• 1 Post
  • 13 Comments
Joined 1 year ago
cake
Cake day: June 14th, 2023

help-circle

  • What carriers do with our data is a black box and changes all the time. They must do whatever the government compels of them. No opensource baseband options are available. Therefore I would not trust any of them.

    It is best if you can decouple the phone number you use from the provider of the SIM card.

    1. Get a SIM card for data only with no KYC such as Mint Mobile or Ting for physical prepaid cards or jmp.chat or PGPP for pay as you go ESIM. Your voice and location give away your identity. So for maximum privacy, never make calls with the number associated with the SIM card nor activate cellular near your home.

    2. Transfer your number to a VOIP provider such as voip.ms or jmp.chat. Of course use encrypted messaging and calling as preference whenever you can.

    For years I have been paying less than $20 a month and have a few phone numbers. Governments and corporations have no idea where I am. Because my phone is anonymous, they would have a hard time deploying malware onto it if they wanted to target me. Most data goes through a VPN.



  • Grapheneos.org explains how the sandboxed GPS minimizes what it can collect. The highly promiscuous standard implementation of GPS has massive access to your device with limited and uncertain abilities to restrain what it can collect. All apps in Graphene are treated as hostile with fire grained firewall abilities. The sandboxed GPS from Graphene is implemented as any other app and only needs network access to deliver notification.

    I created an anonymous Google account and only give it network access until the day some of the apps I need. Google only knows that someone from an IP address is getting notifications for those apps that use it. Once these apps switch to unified push or web sockets to deliver notifications, I will remove GPS.


  • bernard@lemmy.filmtoPrivacy@lemmy.mlSearch engines compared
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    edit-2
    1 year ago

    Mixed in here are search engines and metasearch engines. Metasearch engines like DDG, Metager, and Searx are not actual search engines but rather sites that query other engines. I would rather see only actual search engines for comparison. I would like to see some non western (search engines based in non NATO aligned) countries included such as Yandex.

    Data collection always happens. How does the engine know what to return if you did not send it a query(data)? Sometimes results are personalized/manipulated. Anonymity reduces impact of both.








  • Even if Signal might be better for those people’s current threat model, people’s habits are hard to change. Good luck getting them onto a better decentralized protocol later. Most people will not take the time to understand the importance of decentralization and think we are just making their lives difficult. I regret getting people onto Signal mainly for this reason.