I have been working on simple solutions integrating quantum-resistant encryption and want to help anybody and everybody secure their data against all kinds of threats, no matter their technical savvy.

Was looking for feedback in this process and attempting to determine if a service/product would be preferred. If you're experienced in this field or interested in upgrading your file security, I would appreciate your time.

Thanks!

I’m a minor (15m) and have this online friend. We’ve gotten really close and I really trust them. They’ve acted like a real person and, after checking some other profiles they have, all their information (age) has matched up. I want to show him my face and he wants to show me his. I just get scared of scams and catfishing but I don’t think this is that

Do you think it’s okay?

Hello, I am a long time DDG App protection user. Recently I came to know about Rethink. It has so much features. I was wondering if it is worth the switch. What are the advantages and disadvantages. Does it block trackers like DDG. Most importantly is it safe to use on my device? Thanks

Sources: Rethink https://rethinkdns.com/app

DDG https://duckduckgo.com/duckduckgo-help-pages/p-app-tracking-protection/what-is-app-tracking-protection/

For several years I had my Facebook deactivated for privacy concerns and never missed it. However I recently opened a business and much of my target market is unfortunately on Facebook (and Instagram). Now, I’ve been out of the loop for years but it appears that Facebook won’t let you own a standalone business page without some kind of personal page. I grumbled and reactivated my facebook account so I could start my business page.

Now, I’m getting creepy targeted ads for a movie quote (that I’ve never seen or looked up online) that my relative only talked about to me about at our family Christmas gathering. I use only Firefox Focus browser to access Facebook and do not have any Meta (facebook, instagram or WhatsApp) apps on any of my devices. Two questions:

A) how is it possible that I’m getting specific targeted ads about the specific movie quote that my relative only mentioned verbally (a movie I’ve never seen before) at this family event? I never use Meta apps and only access from a “privacy” browser, and, B) is it possible for me to somehow have this business page and deactivate my personal account? This whole thing is so beyond creepy and has been a good reminder why I deactivated it for years before.

Two people logged into my Mozilla account off a breached password 4 hours ago. After discovering, I changed my password. What were they able to see, what did I lose?

this is part of my effort to prepare releasing my account to trusted ones in case if i'm gone.

I have most account applied with 2FA, there are mix of
= google authentication
= authy
= passkeys

if one day suddenly i die with my phone, how can my trusted people access my gain access to my phone 2FAs?

or is there a preparation to mitigate these type of event?

should i just open access for all of my 2FA to my trusted ones?

I've been using Aegis for a few months now and I love the app but I have two questions.

1. Are the secrets of the app stored only locally on my device? I currently have the Android cloud backup disabled and I manually do my backups to an USB flash drive.

2. Once I do a backup and if I want to import the vault to a new device, all I'll need is the Aegis password? I've actually enabled the option to have another password to manage exports and backups so I'm a little confused about which password i'll have to use in case I want to import the vault into another device.

Thanks.

My wife and I moved into a new house over the summer, and have been slowly furnishing and upgrading things. A self hosted surveillance system was on the to do list, but has not been completed yet. The doorbell aspect was important (especially to my wife) as our front door is in a sort of enclosed cubby, and you can’t see who is outside from the windows. Had one picked out and was going to buy it after New Years once work picked back up again.

Anyways, title. My in-laws saw the need and filled it themselves. Before this comes across as ungrateful, I love my in-laws. They took me in when I was younger and in a rough spot, and we have a phenomenal relationship. I just think they jumped the gun and wanted to help out. It’s honestly really thoughtful of them. My wife is happy with the gift as well. She’s aware of my concerns, but the doorbell we wanted was pretty expensive; so this gift does help out a ton.

I’m really torn up about it privacy wise. I’m not interested in installing a Ring product, much less making an account with them and paying a subscription. Any use case for this thing from a privacy standpoint? Can I “jailbreak” (for lack of a better term) as to not connect it to their services? Can it be made into a dumb camera? Any redeeming qualities whatsoever to this product? Are there members of this sub with Ring products? Thoughts?

