• 26 Posts
  • 89 Comments
Joined duela 2 urte
cake
Cake day: eka. 20, 2021

help-circle
rss

The only browser which actually made improvements to mitigate fingerprint is Tor Browser. It’s basically make all users look the same thus making fingerprint way more difficult. If you need protection against that form of tracking you don’t have other choice. Also, IceRaven it’s just a fork of Firefox which doesn’t lag behind updates. Therefore, it’s highly recommended stay away of it. If you don’t want telemetry then disable it through about:config in Firefox.

If you are looking for privacy and security, Bromite is a good mixture. Way more secure than any gecko base browser.



Please, stop with the trolling.
Today I opened Lemmy and I sincerely horrified when I saw all the junk that some people posted. I'm not here to insult anyone. I'm writing this post because i want to warn all the people involved in this unspeakable acts. I beg you to stop because in the end you're going to make your life miserable. You're continuing to create new identities in order to spread abysmal content for what? It's pointeless, really. You will not able to damage the project in the long term, admins are very active and they will ban you pretty quickly. What you're really doing here is damage your own mental health. Trust me when i say that the ones who are getting damaged are you and not Lemmy. Please do something in your life which has a meaningful purpose, eventually you'll feel better about yourself. P.s. I don't know if this is the right place to post it.
fedilink

Really off-topic, but i love your profile pic.


What does your profile image represent? Why did you choose it?
What's the story behind your profile pic? My represent Sosuke, from Ponyo on the Cliff by the Sea. Is my favorite anime film.
fedilink

Because I like the concept of federation.


I’m so happy about this announce. Thank you so much for bringing this topic here, on Lemmy!


If you want to ban me, go ahead. I have no problem with that.

https://lemmy.ml/post/140015/comment/105195. Look at you. Why are you posting this image? Its pointless because commerscamOS has never been affiliated with GrapheneOS. You’re accusing communities to be racist without a proof, you’re accusing a me to follow some sort of agenda without any proff. That’s you. You always do that. At this point I’m genuinely amused, nothing more nothing less.

You have been banned from spite, grapheneOS, r/privacy r/privacytoolsio r/Firefox and now r/privacyguides for your content and your behavior. That’s all. No other reasons. And in my opinion you’re going to be banned elsewhere most likely, because at some point people get tired of people acting like you. The first person reply under your post said that you’re an asshole. Literally. That’s actual sad and explain all in my opinion.

I don’t know why @dessalines@lemmy.ml and @nutomic@lemmy.ml have not banned you already. You behavior is so evident. You are also the same person which months ago was defining GrapheneOS users as "WORTHLESS DESPICABLE RAT. and now you’re pretending to be the nice guy of the situation by telling people to be the “better person”. Again, that’s explain all.


Hi @krolden@lemmy.ml. The best thing you can do in this case is not feed the troll. It’s pointless and not productive to engage a discussion with an individual whose intentions are pretty clear. For the sake of your time and your mental health, the best thing you can do now is block him. Don’t give him attention. If you want to understand better who is this individual just look at the post made by B0risGrishenko on Reddit as well as his answers and last but not least the moderatons comments under the OP post. If you any doubts, don’t hesistate to write me on matrix. @tessaiga:matrix.org.


Oh my. I’m so, so happy! Thank you really much to all the people who have make this possible; you’re are really changing the world for the better.



Hi! Really sorry for the delay.

Every new generation of pixel bring privacy and security improvements hardware wise. In particular, the new pixels have set a new standard for mobile security;

https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html


I don’t know about DivestOS. However, GrapheneOS is dramatically better than LineageOS. That’s because GrapheneOS is focused on privacy and security rather than customization like LineageOS. GrapheneOS starts from the strong baseline of the Android security model and brings a lot of privacy and security improvements. While LineageOS doesn’t have real privacy and security improvements, it also weakens the android security model.

There is a very good article written by madaidan, who explain the security of Android and the problems about lineageOS; https://madaidans-insecurities.github.io/android.html


Google Pixels have no backdoors. Recently, Maxime Rossi Bellom , Philippe Teuwen and Damiano Melotti did a deep research about the Google’s Chip, called TITAN M, in order to give an understanding regard it’s attack surface as well as the known and previously vulnerabilities.

Presentation Material

There is also a repository on GitHub, which contains the tools they used in their research on the Google Titan M chip.

There is also a very interesting thread from Daniel Cuthbert, in which he showed some part about their presention. In the same thread, he also wrote that the Titan M is the reason why he switch from iPhone to Pixel.

We’re are talking about BlackHat here, not some random guy which claims things without any proof.

Regard the OS, GrapheneOS is far better than Calyx; it offers much better privacy and security improvements. You can see the list of the features here; https://grapheneos.org/features


crosspostato da: https://lemmy.ml/post/89560 > See the linked release notes for an overview of the improvements and a link to the full list of changes. > > See https://attestation.app/about and https://attestation.app/tutorial for info about the app and optional monitoring service.
fedilink

KeepassDX on Android. StrongBox on IOS.



