1
233
submitted 8 hours ago* (last edited 8 hours ago) by siriusmart@lemmy.ml to c/privacy@lemmy.ml

Most people still haven't heard of Manifest V3, so if you are one of those not using Firefox, this is for you.


If you’ve been on YouTube or Reddit August last year, you might’ve seen this screen yourself, or a screenshot of someone else getting it. This of course, I am talking about the infamous YouTube ad blocker blocker popup, discussion exploded on Reddit mostly consisting of people complaining about ads, as well as an angry mob storming r/memes, turning it into a Firefox propaganda centre.

About a month later, different adblockrs eventually found their way of bypassing detection, and they work on YouTube again. So natrually Redditors thought they’ve won another war against big tech, completely ignoring Google’s original plan to kill off adblockers by June this year.

So all extensions, including adblockers follows a specification called the Manifest V2. The Manifest allows extensions to do certain things, say accessing browser tabs or to change browser settings. All while putting some limitations, and prevent extensions from doing crazy stuff like installing a virus to your system. But too much limitation, is what pisses off many extension developers about the upcoming ManifestV3.

In this article written by the EFF, they interviewed developers responsible for popular extensions, where most described ManifestV3 as a downgrade, with some accused it for being purposefully bad. I particularly like this one from the creator of SingleFile, “I consider the migration to Manifest V3 to be a major regression from a functional and technical point of view.”

After an update in June this year, a feature called the WebRequest API will be removed, and the adblockers and tracker blockers that depend on this feature will stop working. Since the business model of Google is to track your online activity and then show you personalised ads, it is not difficult to see why this feature is removed.

Not only are they sacrifising user experience for monetary gain, they are forcing the same update on all Chromium browsers as well. I am hereby devastated to inform you that this is not the first time they have done it, and it will not be the last time they will do it.

But there are also good news, non-Chromium browsers will not be affected by the Manifest V3, and if you are already using one, you will be exempt from any future nonsense Google throws in your way. So if you are considering switching to one, unless Safari is your goto browser, which lacks competent extensions support, you can still get your adblockers, another adblockers, all the adblockers.

So are you going to make the switch before the update? Let me know in the comments down below, anyways I will be seeing you in two weeks, have a good one.


An article for more my ranting needs https://gmtex.siri.sh/fs/1/School/Y12/Cssoc/chromium.html

2
10

Just wanted to make sure i am not the only one experiencing this,(On the phone the VPN app connects fine)

3
54
submitted 18 hours ago* (last edited 18 hours ago) by sqgl@beehaw.org to c/privacy@lemmy.ml
4
351
Papers please (lemm.ee)
submitted 1 day ago by lemmylem@lemm.ee to c/privacy@lemmy.ml
5
19
submitted 20 hours ago by BrikoX@lemmy.zip to c/privacy@lemmy.ml

This weekend in the United States, taxes are due. For the more responsible readers – aka “everyone but me” – this was probably already done weeks – if not months – ago. But don’t worry. Taxes will roll around again the same time next year, as inevitable as death itself as the famous philosopher noted, and our financial lives are year-round. So in other words, this is merely a good excuse to discuss some ways that you can protect your financial life – both online and off – and keep your funds, identity, and credit safe.

6
83
submitted 1 day ago* (last edited 7 hours ago) by AlexanderTheGreat@lemmy.world to c/privacy@lemmy.ml

I'm talking full phone and blocking. Not just browser.

Edit: So many options! Thanks guys I'll go through them all and see what one I think will work best for me. I appreciate it.

7
153
submitted 1 day ago by lemmyreader@lemmy.ml to c/privacy@lemmy.ml
8
167
submitted 1 day ago* (last edited 1 day ago) by lemmyreader@lemmy.ml to c/privacy@lemmy.ml

According to the complaint, the company contradicted its privacy promises. From 2020-2022, the company allegedly disclosed users’ personal information, including their health information, to numerous third-party advertising platforms via tracking technologies, known as pixels and application programming interfaces (APIs), which Monument integrated into its website. Monument used the information to target ads for its services to both current users who subscribe to the lowest cost memberships and to target new consumers, according to the complaint.

