I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)
OP would not recognize a threat model if it bit him in the ass.
“Tr0ub4dor&3 is my password for everything.”
Pretty sure banks have a pretty good track record of “keeping your money safe”. Why the fork would anybody trust banks to keep their money safe if they can’t keep your money safe?
I don’t really understand why that statement is even on there?
Unless you mean to argue some anonimity point, which I could agree with considering e.g. Monero would be more anonymous than a bank.
But safe? I’d say the bank is quite safe to store money.
Banks keeping your money safe depends on what country you live in and how much its government has regulated them and/or provided some sort of backup in the case of a run or the bank going out of business.
The intention was more “Banks keep my data safe,” but I wanted to provide a clearer explanation that if your data isn’t safe, neither is your money. I didn’t have enough room to put my full thoughts.
any bank that has the capacity to close your account without you explicitly requesting it should not be considered safe.
fucking cip errors deleted my account
whoever invented cip errors should be defenestrated at the earliest convenience
Banks literally seize and freeze assets from people, e.g. Julian Assange.
Banks have also a track record of seizing countries international reserves like Russia, Venezuela, Iran, etc…
Money in the bank can be seized and frozen for all sorts of reasons. If you’re in the USA, then police can charge your money with a crime even if you haven’t broken any laws. It’s safe until it’s not.
Doesn’t have to be in the bank either; if you’re traveling with your life savings in cash, then if you get pulled over cops are likely to seize that money. Just because fuck you, that’s why.
Can confirm. about 15 years ago, my bank account was frozen for 3 weeks for child-support enforcement. Only they weren’t talking about my kid or even me. Some dude in Florida with my same first and last name was a deadbeat dad. So they froze my account because apparently, he didn’t have a bank account or something.
What’s super annoying about it is that we had different middle names, not even close to the same social security number, and not one person even contacted me before my bank account was frozen. I only found out because a check I wrote or something bounced. And I was like, WTF?
I was finally able to talk to enough bank people to clear it up. But it took 3 weeks. I never got an apology for it either. And the fuckers did not refund my insufficient funds fee. I mean, it was only $15 bucks, and it would have cost me more than that in my time to get a refund, but still…
So yeah, even here in the US, banks can suck.
where’s the shovel and double-ziplocs to bury your cash, silver, gold, platinum, and palladium? or the zippo to burn your prints off? get on my level, ho
You may be interested in this infographic instead ;)
Hey! I resemble this remark!
I’ll go further than this and say that true security is where everybody has support enough to not want to steal your shit, hack you etc.
Yeah corporations and governments are still a problem, for now, but both of the above parties would be far more secure if they did mutual aid, supported progrms to help the impoverished etc etc.
Basically having a collective approach to security and not such a myopic individualistic one.
How is iCloud not secure or privacy focused? You make no sense with this list. iOS is insanely secure compared to stock android.
Apple’s closed off ecosystem should not be considered privacy focused. We have no idea what’s going on behind the scenes. NSA back doors, probably.
It’s not about what you use, but how you use it. PEBCAK Almost 100% privacy and security is offline at home, reading a book, if you bought the book with cash and not online and/or with credit card.
You can use Google, Microsoft, Apple and co however you want, the problem is, what you use
What’s with the diss on Malwarebytes?
Mainly because it’s proprietary, privacy invasive by nature, and invasive on computers.
They’re taking it too seriously lol
It’s also a shit product riding on marketing laurels from its past glory days, like Norton. It leaves pieces behind that can cause malware to come roaring back.
It isn’t hard to just nuke a system or restore a backup people.
Assuming that your backup isn’t also infected.
Proprietary sure, but how is it privacy invasive let alone invasive on computers?
What non-proprietary option is there? I can’t think of a single antivirus option which is actually remotely decent which is open.
ClamAV is an open source antivirus, but I would recommend against using an antivirus altogether due to their invasive nature. You shouldn’t need one with proper sandboxing and isolation.
ClamAV is slow to get updates and frankly not a great tool to use. AV is a must as isolation and sandboxing are only as good as the next exploit. Not too mention scams like phishing are not stopped by isolation.
crypto currency
This is the correct initial reaction but given the extent to which the US monitors every single transaction everyone makes, it’s getting awful hard to manage the influx of feral hogs without having them streaming through your door.
cash
Well, unlike Bitcoin, Monero is actually anonymous, and sometimes you gotta make payments online.
You can’t do it privately with your card.
Bitcoin’s Lightning Network has onion routing for privacy, like Tor.
When Bitcoin had a bug that allowed some guy to give himself a bazillion bitcoin, it was detected and patched before he was able to sell them. When Monero encounters a similar bug, it will only be detectable by the price going down.
I’m not super knowledgeable on how anonymous such routing us, hence I avoid it.
Don’t know why people bombarded you so much - the other side of total anonymity is that you really never know if anything got broken and someone earned off it.
My suggestion, however, is to use Monero for payments, and not as a store of value.
Yep, anonymous right up until its use burns the world to the ground.
Monero transactions consume orders of magnitude less energy than Bitcoin’s thanks to an ASIC-resistant algorithm
deleted by creator
iOS is actually secure
Are you interested in a bridge?
Cool and who validates the code base for security vulnerability? And sends tons of packets related to tracking back to there servers?
the codebase itself? besides XNU, nobody… but, given the immense amount of scrutiny placed on the software, if there was some magic backdoor (an intentional one, anyway, not talking about like NSO group RCEs 'n shit), don’t you think we’d know?
the average person doesn’t even know what grapheneos is. if they’re either going to buy an iphone, or some generic android phone running a vendor kernel that hasn’t been patched this administration, i’d want them to buy the iphone.
