• dingdongitsabear@lemmy.ml
    link
    fedilink
    arrow-up
    23
    ·
    3 days ago

    anyone dunking on the article, this is pretty far away from a how-to-lilst; it’s more of a “think about these things if you haven’t up until now” and as such a net positive. wrong community for it, though.

    • Dessalines@lemmy.ml
      link
      fedilink
      arrow-up
      36
      arrow-down
      1
      ·
      4 days ago

      I read through the whole list, and monero was the only decent privacy recomendation I could find. Everything else was US-hosted. A lot of it was just recommendations from Apple and Google on “privacy” services they offer.

      No mention of syncthing, matrix, xmpp, even with sections dedicated to those categories.

      • pinkystew@reddthat.com
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        3 days ago

        I read that monero is different from other cryptocurrencies and makes it harder to identify the individual to/from whom a transaction in is sent

        What is the difference and why do other cryptocurrencies not implement it?

        • RvTV95XBeo@sh.itjust.works
          link
          fedilink
          arrow-up
          11
          ·
          3 days ago

          The core focus of early crypto was decentralization, not anonymity. Bitcoin is totally decentralized, but the entire premise is the blockchain contains a permanent irrefutable ledger of transactions. Basically everyone knows if Wallet A paid Wallet B. If you refill your wallet with anything remotely traceable, that means everyone knows YOU paid Wallet B, and similarly if wallet B has any ties to the real world, the lines are easy to connect.

          That’s not to say you can’t use it anonymously, but that was not the intent and thus it does anonymity poorly.

        • khannie@lemmy.world
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          1
          ·
          3 days ago

          Monero is built as a privacy first crypto. Essentially it’s like cash in many ways. You spend it in the shop and nobody knows where the cash you’re handing over came from. When you get your change at the till you know nothing about who had the cash before you that you just got handed. It’s just money.

          This is all handled by a bunch of very complex cryptography. If it comes to it there are ways to prove you sent the money etc but only you have that capability to decide to share.

    • stembolts@programming.dev
      link
      fedilink
      arrow-up
      9
      ·
      3 days ago

      You’re right, ha, I’m totally not… they, I mean they are totally not! You got it guy! Everyone listen to this guy! I’d go as far as to say anyone reading this article is innocent of ALL crimes!

  • surph_ninja@lemmy.world
    link
    fedilink
    arrow-up
    27
    arrow-down
    1
    ·
    4 days ago

    Too bad private email access is essentially dead. Any service not requiring another email or phone number to sign up gets quickly shut down. A casualty in the war on whistleblowers.

      • Em Adespoton@lemmy.ca
        link
        fedilink
        arrow-up
        5
        ·
        4 days ago

        Exactly; email is digital post cards and always has been.

        Of course, that means I can encrypt a message and use someone else’s email account to send it :)

    • xapr@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      2
      ·
      4 days ago

      You can sign up for Proton mail without providing email or phone number, as far as I recall.

        • _cryptagion@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          2 days ago

          I did that recently while using Tails, and it let me register without either an email or phone number. This is misinformation.

        • red@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          2
          ·
          3 days ago

          you still can, it was a bug in past that they fixed long ago

          • refalo@programming.dev
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            3 days ago

            it’s not a bug and it’s still not possible, it’s for tracking who created the account of course.

            • _cryptagion@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              2 days ago

              It is possible, I just signed up for one recently while using Tails. I was not required to use either email or phone number. Stop spreading misinformation.

                • _cryptagion@lemmy.dbzer0.com
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  2 days ago

                  They said any service gets shut down. I registered a ProtonMail account without email or phone number. Proton also does not cooperate with anyone but Swiss authorities. It is obviously still possible.

                  You can also register without one on cock.li, if you don’t mind them being edgy middle-aged teenagers.

          • surph_ninja@lemmy.world
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            3 days ago

            Try it now. Load up a tor tab in the Brave browser, and try signing up for an email without providing any info.

            • red@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              3 days ago

              yes I just did, not brave but tor browser and I was able to create account

              • surph_ninja@lemmy.world
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                3 days ago

                I just loaded up a Linux vm with Brave, and tried to sign up in a tor window. It requires a verification email to sign up.