Monument used these pixels and APIs to track “standard” and “custom events,” meaning instances in which consumers interacted with Monument’s website. The FTC says that Monument gave the custom events descriptive titles that revealed details about its users such as “Paid: Weekly Therapy” or “Paid: Med Management,” when a user signed up for a service. Monument disclosed this custom events information to advertising platforms along with users’ email addresses, IP addresses, and other identifiers, which enabled third parties to identify the users and associate the custom events with specific individuals, according to the complaint.

9
41

So currently I’m using 1 Blocker, but I also have tried Adguard as well, however my experience between the two is very different.

Adguard for some reason makes searching on safari slow, it may be due to too many rules being set but I’m not entirely sure.

1Blocker runs great and doesn’t affect safari performance in anyway.

However I’m looking to see what everyone else’s opinions are, and maybe some suggestions on any other iOS ad/ tracker blockers.

I’m mainly looking for open source or trust worthy apps that respect privacy.

Thank you for any responses in advance

10
22
submitted 1 day ago* (last edited 1 day ago) by vk6flab@lemmy.radio to c/privacy@lemmy.ml

U2F keys can be purchased online for the price of a cup of coffee. They're being touted as the next best thing in online security authentication.

How do you know that the key that arrives at your doorstep is unique and doesn't produce predictable or known output?

There's plenty of opportunities for this to occur with online repositories with source code and build instructions.

Price of manufacturing is so low that anyone can make a key for a couple of dollars. Sending out the same key to everyone seems like a viable attack vector for anyone who wants to spend some effort into getting access to places protected by a U2F key.

Why, or how, do you trust such a key?

The recent XZ experience shows us that the long game is clearly not an issue for some of this activity.

11
418

Here's a non-paywalled link to an article published in the Washington Post a few days ago. It's great to see this kind of thing getting some mainstream attention. Young children have not made an informed decision about whether they want their photos posted online.

12
122
13
299

I saw this on infinity for Reddit earlier, I don't know if there's a workaround for this or not.

14
107
15
-94
submitted 17 hours ago* (last edited 17 hours ago) by possiblylinux127@lemmy.zip to c/privacy@lemmy.ml
16
136
submitted 2 days ago by lemmyreader@lemmy.ml to c/privacy@lemmy.ml
17
20
submitted 2 days ago* (last edited 2 days ago) by foremanguy92_@lemmy.ml to c/privacy@lemmy.ml

I have some concerns about this app and I'm asking if it's useful or not, not the app itself but more the 3 protocols included in it. I2P, DNSCrypt and TOR. What is you opinion?

18
135

Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names.

OpenTable notified members of this new policy change today in emails to members who had previously left a review on the platform, stating the change was made to provide more transparency.

"At OpenTable, we strive to build a community in which diners can help other diners discover new restaurants, and reviews are a big part of that," reads the OpenTable email seen by BleepingComputer.

"We've heard from you, our diners, that trust and transparency are important when looking at reviews."

"To build on the credibility of our review program, starting May 22, 2024, OpenTable will begin displaying diner first names and profile photos on all diner reviews. This update will also apply to past reviews.

When leaving reviews on OpenTable, members specify a "Review display name" that will be shown in the review, allowing feedback to be left anonymously.

Under this new policy change, a member's first name and profile picture will now be displayed in new and past reviews.

19
381
  • Academics at the University of Pennsylvania analyzed a nationally representative sample of 100 non-federal acute care hospitals – essentially traditional hospitals with emergency departments – and their findings were that 96 percent of their websites transmitted user data to third parties.
  • Not all sites had privacy policies and of those that did, only 56% disclosed specific third parties receiving data.
  • Google and Meta (through Facebook Pixel) were on nearly every site and received the most data. Adobe, Verizon, Oracle, Microsoft, Amazon also received data.
  • Common data shared included IP addresses, browser info, pages visited, referring site.
  • Sharing data poses privacy risks for visitors and legal/regulatory risks for hospitals if policies don't comply with laws.
  • A class action lawsuit against Mass General Brigham and Dana-Farber resulted in an $18.4M settlement over sharing patient data.
  • Researcher calls for hospitals to collaborate with computer science departments to design more private websites. Also recommends privacy tools to block third party tracking.