There are massive backdoors, tho on android too. How do you think Pegasus works
wasn’t Pegasus attack vector sms how is it a OS issue if its a protocol its the same as saying Linux is insecure because xmpp had a vulnrabilty and allowed remote access
depends on the chain in question. some used iMessage as a way in, but (at least in the case i’m thinking of rn) it was only used to trigger an image parsing bug. in others, sms was used to trick someone into clicking a link, exploiting a bug in JavaScriptCore.
moi: “not talking about like NSO group RCEs 'n shit”
tu: “how do you think pegasus works”
you could have at least picked a different cyberwarfare company…
by that logic, every OS under the sun has massive backdoors. bugs exist, man. my point was that for the average person, a fully-patched ithing is going to be among the more secure options.
Yes and no. It’s certainly better than stock android. You won’t find anyone who says otherwise. But it creates unnecessary dependancies on apple’s ecosystem and Apple can’t be trusted. Nothing with shareholders can be trusted. Apple might be an ally today but they are a US based-company operating within the confines of what the US will let it do.
All their cloud services are pretty poorly protected too. Every year or so me and my friends will find Chinese gibberish entries in our calendars that link to phishing sites. These get cleaned up eventually but it proves that Apple is lying about not being able to access your shit.
I’m planning my exodus from the Apple ecosystem and looking at grapheneOS but I’m still in the skeptic stage. I have lots of cloud decoupling to do and my self hosting ambitions are big so at the moment my iPhone isnt the biggest priority to change out.
But I absolutely do not trust it.
Grapheneos is surely better privacy and security wise
deleted by creator
Not by default.
it maybe secure. Sending your privacy information securely to the server and sharing with ad companies
proton VPN
lol. lmao, even.
deleted by creator
proton has already shared user details with authorities.
deleted by creator
except they shared the IP address of an account even though they state “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.” on their homepage
It’s right there in your copy-paste my dude, “BY DEFAULT”.
The jackass(es) who actually was at risk went the extra step to enable IP address logging, which means that when Proton had to comply with a lawful court order, they actually had data to give.
Proton is a company like any other that has to comply with laws in the country they operate in, but unlike a lot of other companies, they don’t log data UNLESS YOU ASK THEM TO.
Moral of the story is, like has oft been repeated, know your threat model and plan appropriately.
deleted by creator
deleted by creator
deleted by creator
What anubis has to do with privacy or security?
For starters, it’s open source. And I’m not too into the details, but the creator of Anubis even mentioned that they were interested in creating a non-javascript version for privacy.
Google’s reCaptcha, to which Anubis is being compared to by OP, is obviously far less private. It’s just another mechanism of control and data harvesting for Google. One of the ways that they determine if you’re malicious/human or not is to check if you have a Google cookie in your browser and are signed in. Not to mention fingerprinting (hardware and software info), browsing data, AI training ironically enough (the fucking streetlights), etc etc.
Anubis is relevant here because it is more private, among other things.
AI Datasets are a huge privacy breach once they start spilling them up
ig it’s a counterpart to recaptcha which is in the left panel
Nothing, op confused anti AI with anti tracking.
It is though, there’s a reason Mullvad added DAITA into its protocol.
It stops bots from crawling your sites.
Yes, this was the intention. It helps protect your website’s data by slowing down web scrapers.
But you do know that Tor/VPN is not really privacy, nor security? It hides your IP, but that’s about it. If you still login, and give any information, and that could just be your “fingerprint” you are not anonymous…
Encryption is a type of security, and Tor/VPNs encrypt your traffic. Accessing .onion sites over Tor is (at least in theory) more secure than accessing clearnet sites.
In theory - but it’s still primarily your IP you are hiding. And very few people only visits -onion pages…
Hopefully you don’t log in or give personal info to every website you use. Hiding your IP is still more private than not hiding it.
Do you know what your fingerprint is? And all the ways you are being tracked that is not about your IP?
You do give personal info to every website you visit - with the exception of a very few, who respect your privacy. If you think you need to log in, to give personal info, then you are sadly misinformed.
Yep, I do know those things. There are other tools for that. Tor is still useful for doing what it does.
VPNs know who you are and what websites you visit, so no privacy nor anonymity there. With Tor… It’s complicated. That’s why we have guides like this: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec.
Only a few take their privacy serious. They, sadly, believe in the ethics of the Tech giants…
I2P is king here but it has a limitation that makes it stronger but less practical. I2P doesn’t generally do outproxies. A few exist but they typically aren’t trusted or used. Instead, I2P tries to keep private by only routing around traffic the originated within its own network rather than piping things from clearnet from one place to another. An issue with arrives that do that is you can see traffic from a honey pot going into a black box and with enough monitoring where it ends up leaving that black box. It’s very difficult to track traffic flow within the network but once it jumps back into clear net you can find it again.
Now while you can argue that it doesn’t come out on clearnet, just originates from there, I counter that with Microsoft Windows telemetry, it might as well be clearnet. Windows is the dominant player at the moment so it’s most likely the traffic ends up on a windows machine. There are really benefits behind the telemetry date but they also means there’s a single point an authoritarian regime can apply pressure to to monitor whatever they want. With advances in AI, chewing through tons of collected data is much easier to do, so the idea of “they can’t stop all of us” is ridiculous. They will just pick off the undesirables in smaller chunks.
Ultimately nothing is completely safe but if you really value privacy, make yourself such an enormous pain in the ass that monitoring you becomes a chore.
The hardest online privacy is not operating in a way that just links all your “private” activity because you logged in around enough places to link them together and at least one place somewhere can be linked to your real identity
![[OC] What People Think Privacy/Security Is](https://lemmy.ml/pictrs/image/30cec389-1586-4849-84ac-d8a9f4f0df5b.png){kind=link}