This is a copy of the #DDG-related post that Bruce #Schneier #censored at
Corporations funding anti-abortion campaigns:
Archer Daniels Midland
Capital One Financial
For those who host a Fediverse server, this might be worth reading:
It would really suck if fedi servers started getting taken offline because of the incompetence of the cyber-security community.
@realcaseyrollins #Soapbox is a #Cloudflare site that asks for money “to support our mission to make decentralized social media the new standard and protect users from the abuses of Big Tech.” Yikes. Cloudflare sites are the opposite of decentralized & they surreptitiously feed you (& your private DMs) to “Big Tech”. Thus @email@example.com is not “sexy”. #hypocrisy
The fact that “torsocks lynx $onion_url” fails demonstrates torsocks is leaky, fragile, & circumventable. Whenever #Tor users use torsocks, it only replaces some system calls; it does not force the app to use the calls that it replaces. Yet when running “torsocks lynx -dump -nolist https://wtfismyip.com/json”, it works as expected 🤔 So is #Lynx strictly a DNS leaker? #askFedi
By “in-band”, I mean an informal method using Tootle that’s conducive to “eating one’s own dog food” (so to speak) which has a remote chance of being noticed by Tootle devs. I don’t imagine that you would want your personal mentions to get polluted with bug reports.
Notice from the poll above MS #Github is a non-starter for many.
BTW, thanks for creating Tootle- much appreciated!
Apple tracks you, even if you don't have Apple devices
iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing.
I never use scooter/bicycle rentals because they force you to run non-free s/w from Google Playstore. I brand that whole industry as privacy-naïve. Well now 120,000 passports, driver licenses, & other ID docs have been found online: https://flipboard.com/topic/asia/thousands-of-mobike-users-passports-and-ids-exposed-online/a-OYK9mKRTStmeaLeHavXAYA:a:3199687-4ee7e6317c%2Ftechcrunch.com
If #Gitlab is racking in $87.4 million in one quarter, then they can afford to take their flagship instance off of #Cloudflare. https://siliconangle.com/2022/06/06/devops-darling-gitlab-displays-strong-growth-easily-beats-earnings-revenue-targets/
Bad address: https://www.аррӏе.com/
Good address: https://www.apple.com/
See the difference?
Me neither. The first one is using Cyrillic charset, the 2nd one - regular Latin
So, how to avoid getting shagged by the Bad Guys?
Not sure about other browsers; in Firefox, you go to about:config, find the network.IDN_show_punycode option and set it to true. From now on, any URLs based on charsets other than Latin will be shown as hex codes.
Belgium wants to ban Signal – a harbinger of European policy to come - European Digital Rights (EDRi): https://edri.org/our-work/belgium-wants-to-ban-signal-a-harbinger-of-european-policy-to-come/
It’s somewhat of a show-stopper. The only thing worse than spam is ham getting spam treatment. Legit msgs should always be reachable.
Another onionmail.info defect (I think): there is no way to access your spam folder. What happens when the server erroneously judges a msg to be spam? POP3 has no concept of folders… no way to access a spam folder. It’s a general blanket problem with all email providers but usually there’s at least a manual way to reach your spam folder. Not with #OnionMail.
Anyone who uses #OnionMail.info: the server list shows all servers are 100%. That’s bogus. One of those nodes have been down for a week and the stats still show 100% availability.
If more people would take a stand against unreasonable demands from privacy abusing walled gardens, the unreasonable demands would suddenly become less profitable & thus less prevalent.
A Mastodon instance for info/cyber security-minded people.