• 1 Post
  • 18 Comments
Joined duela urte bat
cake
Cake day: aza. 29, 2021

help-circle
rss

Its all open source, you can self-host it.

I know that there are components required to provide this service that are open source and/or self-hostable (eg - XMPP server and XMPP client). However, in the (very) little digging I’ve done, I don’t see how you could self-host the ability to receive a phone number (and to a lesser extent, call/text using that phone number).

Are you able to self-host the components necessary to obtain and use a phone number? If so, is the cost (omitting any hardware acquisition or hardware operations cost) any different than paying for this service or are there any other non-hardware based limitations (eg - can only activate a certain quantity of phone numbers, can only place a certain number of calls, etc.)?


Dendrite is listed in the post - https://matrix.org/blog/2022/08/15/the-matrix-summer-special-2022#dendrite--p2p

Dendrite plays an important role in our future strategy as it is also the homeserver implementation used for embedded homeservers, P2P development and experimentation. In addition to being able to scale up, we have also successfully scaled down, with the Element P2P demos proving that an embedded Dendrite homeserver can run comfortably on an iOS or Android device.

I didn’t realize that Dendrite was planned to be used for P2P. I thought it was just another option you had to host a homeserver. That makes this a bit more exciting.


People don’t understand how pervasive and extensive the data that companies are gathering on them are. For example, people have told me “Facebook doesn’t know much about me - I never post anything on there”. They don’t realize that Facebook learns so much more about them by just spending time on its website (or even worse - its mobile app) than it could from anything you would realistically post on Facebook (eg: you would likely never post your full contact list, every article you read, when/where you logged into FB, how long you spent on FB, etc.).The longer you’ve had the account and the more time you spend using the account (ie: browsing while logged into the account) the better.,

Additionally, people don’t understand who has their data and what’s being done with it. A common response from most people might be “well, what’s the big deal anyway? They’re gathering ‘all this information about me’ and in return I get to use a free service and get served ads for things I’m actually interested in. That doesn’t seem too bad.” They don’t realize that FB has shown the ability to manipulate people’s thoughts, emotions, and feelings to drive engagement. They don’t realize that because advertisers can target people so well, they are also able to manipulate you far better than they ever could before. They don’t realize that there is a quickly growing several trillion dollar market in personal data collection and there are hundreds/thousands of companies they’ve never heard of that have extremely accurate profiles of them likely with sensitive data that they probably wouldn’t have wanted shared with those companies.

I don’t think that “most people prefer to be spied on”. Instead, in addition to the above points, I think people think that they don’t have an option and that the “spying” is a necessity - maybe even a necessary evil (whether its for security or for the ability to use free services that improve people’s lives). If shown options with the pros/cons clearly laid out where the alternative isn’t too much more complex or inconvenient and handled most of their use cases for the product/service, I do think that there would be a shift in mindset and marketshare. Unfortunately, people are lazy so it would need to be the default option for the alternative(s) to get significant market share. Also, some of these services work so well due to network effects (can’t convince people to use a chat app if they don’t know anyone using the app) which can further complicate the adoption of alternative products/services. Since some of the biggest “spies” are so frequently used by nearly half the world’s population, it makes it extremely challenging to make noticeable changes (eg: “that person is weird for saying I should delete my FB account - everyone is on there. No way that person is right and that everyone is wrong for having an account”, “I want to delete my account, but then I’d be the only one I know without an account”, etc.).

Look at what Apple is doing with recent versions of iOS (and all its marketing). Its making an impact (at least a small one) on companies and people are “caring more” about their privacy. People don’t like being spied on. Hopefully in the coming years people will realize that they’re doing the digital privacy equivalent of switching from soda to juice (old iOS settings vs updated, privacy friendly iOS settings) when they really should’ve been switching to water (stop using as many privacy invasive products/services as possible).


It sounds like you would only use this as a security camera system, which is fine but obviously would limit your want/need for one if you feel the risk or need for one isn’t that high.

having documented evidence would lead to me checking and then I have to act

If that’s a concern then you could set it up in a way that you shouldn’t feel the need to “just check” the video feed. With a proper setup, you could receive notifications/texts/emails/etc. (or if you have a connected smart home, you could have lights turn a certain color, ring a doorbell, etc.) based on rules/parameters that you set.


Without a Shinobi (or any other NVR system/software), you would have to individually and manually monitor each camera you installed (unless its connected to the web or some other service run by a 3rd party). Having a NVR becomes a necessity with 2-3+ cameras, if you want to store the recordings, or if you want advanced video/image processing features. Like any other product that has competition, each NVR system/software has its pros and cons. Some may give you a more streamlined interface to view all your cameras. Some may give you better object/person detection. Some may integrate with other products/services better. Some may operate more efficiently/effectively than others. Some may only work on certain operating systems.

There are several reasons that you may want this beyond being paranoid.