@microsoftcopilot @microsoft365 @microsoftdeveloper When you say that Bing and Edge deprive privacy, do you talk about monitoring anonymous tabs and Windows folders that contain lists with hundreds of "partners" authorized for monitoring? or that when updating some privacy decisions accidentally change. Can I list the folders and partners? I can list this folders!

I jokingly signed up for a weird but legit website and after 10 minutes when I tried deleting my account, I couldn't and customer support hasn't responded in 3 days. Since then I've gone into a deep dive on privacy and data leaks and data brokers for using my real name and birthday when signing up. So how do I move forward? Do I just accept the fact that my name and birthday are in their possession forever and my account will always exist? Or do I keep trying to pester them or find a workaround?

Maybe I’m overthinking, but recently, Moonton, the game developer for Mobile Legends: Bang Bang, has been encouraging users to connect their WhatsApp accounts with them in exchange for a $5 cosmetic skin. Why?

Hi yall, flying for the holidays and checking in for a return flight to today, and saw that the airline has a request for additional personal information under the guise of "contact tracing"? There's no human way that the government is still doing any actual meaningful contact tracing whatsoever right? Certainly not if they're not even in the state of emergency anymore and have abandoned any and all other precautionary measures or recommendations for Covid. I also noted with interest that the initiative is supposedly a cooperation between the CDC and Customs and Border Patrol (CBP), although explanatory links to both orgs' info about the practice were dead or didn't have any relevant info. Anyone have thoughts on or experience with this?

Hello, I consistently shred papers that contain personal information as well as shipping labels. However, shipments increasingly come in plastic bags these days instead of cardboard boxes or paper envelopes. Trying to peel the labels from the plastic bags is difficult and time consuming (and a great way to separate your fingernails from the nail bed after many labels).

I have read other ideas on how to handle the labels on bags (eg, using a marker or heating the thermal label to obscure the information), but it seems to me that the easiest way would be the cut out the label/bag and shred it. However, none of my current shredders are good at shredding those, and they largely stay intact.

Is there a shredder that is effective at shredding labels attached to plastic shipping bags?

I tried to search for plastic shredders, but the results are mostly larger shredders that shred hard plastics.

Thank you

if someone had not previously taken any steps to increase privacy in their lives, what would be your top 5-10 first priorities/more basic steps to start increasing your privacy?

Hi,i have few things want to ask.

I want to make some videos and upload to youtube to make some money.Will youtube know where i am?And if they know,will they sell,expose?

I know that i need to connect my bank account to "google ads" for gain money

But there is a problem

The place i live is violated human right by time to time(things have been worse,is just become more worse than before)

The gov,they try to control everything we own,they want to know how much we have,sometimes they steal our land,money for their profit...I don't want they know how much i own,i need money to build my future.

Google or Alphabet,they will build a database in my country in the future and i think this is a bad news cuz the gov must have some access or authority to this database

I want to make aboard bank account(outside my country).Is there anyway to do?

Sorry for my english,i will try to improve it in the future,you can ask me anything if you don't understand what am i saying.And i know that i'm lack lots of knowledge and understanding for everything so please don't shy to tell me,it would help me alot.Thank you.

Please evaluate this method...

If you haven't installed custom/personal fonts on your system, then your font fingerprint will be generic enough for your system to not be unique. Installing one personal font is enough to make you unique. I haven't found any extensions (including the Firefox privacy.resistFingerprinting and Enhanced Privacy Protection = Strict mode) that work and some may cause errors in the javascript to make you stand-out.

So my solution is to simply not use the ~/.fonts directory for personal fonts. Create your own directory for them and the system will never know about them and therefore be seen by any application that you do not explicitly configure it to use. So, for Gimp, I can just add my special font directory. Other apps may not be configurable like that but I'll deal with that on a case-by-case basis.

