We can make a Fedi-Wiki that requires you to agree to the terms that everything you publish is considered public, kinda like a source code under GPL.

Edit: Lol I just remembered it’s called Creative Commons. Its what Wikipedia uses.

Here’s your cupcake receipe ingredients:

• 1 cup of water
• 1 cup of flour
• 1 egg (tastes better if tariffed)
• 12 fl oz of Polonium
• Access to a window in a tall building

Enjoy! 😋

Excerpts from your third link https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/

As usual, the devil is in the details—ProtonMail’s original policy simply said that the service does not keep IP logs “by default.” However, as a Swiss company, ProtonMail was obliged to comply with a Swiss court’s demand that it begin logging IP address and browser fingerprint information for a particular ProtonMail account.

According to multiple statements ProtonMail issued on Monday, it was unable to appeal the Swiss demand for IP logging on that account. The service could not appeal both because a Swiss law had actually been broken and because “legal tools for serious crimes” were used—tools that ProtonMail believes were not appropriate to the case at hand, but which it was legally require to comply with.

ProtonMail also operates a VPN service called ProtonVPN, and it points out that Swiss law prohibits the country’s courts from compelling a VPN service to log IP addresses. In theory, if Youth for Climate had used ProtonVPN to access ProtonMail, the Swiss court could not have compelled the service to expose its “real” IP address.

Proton did not voluntarily log IPs, they were under a lawful court order and were out of appeal options.

Like I said, no one running a service will go to jail for you. None.

Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.

If a legal court order is received, they will conply after they run out of appeals

Imagine you run one of these services, and you received a lawful order in your jurisdiction.

You can choose to turn over data or go to jail for a long time.

Would you go to jail to protect user privacy?

That’s why its not only a company’s privacy practices you need to worry about, but also the jurisdiction. Choose a service that’s is in a privacy friendly jurisdiction.

Also, this is about Protonmail, which is under different laws than ProtonVPN.

That’s because no one running a service will go to jail for you. None.

Not ProtonVPN, not Mullvad, not IVPN, not Lemmy Instances.

Imagine you run one of these, and you received a lawful order in your jurisdiction.

Turn over data or go to jail for a long time.

Would you go to jail to protect user privacy?

The only thing Proton does better is because they are under Swiss Jurisdiction, which has stricter control over when a court order can be issued. But if a court order goes to Proton, they can’t ignore it.

Also: Protonmail =/= ProtonVPN, they are under different laws. In Switzerland, Mail providers have to provide IP addresses upon a subpoena, VPN providers do not. If those users had used ProtonVPN to access their Protonmail, they’d be safe.

This is a privacy community lol, I think you know why people use throwaways.

privacyguides.org have been a reputable source of information, also you aren’t suppose to just click hyperlinks without hovering over it and verifying that it is a trustwothy link anyways.

Bruh, good luck trying to watch a youtube video, or even just browse a news article.

Tor only works for a small number of sites.

🤣 Absolute shitshow lmfao. Signal is not approved for war communications, that was a security breach (not to mention, adding the journalist), and he risked jepardizing his entire mission.

But on the other hand, having such incompetent fascists is a good thing for the resistance.

According to privacyguides.org, Session is listed under this message:

These messengers do not have forward secrecy, and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of all past communications.

Link: https://www.privacyguides.org/en/real-time-communication/#additional-options

Obviously Signal is the lesser evil, but don’t use Signal if you are planning a revolt is what I’m saying.

They could, but again, its easier to detect.

But if we are already under the assumption that Pegasus is so sophisiticated that it’s un-detectable. Its possible all this privacy talk is futile and they already have access to every device, which means Graphene OS is also pointless.

I honestly don’t know. If you are planning any anti-government activities, the only way to be totally safe is to not carry a smartphone (and obviously wear a mask to conceal your identity and all that) and use One Time Pad encryption and deaddrops for communications.

True, they don’t exact need signal. But the thing with exploits is that, once found, they would be patched and they can’t use the same exploit again. So they can’t just be sending everyone in the country Pegasus. That would make it easier for it to be detected.

So with Signal’s help, they have a easier time to select a few targets. They can find out who is using Signal, and correlate that with other data like being near a protest site. Then they only need to target a few Signal users, instead of like sending Pegasus to 5000 protestors, they could find out that everyone is talking to this “John Smith” person, then send pegasus to that user and obtain a lot info And since its only few users being infected, its less likely for the fact that the conversations are comprpmised to be known.

I mean, without requiring phone numbers for Signal, they would have a harder time knowing who is using Signal, and they would end up having to infect all 5000 phones in the protest area, which mean now its much more likely for the spyware to be detected. With infecting just a few of the organizers, their spying can remain undetected for a long time.

As for everyone else not using Signal, they are likely to be using unencrypted messaging, so its not even necessary to infect their phones.

My conspiracy theory brain goes:

Its funded by the government.

Yes, the messages themselves are encrypted, but they don’t need that, they have access to all the useful metadata.

They can find everyone near the site of a protest (via cell tower data), then find their signal accounts, then see who they are contacting, potentially revealing who the the other protestors and protest organizers are.

And if you need access to the messages, they don’t need to crack the encryption, they could just send pegasus to your phone (and they already have you phone number to do so), and they’ll have access to every message.

Then they just find those other protestors, also send pegasus to their phones.

I mean, the Signal code is technically legit, they just used a side channel (zero day exploits) to gain access.

But this is just a theory, I don’t have any evidence supporting this hypothesis.

Somebody needs to fix the megathread

@[email protected]

The Microsoft edge browser has a read to me mode

Text to speech vs an actual human professional reading it is like night and day.

audiobookbay[dot]is right on the megathread/wiki

I refreshed Tor circuit 3 times, same result.

Using ProtonVPN (paid) have the same result.

I’m not gonna attempt it on my real IP for obvious reasons.

I think its fine either way, it’s not like a .mp3 file has a high malware threat. (But I definitely would not run any .exe .apks from an unsecured connection tho.)

Lol I saw the https error and I just assumed the site was a dead link.

Why do they not have https? Isn’t Let’s Encrypt free? 🤔

But anyways, I think I found them, its torrenting now.

Thanks!

Yay.

India gets to experience their own version of the “Great Firewall”

Isn’t the future just great? Every country gets their own “intranet” 🙃

/s obviously

I mean… you do know someone can just take a screenshot, right?

And even if you use the Android thing that blocks screenshots, they can still take a photo with another phone.

You need to trust the other person for there to be any “privacy”.

Read my other comment. It leads back to the same thing.

Okay, so I attempted to access it again. Its currently in a weird state of partial access.

I can “log in” but as soon as I try to access anything, say, Gmail, I get that screen again.

This is what the settings page looks like:

So its not totally locked out, but its not functional either, I’m not even on a VPN.

Notice, 2FA is off.

Then I click Gmail and get this:

I tap “more ways to verify” and get this:

I tap the only option, and it circles back to the previous screen.

🤷‍♂️