HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jonaharagon

no profile record

Submissions

[untitled]

1 points·by jonaharagon·8 tháng trước·0 comments

Privacy Guides: Memory Integrity Enforcement Changes the Game on iOS

privacyguides.org
1 points·by jonaharagon·10 tháng trước·0 comments

Ghosts in the Machine: The Fight for Privacy After Death

privacyguides.org
4 points·by jonaharagon·10 tháng trước·0 comments

Privacy Is Also Protecting the Data of Others

privacyguides.org
9 points·by jonaharagon·năm ngoái·0 comments

Proton Wallet Review: Is Proton Losing Touch?

privacyguides.org
3 points·by jonaharagon·2 năm trước·1 comments

[untitled]

20 points·by jonaharagon·2 năm trước·0 comments

comments

jonaharagon
·3 tháng trước·discuss
Reading the actual text of the bill, it seems like a first-boot date of birth prompt and everything else you’ve described is exactly what the bill is asking for actually.
jonaharagon
·10 tháng trước·discuss
True, and this is also the case in many other countries. Even if it is revocable by future legislation though, having pro-privacy laws on the books to prevent the current executive powers-that-be from abusing them would still be helpful.
jonaharagon
·10 tháng trước·discuss
I mean that'd certainly be nice, and it is also their only job, but even if they wanted to do it in regular legislation that'd be better than nothing.

Make a law that says companies have to protect the data of their citizens without the possibility of any intentional backdoor, perhaps. Make a law that says companies can't require people to dox themselves with ID scans simply to use a publicly available internet platform that provides no services in the physical world. Make a law that says OS developers can't create client-side scanning services that upload results off-device without revocable user consent.
jonaharagon
·10 tháng trước·discuss
Realistically the EU only cares about protecting their citizens from private companies, and especially American ones. When it comes to government overreach they know virtually no bounds.

Then the US on the other hand does decently protect its citizens from the government itself (well, this recent year/administration notwithstanding), only because the US government knows full well they can just turn around and grab all the data they want from the private American companies they don't regulate at all.

Two approaches with the same outcome, absolutely.
jonaharagon
·10 tháng trước·discuss
I shared your comment with the author and we're going to reorder some of the sentences in a little bit to highlight the fact it's a backdoor earlier. We've talked about Chat Control so much over so many years (because it keeps reappearing) that it's easy to forget many haven't heard of it lol
jonaharagon
·10 tháng trước·discuss
> They start outlawing encryption altogether?

This is the direction places like the UK have gone in, yes. Can't decrypt something? Then we assume it is illegal content.
jonaharagon
·10 tháng trước·discuss
> Do they think they're above it?

Yes, the lawmakers literally exempt themselves from this law in this law.
jonaharagon
·10 tháng trước·discuss
Totally. This is exactly the problem with things like Chat Control in the EU and KOSA in the US. They will just introduce the same bill over and over and over again until they get the desired result.

What we need is for legislatures to pass "NO Chat Control" and "NO KOSA" bills that specifically block this behavior, but unsurprisingly governments don't seem to be too keen about limiting their own rights, only those of their citizens.
jonaharagon
·12 tháng trước·discuss
You can disable purchase sharing and still do subscription sharing, which completely solves this problem.
jonaharagon
·năm ngoái·discuss
This post is 3 years old and mostly talking about a completely different website, because the poster didn’t know privacyguides.org moved to a new domain after the old one was hijacked.

https://www.reddit.com/r/PrivacyGuides/comments/thnjjf/comme...
jonaharagon
·năm ngoái·discuss
We cover that too [0]. In addition, while I wouldn't blanket recommend a VPN usually, it's important to use a VPN in conjunction with Mullvad Browser (specifically). If you're not blending in with a crowd of similar browsers at the network level too, the fingerprinting protections are a bit pointless.

> Like Tor Browser, Mullvad Browser is designed to prevent fingerprinting by making your browser fingerprint identical to all other Mullvad Browser users, and it includes default settings and extensions that are automatically configured by the default security levels: Standard, Safer and Safest. Therefore, it is imperative that you do not modify the browser at all outside adjusting the default security levels. Other modifications would make your fingerprint unique, defeating the purpose of using this browser.

[0] https://www.privacyguides.org/en/desktop-browsers/#mullvad-b...
jonaharagon
·năm ngoái·discuss
Most are, most are affiliate link-farms in disguise as well, and privacyguides.org is written in response to such guides.

It is called privacy guides and not security guides for a reason, and many of our basic "recommendations" are geared towards a specific threat model that does not include, for example, being targeted by law enforcement or others with access to zero-day vulnerabilities or similarly targeted exploits. They are geared towards avoiding commercial-grade tracking, especially by corporations, and dragnet mass surveillance programs.

This is why we place so much of an emphasis on threat modeling before suggesting recommendations in the first place though, to make sure readers know exactly when the recommendations apply to them and when they instead need to seek additional resources. We have countless pages within our community forum detailing why and when Chromium is technically superior to Firefox.

This is also why we don't recommend Firefox on mobile devices at all, because while we do feel Firefox on desktop is adequately secure for many people, we don't feel that is the case on Android, unfortunately.

Anyways, thank you for your insight. I will look into making this more clear at a glance.
jonaharagon
·năm ngoái·discuss
We don't have a deal with Brave. It was added almost 3 years ago, and nobody has even proposed removing it in the time since. Furthermore, it would be insane and likely illegal for a public charity to strike a deal to serve an undisclosed advertisement for a product from a private company.

I think our position on Brave is clear enough from the very first paragraph in the guide:

> We recommend Mullvad Browser if you are focused on strong privacy protections and anti-fingerprinting out of the box, Firefox for casual internet browsers looking for a good alternative to Google Chrome, and Brave if you need Chromium browser compatibility.

edit: ninja'd by justin lol
jonaharagon
·2 năm trước·discuss
> The Apple system was pretty much the best way this could be done

This may be true, and yet it's also true that it was still a terrible plan. This is exactly why it simply shouldn't be done at all.
jonaharagon
·2 năm trước·discuss
I've always worried that Proton might succumb to the enshittification that seems to eventually plague all tech companies. This news makes me a lot more optimistic that won't be the case.
jonaharagon
·2 năm trước·discuss
Yeah, that is interesting to me. I would imagine one of the main reasons people have been asking for alternative browser engine support in the first place is the potential to have more features added to PWAs by competing platforms, since they were clearly not a priority in WebKit for a very long time.