• 2 Posts
  • 18 Comments
Joined 2 months ago
cake
Cake day: September 16th, 2024

help-circle
  • It’s normal but people don’t like it. Just ask the people you know if they are ok with all the mass surveillance, they don’t like it. But it’s just too difficult for them to do anything about it. They don’t like this “small beginner steps” approach to privacy. They want complete privacy without effort or nothing at all and they don’t want to pay for it. It’s laughable and sad but that’s my experience talking about privacy with people. But the point here i guess is that mass surveillance has been forced on us all. They create a new wonderful technology with lots of use case but then they also add in some mass surveillance on it as well as a bonus.


  • You think i’m intentionally spreading misinformation and I think you are a fed. I won’t argue more against you but anyone fair and objective can see that the mistake I made was a simple mistake to make. feds have as a fact been spying on our push notifications in secret and i thought that included signal’s push notifications. Simple mistake which I already admitted to being wrong about. You are making this into a bigger deal than it has to be because you are a fed.

    You also are intentionally lying (because you are a fed) about that is the only thing the topic is about. For example, if someone is using Signal on Windows OS then I think there’s a high chance the conversation isn’t private. But I think you already know all this but you pretend not to.





  • Good suggestion about analyzing network packets. I don’t know anything about how to do that except there are tools like wireshark which can help but I still have no knowledge on doing that. And I think you would need to make a script to monitor it for you because it would probably only (talking theoretically now) phone home very quickly on rare occasions, it wouldn’t be continous. So your script would have to be able to detect these short and rare anomalies. I don’t know anything about how to do any of this though but I will add it to my todo list down the road.

    Another problem is you might need to get the NSA’s attention first and make yourself a target. You also need to make sure there is no other way for them to spy on you, so they are left with only using intel me as their last resort.

    So because I don’t know anything about analyzing network packets I can’t say if you’re right but it does seem convincing. And it would be great for security in general as well, not only for investigating intel ME. I will definitely learn more about this later.


  • I think a big part of it comes down to what threats are there in theory and what threats are there actually. The problem is that the theoretical threats are possible, they’re not unrealistic and that’s why it doesn’t feel good to not be protected against the theoretical threats but we maybe need to try and accept they are too unlikely to be active threats. Trying to protect from theoretical threats is kind of like trying to protect your house from having an airplane fall down from the sky into your house. Or maybe this is just my trying to cope.

    And how do we know what threats are theoretical vs active threats? Just have to keep learning and learning, it takes a long time. Talking in privacy and security communities can help speed up the learning.


  • Yeah, i did use words that express feelings in this topic I created and it was intentional because when people have to deal with something that involves uncertainty or something so advanced they don’t understand it entirely then they can become uncomfortable and scared even though maybe there isn’t something to be scared about or maybe the fear is justified.

    My post was intended to be a discussion starter so we can dig into this, get to the truth and help everyone including myself to understand everything better.


  • “spreading misinformation” is a phrase mostly used by feds when they see something they consider to be “wrong think” or not “politically correct”. They use this anti-misinformation campaign to support their censorship and mass surveillance system.

    When discussing advanced IT topics it would be more appropriate to just correct someone and say they are wrong because it’s easy to be get a detail wrong in advanced it topics.

    And I am mostly right, I just seem to have been wrong on the detail about Signal push notifications. I admit that I made a mistake on that but otherwise it is official that Apple and Google at least used to share push notification data with governments. This comes from the DOJ senator Wyden saying these corporations can secretly share this data with governments and can include the unencrypted text which is displayed in the notification.

    I think this discussion has been very constructive because when we can correct each other and learn that is great.




  • Why not is the question and that comes down to guessing. Sheep do what they are told so don’t need to guess much there. Those who are not sheep have to go through a long journey to gradually keep increasing their privacy and unlearn the sheep habits we’ve been conditioned to have.

    The end goal is to throw away your phone because you can do everything on your computer instead including buying a phone number, using voip and take and make calls. Phones are unnecessary spy devices used by sheep.



  • I don’t have experience with that yet. Are you talking about a PI hole? Can you give a little idea on how to make such firewall rules? Because I want to have a laptop with many VMs or Qubes and each VM has different firewall rules. An email qube would only allow connection to the email server. Maybe one of the safe browsing VMs would only allow connections to the websites I typically visit. The unsafe VM maybe to everything except for known bad IPs/domains.

    And NSA and other potential adversaries most likely have access to at least one domain that isn’t blocked by firewall.






  • chappedafloat@lemmy.wtftoPrivacy@lemmy.mlRecommendation for Email-Provider
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    2 months ago

    I dont think it matters if an email service is a honeypot because if you want E2EE communication then use Signal, not email. And if you are sending emails to other email providers then there’s probably not E2EE and it’s unecessary to be a honeypot because the metadata can be collected anyway very easily. Almost all data passes through Google/Microsoft/Amazon/Cloudflare.



  • what kind of risks are there with buying a second hand phone? I don’t know so much about how phones work. But for example with a laptop they could in theory implant all kinds of hidden spyware and backdoors in the firmware and it would be impossible to find it and remove it. The only protection against that is that we believe it’s so unlikely someone random would do that. So that is just an example what I’m talking about when I ask about what the risks would be when buying a second hand phone?