Here is the script I used (created by ChatGPT) to test if my personal fonts are detectable:

(async function() {
    // Base fonts to test against (commonly available on all systems)
    const baseFonts = ["monospace", "sans-serif", "serif"];

    // Range of test fonts (you can use `fc-list` output to expand this list programmatically)
    const testFonts = [
        "Arial", "Verdana", "Times New Roman", "Georgia", "Courier New", "Comic Sans MS", "Trebuchet MS",
        "Impact", "Lucida Console", "Garamond", "Tahoma", "Palatino", "Brush Script MT", "PERSONAL-FONT"
    ];

    // Detected fonts will be stored here
    const detectedFonts = [];

    // Create a hidden iframe to isolate font rendering context
    const iframe = document.createElement('iframe');
    iframe.style.width = "1px";
    iframe.style.height = "1px";
    iframe.style.border = "none";
    document.body.appendChild(iframe);

    // Use the iframe's context to ensure isolation
    const doc = iframe.contentDocument || iframe.contentWindow.document;
    const canvas = doc.createElement('canvas');
    const ctx = canvas.getContext('2d');

    // Text for consistent font measurement
    const sampleText = "abcdefghijklmnopqrstuvwxyz0123456789";

    // Pre-compute the width of each base font
    const baseWidths = {};
    baseFonts.forEach(baseFont => {
        ctx.font = `16px ${baseFont}`;
        baseWidths[baseFont] = ctx.measureText(sampleText).width;
    });

    // Function to test if a font is different from the base fonts
    function detectFont(font) {
        for (let baseFont of baseFonts) {
            ctx.font = `16px ${font}, ${baseFont}`;
            const testWidth = ctx.measureText(sampleText).width;
            if (testWidth !== baseWidths[baseFont]) {
                return true; // Font detected
            }
        }
        return false; // Font not detected
    }

    // Detect fonts
    testFonts.forEach(font => {
        if (detectFont(font)) {
            detectedFonts.push(font);
        }
    });

    // Clean up the iframe to avoid leaving artifacts on the page
    document.body.removeChild(iframe);

    // Output the results
    console.log("Detected Fonts:", detectedFonts);
})();

Can also use the amiunique site to test how many fonts it detected. Please critique this method.

Update

Some packages/apps may not have installed fonts in the home .fonts dir, so check your system fonts folder to see if any packages installed links to their font directories. Either uninstall the packages or move the font dirs if the app allows that. If you can't move them, then you may be able to disable them temporarily while you aren't using them, such as with Fonts Management in Fedora.

Update

I also installed a VM for my OS to get the default system fonts and setup my system to match it. A font directory can be quickly disabled by renaming it with a leading dot, ".". Then call "fc-cache -fv" to refresh the font cache. No FF browser restart required.

It’s usually just for fun, asking for fake reviews on my fanfics and then laughing at them. But a year of two ago, I’d sometimes vent on there about my family. I was 17 and couldn’t find anyone else to talk to. Stupid idea, sure. Even now, if I use it enough that it blocks me from further use like a week in and then I have to sign up, I’ll just delete it and redownload it. My question is, does data have a name to put it to if you never signed up?

Thank you for reading.

Hi. So a few years ago when I was stupid and had no concept of cyber security. I used my personal email to create a Reddit account (not this one) which I can’t stop using for various reasons. Anyway, I posted a couple of embarrassing things because again, I was stupid. About a year ago, I wised up a bit, deleted the posts, and went into old Reddit to take my email off. I did find the posts on the way back machine. I’m wondering if it would be better to delete the account altogether to get as much distance from it and my personal email as possible, or if it would be better to maintain control over it.

I wasn't sure what would be the correct sub for me to ask this question in, so if this isn't the proper place please link to me the proper sub.

