Privacy

Fauxx is an open-source Android privacy tool that poisons data broker and ad-tech profiles by generating continuous, plausible, off-demographic synthetic activity from your device. The goal is simple: make your real behavioral signal statistically indistinguishable from noise.

Not my project, but though this is really cool and worth sharing.

If you have any feedback, feel free to post it.

Even if an employer doesn't require the new ID, remember the UK government said that all IDs will soon have to be verified digitally. That suggests the employer will send the ID image or data to a government server which will respond with whether the person is allowed to work. So all IDs will essentially be turned into digital IDs and the government can make individuals unemployable if they do something the government doesn't like.

I spent some time trying to get this to work so I thought I might as well share it if anyone is interested.

First create a new network: $ podman network create gluetun, then create a new container file:

$ touch ~/.config/containers/systemd/gluetun.container

Populate it with the VPN configuration, below is an example using Proton.

[Unit]
Description=Gluetun VPN Client
Wants=network-online.target
After=network-online.target
After=local-fs.target

[Container]
Network=gluetun
Image=docker.io/qmcgaw/gluetun
ContainerName=gluetun
AutoUpdate=registry

AddCapability=NET_ADMIN
AddCapability=NET_RAW
PodmanArgs=--device=/dev/net/tun:/dev/net/tun --privileged

Environment=VPN_SERVICE_PROVIDER=protonvpn
Environment=VPN_TYPE=wireguard
Environment=WIREGUARD_PRIVATE_KEY=
Environment=VPN_PORT_FORWARDING=off
Environment=PORT_FORWARD_ONLY=off
Environment=SERVER_COUNTRIES=

[Service]
Restart=always

[Install]
WantedBy=multi-user.target default.target

Reload the systemd daemons and run the container.

$ systemctl --user daemon-reload
$ systemctl --user start gluetun

Then create a distrobox-assemble ini file:

[fedora]
additional_packages="brave-browser"
pre_init_hooks="dnf config-manager addrepo --from-repofile=https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo"
init=false
image="registry.fedoraproject.org/fedora:latest"
nvidia=false
pull=true
root=false
replace=true
start_now=true
unshare_netns=true
additional_flags="--network container:gluetun"

Feel free to replace Brave with something else. Then create it, enter it and run the browser:

$ distrobox-assemble create --file /path/to/file.ini
$ distrobox enter fedora
$ brave-browser

If you have any suggestions on how to improve this setup I'd love to hear them!

OC by @electrochemistry@lemmy.dbzer0.com

With paid developers gone and only volunteers remaining, the app has until July 8 to secure funding or fade into irrelevance.

cross-posted from: https://lemmy.today/post/52903710

Since Microsoft owns Github, Gitlab is Corp owned now since 2022, why are so many who preach privacy or using Linux, etc, still using a MS product?

Genuine questions. I'm assumming either familiarity & simplicity with GH or difficulty migrating elsewhere?

A reminder to leave a negative review for the apps that force you to use google play services or completely don't work on custom android ROM's.

https://play.google.com/store/apps/details?id=com.smart_id This was the app. A lot of banks use it here in Lithuania for logging in, confirming transactions.

Linked article about a lawsuit in California. AI was used to transcribe conversations between patients and drs. Audio is sent to the cloud for processing. This is becoming very common in healthcare now. Some sources say 80% of physicians in the US and Canada use these.

They aren't suing under HIPAA. Rather, under some California state laws.

Company says it is HIPAA compliant. That's prob true. They prob also make a good faith effort to protect the data. But it is impossible.

This event happened in Ontario. An AI transcriber breached confidental pt data, inc diagnoses, treatment notes, etc.

AI bot sends confidential info to Ontario hospital patients after recording doctors’ meeting

Even with the best intentions, there are endless breaches from electronic health data systems.

Also. Merely knowing your convo between you and your dr is recorded can change how honest ppl will be with their dr. You prob trust your dr. But when everything you say them is recorded, you may not trust what happens after that.

Fortunately most drs will let pts opt out of these, if you ask.

Internet shutdowns are devastating for human rights. We can’t rely on tech oligarchs to save us, especially when these same companies and governments are the ones to sever our access to the internet and telecommunications. This is why it's important to set up communication mechanisms before a disaster happens.

A recently discovered bug in Android 16 allows any app to leak traffic outside the VPN tunnel.

The bug was reported to the Android Security Team, but was closed as Won’t Fix (Infeasible) [...] In contrast, GrapheneOS, a security-focused Android-based OS, quickly patched the issue in its codebase.

A mitigation is possible, but is quite technical in that it requires USB debugging to be enabled on the device in order to run the following Android Debug Bridge (adb) commands:

adb shell device_config put tethering close_quic_connection -1

adb reboot

https://archive.ph/s3jcT

Peace and data security be upon you all.

This is my German-language site on Codeberg:

https://aurora-shine.codeberg.page/no-google-track/

It covers Google's abuse of power, Project Nimbus, and more. I also list alternative browsers and search engines, complete with pros and cons. I show you how to block Google services using uBlock Origin and strengthen your browser using the hidden about:config menu. The entire text is in German, but I hope automatic browser translation works well enough for you to understand. If you have questions, feel free to message me ( @AuroraShine@lemmy.ml)

By Developer @AuroraShine@lemmy.ml

cross-posted from: https://retrofed.com/c/unitedkingdom/p/974999/nhs-to-grant-palantir-contractors-unlimited-access-to-patient-data

I am trying to choose an email provider, to use with my identifying accounts (like banks, gov ids, etc.). I feel that emails for such cases do not need to be end-to-end encrypted, since most information would already be present with banks, gov, etc.

So I was looking at non-E2EE emails - Mailbox and Posteo.

• Between Posteo and Mailbox - which one do you use / is better in terms of privacy?

I noticed that both of these are hosted in Germany. With rise in popularity of right wing party, a bunch of stuff around chat control and verification, and even normal German government support for Israel, I was wondering whether I should look for other solutions hosted elsewhere. Or use Proton / Tuta instead?

Also, I am not sure if any of these companies support right-wing or Israel themselves?

Do you have any suggestions regarding this?

Google's reCAPTCHA service is reportedly broken for users on de-Googled Android devices, raising accessibility and privacy concerns.

You might find this write-up on the EU age verification plans interesting. It links the actual EU plans with quotes from them, too.