  • monitor what animal(s) are eating the plants in your garden to better protect your garden or monitor the growth of your plants
  • monitor when you have packages delivered to provide evidence something came late (or didn’t arrive or that the package labeled “fragile” was thrown onto the porch)
  • monitor when tools, toys, or objects are left in the yard so you can better keep track of your things or remember to pit everything away before going to bed
  • monitor when/where your pet pooped in the yard so you can spend less time checking for it and ensure that you got all the poop
  • monitor the snack pantry to prove to your spouse that you’re not the one eating all the snacks
  • monitor the sleep walker of your household to make sure the areas they commonly go have safety features installed
  • monitor the room with your TV/computer/etc. to better track how much time you watch TV/use your computer/etc.

Obviously a camera is not the only way to achieve the goals listed above (nor is it the best/easiest way to achieve all of them). However, the point is that it could be used for anything.

Plus, you may think think the people who do use it for “security” purposes are paranoid for having this (and maybe they are), but when someone keys their car, slashes their car tire, steals their package, knocks over their mailbox, or has any sort of crime/unwanted behavior committed against them, they’ll be glad they had it recorded.

If they properly setup the NVR, they shouldn’t have to watch much of anything as the software would do it for them and alert them based on the activities/locations of their choosing. Depending on how advanced they want to build out the NVR and the other services they connect it to, they could build out a fully self-hosted home security setup. Maybe that sounds like overkill or something only the most paranoid people would want, but its something commonly sought out by parents, women who live by themselves, or people with a lot of enemies. Again, they may not have it because they expect something bad to happen to them, but instead can feel a little more comfortable that they’ll have some additional precautions in place if something bad did happen to them.

If security cameras are what my neighbors need to rest easy at night, then I am fine with them having them as long as they don’t invade my privacy. With how common products like Ring, Nest cameras, etc. are becoming, I would consider each person who chooses to operate their home cameras locally through a private NVR over a privacy invasive security system a big win to the privacy of that person and anyone else in the household as well as that person’s neighbors. We should be encouraging people to adopt Shinobi or similar NVRs instead of making people feel bad about being paranoid or being OK with them using connected/privacy invasive systems.


Privacy News Sources
What active (about 1 or more updates/posts per week) news source do you use to stay on top of privacy news?
fedilink

What are you referring to?

To broadly answer your question, to name a few, there are…

  • paradox questions (eg - what happens when an unstoppable force hits an unmovable object)
  • impossible scenarios ( eg - what would happen if Hitler rode a dinosaur as a child)
  • questions we may be able to answer in the future, but cannot at the moment (eg - p vs NP)

In other news, water is wet. /s

This is just another example of corporations pushing the limits of both the law/regulations and what people are willing to accept in order to increase profits. Its analogous to predatory practices enabled by fine print in contracts, terms and conditions, advertisements, etc. “We value your privacy - your data will never be sold ~we’ll only share your data with our 35 trusted data brokers~” is the new “You qualify for an unlimited credit card with 0 percent financing ~introductory interest rate expires after initial purchase and becomes 200 percent on top of additional fines and fees for each additional purchase~”.


I’m not privy to what is going on, who the users from the screenshot are, or what this is all in reference to, but saying they “actively setup RSS feeds” for this is a bit disingenuous. The ability to consume Reddit users’ RSS feeds has existed for longer than GrapheneOS has been around. Anyone posting on Reddit (especially on public subs) or any other public site should have the expectation that their posts/comments can be monitored/tracked/followed, searched, recorded/copied, etc. This should just be viewed as a reminder of that.


I’m also not sure how this would work from a technical perspective. Would community creators have to share their Matrix credentials with their Lemmy instance/client? Would the Matrix room be created by a different Matrix account managed by the Lemmy instance maintainer? How would it work if the Lemmy community creator wanted to use a different Matrix homeserver than matrix.org? What if a space was better suited for Matrix than a room? How would the community maintainer change the room in the future? What if the maintainer for a community switches and the new maintainer doesn’t have access to the account that is running the Matrix room?

I’m not sure if this is already available, but I think a field to enter a Matrix room/space link would be better than the ability to automatically create a Matrix room. It would give the community creator more flexibility and creating a room/space doesn’t take too much time. If a person is going out of their way to create/maintain a Lemmy community, they should also have the ability (or the ability to figure out how) to create a Matrix room/space.


I realized that may be the case after commenting. I didn’t read your post as closely as I should have, but I kept the comment up in case someone finds it helpful.

Unfortunately I’m not aware of any solutions beyond buy bigger drives, stand up a backup NAS, or omit unimportant/non-critical/easily recoverable data from backups. I don’t think that’s what you’re looking for though.


Consider implementing networked attached storage (NAS) like TrueNAS or Unraid. There are other options (both NAS and non-NAS options) that will help you achieve this. Going with a NAS will help you mitigate risks relating to drive failure (ie - you install multiple hard drives and if one hard drive fails, the system will keep working until you get the failed drive replaced), will make the storage accessible across the devices on your network (depending on how you configure your NAS and network) instead of just the device the hard drive is plugged into, can run additional services/applications on the system, and will likely have some sort of backup system that you can enable/configure for either cloud backups or local backups to another device. The downside is that it will likely require additional hardware and/or some network work. It can be done pretty easily though depending on your needs. For example, Network Chuck has a tutorial on setting up a NAS on a Raspberry Pi.


what’s even worse is, that these apps wouldn’t even need the Play Services if the developers really wanted it.