I have some questions about my IP address. Basically I'm searching for a way to change the IP address of my network, so I sent a message to my internet provider, asking if they can change it for me. They said the easiest way to do it is to reset the router and optical adapter by unplugging them and putting them back on, adding that I "would still have IPv6 regardless". As far as I know, IPv4 and IPv6 can exist at the same time but used in different places online. Please correct me if I'm wrong, though, because I'm not very knowledgeable on this stuff. Anyway, based on what I said, I don't understand what they meant by saying I would still have IPv6 even if the IP address changed. Shouldn't that be obvious, and how was that relevant with my request? Also, is it true that the IP address can just be changed by doing a reset of this kind? I visited the site whatismyipaddress afterwards and some numbers seemed to be different, both in my IPv4 and IPv6 addresses.

I actually made the same request to my internet provider some months ago and that time they said my request had been fulfilled after they "changed some settings". Considering the latest response I received, it is possible that all they did the previous time was reset the router like they suggested me to do now? I'm confused, if anybody can explain to me how this all works it'd be very helpful. In the case they are wrong about the IP address changing by just plugging off the router, what could I do to change it besides using a VPN? Again, sorry if this post contains inaccuracies because I'm not the most tech savvy person out there.

I was using chat GPT to create a story. It was a spin-off of what happened with Taylor Wilson, the kid who created a nuclear reactor in his garage. I got it to create the first part of a story. It was just for fun, something to entertain me. However when I tried to respond to the story I got error codes. Has anyone else got an error codes specifically after asking it strange questions?

I am sorry it's this is not fitting to your group, but I am new to Reddit, and don't really know how to use it.

I recently noticed something strange in the app permissions on my phone. One of my apps (CapCut) shows that it accessed “Photos and videos” within the last 24 hours, even though I haven’t opened or used the app in that period. This has me concerned about my privacy.

I gave the app permission to access my photos and videos when I installed it because it’s needed for editing. However, I’m now worried that it might have accessed files I never actually used in the app. I don’t have a CapCut account and didn’t upload anything to their cloud services or servers—everything was saved locally.

Does this mean the app could have collected my private photos or videos without my knowledge? Or is there a legitimate explanation for this kind of background access?

For context:

• I’ve since deleted the app because I was uncomfortable.

• I didn’t actively share or upload any files.

• I know apps sometimes use permissions in the background for things like indexing or generating thumbnails, but I’m not sure if that’s the case here.

Should I be worried about my privacy? And is there any way to confirm if my private files were accessed or shared?

Hi,

I recently discovered Rclone crypt, and I plan on using it for my daily online cloud drive now. I have took a Shadow Drive subscription, which provides me with 2TB for 50€/year. Shadow Drive supports WebDAV, so I have set rclone on my PC with rClone crypt.

On my Android phone, I use RoundSync which is both a client for cloud drive and rclone and supports crypt which is wonderful.

But now I would still like to get a web app, in case I need to access a file on someone else's device, it can save me in case of emergencies. But as everything is encrypted on Shadow Drive, I can't do anything with their web app.

I have a linux server, with docker, that I use mainly for Jellyfin. I thought about Nextcloud, that I never used yet. I wonder if I could host a Nextcloud, not for local files but for files on my encrypted ShadowDrive through rclone. But I don't know what is the best way to do that. The main problem is that I want to avoid as much as possible to take space on my server's disk, when a file is retrieved by rClone and then served to me via Nextcloud. My questions are the following:

1. Is there a better solution than Nextcloud + rclone to have a web access to my encrypted ShadowDrive ?
2. What is the best way to set it up ? Is there ready to use Docker container images with Nextcloud tailored for rclone ?
3. How to manage the link between rclone and Nextcloud to take as less space as possible ?

Thanks in advance for any help, have a nice day

What modern router do you recomend? I would like something with stronger security/privacy options.

I am focusing solely on facial recognition, since many shops and countries utilize it daily. I understand that I can still be recognized through other characteristics, such as my walking style and the clothes I wear.

My thoughts were to find a highly IR-reflective mask, and glasses. Or make a hoodie with a few powerful IR LED's, cuz cameras would easily adjust small ones.