also Mullvad browser, which, despite its generic fingerprint goal, seems to also defeat fingerprint.com.

Tldr, if you want the best experience out of the box that is also very usable, just use Mullvad Browser. They are basically the browser i wished for for like a decade.

I think it's a good idea to buy a private domain but one should also use a privacy respecting email and aliasing service too. Because if your threat model calls for it, one can easily correlate all your aliases that go back to your own personal domain. Using something like SimpleLogin or anonaddy gives you an anonymity set.

Lol fr. It's like they watched all the movies and books about dystopia and thought, "okay, this looks good, let's do this"

Even the wording and grammar sounds like they are doing a 1984 parody