Yeah, that is really frustrating. Google’s stranglehold encompasses end users, phone manufacturers, and any company/developer creating an Android app (or even iOS app due to Firebase and other Google services). I hope that we all can start breaking free of Google without having to compromise as much as we currently have to.

I use LineageOS, so I guess the integrated SMS and phone apps don’t do this?

Based on what I’ve seen, using those apps should address the recent accusations/findings. Doesn’t mean that the same or similar thing isn’t happening through Google Play Services though. It also still exposes privacy risks due to the nature of SMS and network phone call infrastructure.

Of course I still hemorrhage metadata, but privacy is not an all-or-nothing situation like many privacy evangelists shout into the void.

I get that Matrix isn’t perfect, but I’m not sure I understand the amount of backlash it sometimes receives. Hopefully it can continue to improve by addressing those concerns.


While I would love to see this for many reasons, I’m not convinced it would eliminate all tracking/data collection on its own. For example, in this case Google provided seemingly good, “non-advertising” related reasons for this data collection. Companies could do this to justify just about anything that they wanted to collect. However, banning behavorial based advertising without any loopholes (eg - users are in South America, servers are in EU, but the law only impacts services where both users and servers are in North America) would hopefully lead to a sharp decline in the market of shared/sold data. So while it would help change the current landscape where we are giving up our privacy in exchange for companies’ profits, we would be giving up our privacy for (presumably better) services. In that case, at least consumers are (ideally) able to directly benefit from the data that they are sharing/giving up.


While all good points, they don’t specifically address the problems mentioned in the post.

Douglas Leith, a computer science professor at the Trinity College Dublin, claims in his “What Data Do The Google Dialer and Messages Apps on Android Send to Google?” paper that Google’s Messages and Dialer apps have been sending data to the company’s servers without taking explicit user consent. More specifically, these apps collect information about user communications, including an SHA256 hash of the messages and their timestamp, phone numbers, incoming and outgoing call logs, call duration, and length. This is then shared with Google’s servers using Google Play Services Clearcut logger service and the Firebase Analytics service. The data helps the company link the message sender and receiver and/or the two devices in the call, enabling features like spam filtering and business caller IDs. - similar report from Android Police

The quickest/easiest thing to do to mitigate any risks from the accusations is to just use a more privacy friendly SMS app and phone app. However, doing so may lead to some unwanted outcomes (eg - no RCS, loss of phone call functionality that Google has implemented over the years) and it may not eliminate Google’s ability to collect this information anyway due to Google Play Services. These are small prices to pay and aren’t difficult to adjust to if you’re concerned with Google abusing or mishandling your data.

An even better quick win would be using private and secure messenging, calling, and video chatting services instead of traditional SMS and phone calls. There have been a few mentioned in the thread. Doing so may be frustrating as you’ll have to convince everyone you communicate with to use the app(ss of your choosing and you’ll likely run into situations where using those apps are not possible (eg - school/work activities, interacting with businesses, etc.).

Aside from not using a cell phone at all, the best thing you could do is ditch traditional Android (ie - Android with Google Play Services, the Google Play Store, etc.). Moving to iOS may help mitigate Google’s data collection ability, but it shifts the risk from Google to Apple. Instead, as /u/Jouissance_juice mentioned, using GrapheneOS would help tremendously with the recent accusations (in addition many other privacy and security risks). The downside is that it requires a Pixel phone and it can be a bit of a jarring experience for people who ate used to the ttraditional “Google” Android experience. There are other ROMs (eg - CalyxOS, LineageOS, etc.) that may offer a less jarring experience at the expense of a (possibly only a little bit of) security and privacy. Keep in mind that even if you do this and still communicate over SMS and traditional phone calls that the carriers and others (including Google if the other person you’re communicating with uses Android) will still be able to access most of the information as before you made the change. You would still need to move to a private and secure communication app to mitigate your privacy concerns as much as possible.


Really depends on what you are using it for. Some of the options below can be used across the listed categories.

  • Syncing/accessing documents on multiple devices?

    • Nextcloud
    • Owncloud
    • Seafile
    • Syncthing
  • Notes?

    • Standard Notes
    • Joplin
    • Etesync Notes
    • Cryptee
  • Collaborative Editing?

    • Collabora

I don’t see Whoogle posted. If you really need/want to use Google search for whatever reason, Whoogle is a great alternative. I’m not sure why it’s not more heavily discussed on places like PrivacyGuides, PrivacyTools, etc.


No, adblockers are not piracy. It’s more similar to using a “free service/resource” that has a recommended (or even expected) donation, which you decide not to pay.

If you’re somehow using adblockers to get past a paywall or some other authentication/authorization system, then we have a legitimate piracy conversation.


This is nice. I’ve seen something similar before for Nitter as a browser extension. I’ve been trying to find a solution that does this for multiple privacy friendly front ends, but haven’t found exactly what I’m looking for just yet. The closest I’ve found is the results presented in Whoogle, but it only works for results displayed on the page.