[Maxime Rossi Bellom](https://www.blackhat.com/eu-21/briefings/schedule/speakers.html#maxime-rossi-bellom-42634) , [Philippe Teuwen](https://www.blackhat.com/eu-21/briefings/schedule/speakers.html#philippe-teuwen-42673) and [Damiano Melotti](https://www.blackhat.com/eu-21/briefings/schedule/speakers.html#damiano-melotti-42674) did a deep research about the Google's Chip, called TITAN M, in order to give an understanding regard it's attack surface as well as the known and previously vulnerabilities. # Presentation Material - [Download Slides](http://i.blackhat.com/EU-21/Wednesday/EU-21-Rossi-Bellom-2021-A-Titan-M-Odyssey.pdf) - [Download Whitepaper](http://i.blackhat.com/EU-21/Wednesday/EU-21-Rossi-Bellom-2021_A_Titan_M_Odyssey-wp.pdf) There is also a repository on [GitHub](https://github.com/quarkslab/titanm), which contains the tools they used in their research on the Google Titan M chip. There is also a very [interesting thread from Daniel Cuthbert](https://nitter.net/dcuthbert/status/1458754900347789313#m), in which he showed some part about their presention. In the same thread, he also wrote that the Titan M is the reason why he switch from iPhone to Pixel. Very interesting in my opinion.
fedilink


See changelog: https://github.com/bromite/bromite/blob/master/CHANGELOG.md
fedilink



A good start would be ‘how to develop a threat model’. There are very useful guide about it like the one written by EFF.

Security planning helps you to identify what could happen to the things you value and determine from whom you need to protect them. When building a security plan answer these five questions:

  • What do I want to protect?
  • Who do I want to protect it from?
  • How bad are the consequences if I fail?
  • How likely is it that I will need to protect it?
  • How much trouble am I willing to go through to try to prevent potential consequences?

About Android’s security;


> Note: this beta release accidentally breaks glide typing. In the master branch code this is already fixed and beta08 will have glide typing fully working again. Sorry for the inconvenience!
fedilink


For the complete list of changes see [CHANGELOG.](https://github.com/mollyim/mollyim-android/wiki/Changelog)
fedilink


How PayPal Shares Your Data
The quantity of data that PayPal share with third parties is quite scary.
fedilink

according to the Tor browser:

Fingerprinting is the process of collecting information about a device or service to make educated guesses about its identity or characteristics. Unique behavior or responses can be used to identify the device or service analyzed.

So, to answer your question, yes, fingerprint contribute to tracking. The only browser which really protect you from fingerprint is Tor browser since it aims to make all users look the same. The rest is just marketing and not real substance.

So, if you really need protection against fingerprint, use Tor browser.


Thank you for sharing! I didn’t know that client.



There is a very interesting article written by Snowden dealing with this topic.

https://edwardsnowden.substack.com/p/conspiracy-pt1

The greatest conspiracies are open and notorious — not theories, but practices expressed through law and policy, technology, and finance. Counterintuitively, these conspiracies are more often than not announced in public and with a modicum of pride. They’re dutifully reported in our newspapers; they’re bannered onto the covers of our magazines; updates on their progress are scrolled across our screens — all with such regularity as to render us unable to relate the banality of their methods to the rapacity of their ambitions.

The party in power wants to redraw district lines. The prime interest rate has changed. A free service has been created to host our personal files. These conspiracies order, and disorder, our lives; and yet they can’t compete for attention with digital graffiti about pedophile Satanists in the basement of a DC pizzeria.



The UI. Really awful, it feels so bloated and uncomfortable. No, Reddit, I won’t use your mobile app.


  • encrypted database for passwords protected with a strong passphrase
  • encrypted database for TOTP protected with a strong passphrase
  • Recovery codes printed stored in a physical location

edit: If you store both passwords and recovery codes in the same database, it wouldn’t be 2FA anymore. If your database was compromised, a malicious actor would have directly access to your accounts due to avoiding 2FA since it could easily use recovery codes.


A 7 years old MicroG bug leaks google account password on login.
As the title say, a bug which has been confirmed to be around for 7 years leaks the google account password as well as the 2FA code -if enabled-. Steps to reproduce the behavior: - Open MicroG Settings - Add a Google account - Login with your Google account - Check logcat with adb logcat | grep GmsAuthLoginBrowser Therefore, through logcat is possible to see the password, which is a gigantic security hole. This happens even without root. Is also important to underline that microG per se has security [problems.](https://madaidans-insecurities.github.io/android.html#microg-signature-spoofing) For more information about the bug, see [here.](https://github.com/microg/GmsCore/issues/1567)
fedilink

Finally, the https everywhere add on is going to be deprecated in favor of the native HTTPS Only mode feature implemented in modern browsers.
fedilink