                Maybe you’re using a browser or OS that it’s tracking.

                • _cryptagion@lemmy.dbzer0.com
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  2 days ago

                  It does not, this is misinformation. Do not believe this person, I recently did it on Tails while using Tor and did not need email or phone number.

                • red@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  3 days ago

                  yeah I’m using tor browser, also don’t forget you can get fingerprinted even on tor

      • Luffy879@lemmy.ml
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        4 days ago

        Yes, tho it days it dosent store it, ill leave it up to you what you do whit that.

        • tekato@lemmy.world
          link
          fedilink
          arrow-up
          16
          ·
          4 days ago

          They do store it and have provided it to authorities in the past. In their defense, modern laws require you to hand over any data you have or get shut down. But they already knew that, yet choose to ask for it anyways knowing that they have to give it away if asked to.

          • _cryptagion@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 days ago

            They provided it to Swiss authorities, with a notice that it happened to their customers. They do not have any requirement to share it with other governments.

          • sunzu2@thebrainbin.org
            link
            fedilink
            arrow-up
            4
            ·
            4 days ago

            i guess corpos gonna corpo folks… even the “good” ones

            i did not realize you needed anything to create rando emails. i know google started that shit 5 years ago tho

            • tekato@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              4 days ago

              I don’t think you are required to provide a secondary email, but you get less features without it.

              • sunzu2@thebrainbin.org
                link
                fedilink
                arrow-up
                2
                arrow-down
                2
                ·
                4 days ago

                i see… that is a dark pattern in of itself, why does proton need this info and why are they willing to incentiveze users sharing it.

          • hugealligator379@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            As far as I understand it, this is only recovery emails and I think it explicitly has some sort of warning about this when setting it. This is different than the email prompt on sign up.

            • EngineerGaming@feddit.nl
              link
              fedilink
              arrow-up
              1
              ·
              3 days ago

              I wouldn’t trust them not to store the initial one as well tbh. Nothing technically stops that and it’s in their interests.

              • _cryptagion@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                2 days ago

                They don’t ask for one on signup. I just signed up recently while using Tor on Tails, and was not required to provide an email for any reason. The only thing that happens is you get a warning in the account panel saying you won’t be able to recover your account if you lose the recovery codes.

            • tekato@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              3 days ago

              I didn’t even know it asked for an email for sign up. I just remember the recovery email.

  • shortwavesurfer@lemmy.zip
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    4 days ago

    I’m glad they mentioned Monero in the article, but sad that they mentioned it alongside Zcash since Zcash is not private by default and not many people opt into the privacy and Zcash has shown willingness to be bad to their users by helping exchanges. Primarily because they are run by the Electric Coin Company, which is registered in the United States, and therefore they have to obey the laws of the United States. So, Zcash is not a good option.

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      3 days ago

      Shielded addresses & transactions are private using zero-knowledge proofs like Monero. You can also have transparent addresses & transactions like how Bitcoin operates on Zcash as well which is true. But there isn’t a default, some wallets autoshield by default making your comment misinformation.

      • shortwavesurfer@lemmy.zip
        link
        fedilink
        arrow-up
        2
        ·
        3 days ago

        Some wallets shielding their transactions by default is still not nearly as strong as everything being shielded by default at the protocol level, but they couldn’t have that because then they would not be on exchanges.

        • toastal@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 days ago

          It does add a level of convenience for the type of transaction you might want to actually be tracked all being on the same currency. Most don’t even offer the option. Zcash can do the thing—it’s just not the only way.

          • shortwavesurfer@lemmy.zip
            link
            fedilink
            arrow-up
            2
            ·
            3 days ago

            Monero has view keys for exactly this reason, so that if you need to make a transaction public for like an audit or something, you can do so. But on the protocol level, absolutely everything is always private.

            • toastal@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              2 days ago

              That’s good too. Not a Monero hater or a Zcash fanboy—I just think we need to be honest about the capabilities even if the methods of getting there are different.

  • Mettled@reddthat.com
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    3
    ·
    4 days ago

    Switch phone service to VoIP, cancel cell service, all tracking capabilities is gone.

      • Mettled@reddthat.com
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        4 days ago

        It is possible to get a real cell number from a big name carrier and then port the number to VoIP company to use VoIP service with an original cell number.