But in the meantime, and in lieu of any federal data privacy law in the US, protecting personal information falls to the individual. And for that, Friedman recommends browser-based tools Ghostery and Privacy Badger, which identify and block transfers to third-party domains. "It impacts your browsing experience almost none," he explained. "It's free. And you will be shocked at how much tracking is actually happening, and how much data is actually flowing to third parties."

Note: Although Friedman recommends Ghostery and Privacy Badger, uBlock Origin is generally considered a better privacy-enhancing browser extension. Additionally, there exist multiple approaches for adblocking and tracker blocking beyond the browser extension model.

20
208

Curious about everyone's thoughts on this.

Archive link : https://archive.is/Ql81V

21
76
submitted 3 days ago by Tami@startrek.website to c/privacy@lemmy.ml

Unfortunately for now there are not usable for me.

  • The 100MB storage limit feels ridiculous. ProtonMail offers 500MB basic with 1GB free upgrade, and ProtonDrive starts at 2GB up to 5GB free. It’s unclear why Standard Notes storage isn’t shared like these other Proton products.
  • Basic formatting tools like bold and italics are absent on free plan. What makes it different from notes in Proton Pass?
  • Jurisdictional troubles. It is not Swiss as Proton or SimpleLogin P.S: Their app looks like PWA (progressive web application) not as standalone app.
22
75

Worth noting: the warning originally had a direct mention that the attack was from a surveilling government, but they removed that part after being asked.

23
190
submitted 4 days ago* (last edited 4 days ago) by ForgottenFlux@lemmy.world to c/privacy@lemmy.ml

**The purpose of this post is not to endorse the use of Reddit (), but rather to inform users of a privacy-friendly approach in case they need to utilize the platform.**

Redlib is a private front-end like Invidious but for Reddit.

  • 🚀 Fast: written in Rust for blazing-fast speeds and memory safety
  • ☁️ Light: no JavaScript, no ads, no tracking, no bloat
  • 🕵 Private: all requests are proxied through the server, including media
  • 🔒 Secure: strong Content Security Policy prevents browser requests to Reddit
  • Self-hostable

Redlib currently implements most of Reddit's (signed-out) functionalities but still lacks a few features.

Redlib Instances

(If a particular instance doesn't work, try others to see if they work)

URL Network Version Location Behind Cloudflare? Comment
https://safereddit.com WWW v0.31.0 🇺🇸 US SFW only
https://l.opnxng.com WWW v0.31.0 🇸🇬 SG
https://libreddit.projectsegfau.lt WWW v0.31.0 🇱🇺 LU
https://libreddit.bus-hit.me WWW v0.31.0 🇨🇦 CA
https://reddit.invak.id WWW v0.31.0 🇧🇬 BG
https://redlib.catsarch.com WWW v0.31.2 🇺🇸 US
https://reddit.idevicehacked.com WWW v0.31.0 🇺🇸 US
https://redlib.freedit.eu WWW v0.31.2 🇺🇸 US
https://redlib.perennialte.ch WWW v0.31.0 🇦🇺 AU
https://redlib.tux.pizza WWW v0.31.0 🇺🇸 US
https://redlib.vimmer.dev WWW v0.31.2 🇵🇱 PL
https://libreddit.privacydev.net WWW v0.31.0 🇫🇷 FR
https://lr.n8pjl.ca WWW v0.31.2 🇨🇦 CA
https://reddit.owo.si WWW v0.31.0 🇩🇪 DE
https://redlib.ducks.party WWW v0.31.0 🇳🇱 NL
https://red.ngn.tf WWW v0.31.0 🇹🇷 TR
https://red.artemislena.eu WWW v0.31.0 🇩🇪 DE Be crime do gay
https://redlib.dnfetheus.xyz WWW v0.31.0 🇧🇷 BR
https://redlib.cow.rip WWW v0.31.0 🇮🇳 IN
https://libreddit.eu.org WWW v0.31.0 🇩🇪 DE
https://r.darrennathanael.com WWW v0.31.0 🇺🇸 US contact noc at darrennathanael.com
https://redlib.kittywi.re WWW v0.31.0 🇫🇷 FR
https://redlib.privacyredirect.com WWW v0.31.0 🇫🇮 FI
http://redlib.r4focoma7gu2zdwwcjjad47ysxt634lg73sxmdbkdozanwqslho5ohyd.onion Tor v0.31.0 🇩🇪 DE
http://redlib.catsarchywsyuss6jdxlypsw5dc7owd5u5tr6bujxb7o6xw2hipqehyd.onion Tor v0.31.2 🇺🇸 US
http://libreddit.g4c3eya4clenolymqbpgwz3q3tawoxw56yhzk4vugqrl6dtu3ejvhjid.onion Tor v0.31.0 🇫🇷 FR
http://reddit.pk47sgwhncn5cgidm7bofngmh7lc7ukjdpk5bjwfemmyp27ovl25ikyd.onion/ Tor v0.31.0 🇩🇪 DE
http://red.lpoaj7z2zkajuhgnlltpeqh3zyq7wk2iyeggqaduhgxhyajtdt2j7wad.onion Tor v0.31.0 🇩🇪 DE Onion of red.artemislena.eu
For information on instance uptime, see the Uptime Robot status page.