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          3 days ago

          Maybe, but if anything bad happens to originate from that number, the port history is still visible and now they have a suspect.

          • Mettled@reddthat.com
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            5
            ·
            3 days ago

            Stick with only having a landline until you can get over yourself and your self aggrandizment.

          • Mettled@reddthat.com
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            3 days ago

            If you get a cell number with a SIM, then port that number to a VoIP, how does KYC matter since you are going.to have to give that number to people with your name, so businesses or offices can call you through VoIP service?

    • terminhell@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      14
      ·
      4 days ago

      Iirc any cell phone is still capable of dialing 911(or equivalent) even without a sim. So id imagine carrier towers and gps could still find it. You’d basically have to keep the device in a ferriday bag. Which complicates actually using it.

      • shortwavesurfer@lemmy.zip
        link
        fedilink
        arrow-up
        13
        ·
        4 days ago

        That is correct. Any cell phone sold in the United States by law is supposed to be able to dial 911 no matter whether they have a SIM card inserted or not and no matter whether they have service on a SIM card or not and also no matter whether one specific carrier in your area has no signal it will use the others instead. You may be a Verizon customer, but if you dial 911 and an AT&T tower picks up the call first, the AT&T network will serve that call instead.

      • Em Adespoton@lemmy.ca
        link
        fedilink
        arrow-up
        11
        ·
        edit-2
        4 days ago

        One clarification: carrier towers can still find a phone; GPS is passive; your phone locates itself in relation to the GPS satellites.

        Most phones are also broadcasting WiFi MAC IDs and Bluetooth MACs, plus hardware and capability strings over Bluetooth. And then any apps you’ve got loaded may also be calling home with your location unless you have that disabled and rotate your ad ID regularly.

        [edit] also worth pointing out that even if you turn a smartphone “off” it still pings the local cell towers with its IMEI regularly. Surprised me the first time I witnessed that.

      • Mettled@reddthat.com
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        4
        ·
        3 days ago

        Why does a phone need to be in a ferriday bag when phone does not have a SIM card because it uses web-based VoIP service? The phone only needs an internet connection, like wi-fi, and can’t talk to cell towers. Remove SIM from phone, connect phone to wi-fi to get online to access phone service through the internet, GPS can’t function. If a phone without SIM calls 911, it will go through, but dispatch sees no number, no location, no name.

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          3 days ago
          • any carrier within range can still potentially track you, maybe not with airplane mode but Snowden says don’t trust that

          • GPS still “works” without any signal, service or net access

          • AGPS mandate forces 911 calls to reveal your location

          For max privacy without going completely analog you’d want a device with NO cellular radio at all

          • Mettled@reddthat.com
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            4
            ·
            2 days ago

            You have way too much time of doing nothing of significance and fill it with meaningless chatter. Spend more expanding job skills and still listening to so many inexperienced opinions.

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      8
      ·
      4 days ago

      You’re just shifting trust though - may be good in some cases, but not universal. Aldo does nothing about the cell tower connections tracking the location.

      • Mettled@reddthat.com
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        7
        ·
        3 days ago

        How can cell towers track your location if phone does not have a SIM due to using web-based VoIP service?

          • Mettled@reddthat.com
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            4
            ·
            3 days ago

            I think you’re mainly speaking from a place of percieved opinion than tech knowledge but I would suggest for you that you only use a landline for phone service. Have you ever had a job working with various network services for random customers and speak to customers to answer questions?

            • EngineerGaming@feddit.nl
              link
              fedilink
              arrow-up
              2
              ·
              3 days ago

              From the context of your previous comments, it seemed like you were talking not about not having a mobile phone in general, but rather a SIMless phone. Using it over Wi-Fi only is indeed doable - but you’d need an Airplane Mode on an OS you can trust, just having no SIM would not be enough.

              Also no, I did not have such a job - I don’t understand how this question relates to the conversation.

              • Mettled@reddthat.com
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                4
                ·
                3 days ago

                Any AOSP ROM would suffice.

                The queation pertains to having a sense from how someone talks if they sound like they can configure network services or if they only read about it but not having the skills/experience to work for random customers and explain the work to them.