Comparison

This section outlines how Redlib compares to Reddit in terms of speed and privacy.

Speed

Last tested on January 12, 2024.

Results from Google PageSpeed Insights (Redlib Report, Reddit Report).

Performance metric Redlib Reddit
Speed Index 0.6s 1.9s
Performance Score 100% 64%
Time to Interactive 2.8s 12.4s

Privacy

Reddit

Logging: According to Reddit's privacy policy, they "may [automatically] log information" including:

  • IP address
  • User-agent string
  • Browser type
  • Operating system
  • Referral URLs
  • Device information (e.g., device IDs)
  • Device settings
  • Pages visited
  • Links clicked
  • The requested URL
  • Search terms

Location: The same privacy policy goes on to describe that location data may be collected through the use of:

  • GPS (consensual)
  • Bluetooth (consensual)
  • Content associated with a location (consensual)
  • Your IP Address

Cookies: Reddit's cookie notice documents the array of cookies used by Reddit including/regarding:

  • Authentication
  • Functionality
  • Analytics and Performance
  • Advertising
  • Third-Party Cookies
  • Third-Party Site

Redlib

Server

  • Logging: In production (when running the binary, hosting with docker, or using the official instances), Redlib logs nothing. When debugging (running from source without --release), Redlib logs post IDs fetched to aid with troubleshooting.

  • Cookies: Redlib uses optional cookies to store any configured settings in the settings menu. These are not cross-site cookies and the cookies hold no personal data.

Settings and subscriptions are saved in browser cookies. Clearing your cookies will reset them. You can restore your current settings and subscriptions after clearing your cookies using the link given in the settings menu.

[TIP] 🔗 Want to automatically redirect Reddit links to Redlib? Use LibRedirect or Privacy Redirect!

Note: The above text presents an abridged and modified version of information found in the developer's documentation. Some context has been removed or altered for brevity. For the full and unmodified documentation, please see the original source.

Additional Information on Frontends from Privacy Guides

Sometimes services will try to force you to sign up for an account by blocking access to content with annoying popups. They might also break without JavaScript enabled. Frontends can allow you to get around these restrictions.

If you choose to self-host these frontends, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting, as other peoples' usage will be linked to your hosting.

When you are using an instance run by someone else, make sure to read the privacy policy of that specific instance. They can be modified by their owners and therefore may not reflect the default policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII.

24
169
submitted 4 days ago by lemmyreader@lemmy.ml to c/privacy@lemmy.ml
25
69
submitted 4 days ago* (last edited 4 days ago) by gamedeviancy@discuss.tchncs.de to c/privacy@lemmy.ml

If the owner of the standard notes will now be a proton, doesn't that contradict this principle? I have a proton email account but I don't want it linked to my standard notes account. I don't strongly trust companies that offer packaged services like google or Microsoft. I prefer to have one service from one company. I am afraid that now I will have to change where I save my notes. What do you guys think about this?

view more: next ›

Privacy

28652 readers
1269 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS