• TheAnonymouseJoker@lemmy.ml
    link
    fedilink
    arrow-up
    19
    arrow-down
    4
    ·
    edit-2
    4 years ago

    I might be late to the party, but I think I can point out some crucial things here.

    They recommend a billion other bad things, like most VPNs that either track you by lying about policies, or have been hacked in the past. Privacy may be a gradient, but it is not a partial or full thing.

    I was apparently silenced on r/privacytoolsio when I enquired about this page deployment: https://old.reddit.com/r/privacytoolsIO/comments/frz365/privacytools_delists_the_great_cloudwall/fm08anu/?context=10000

    Digdeeper, a friend of mine lists more things. https://digdeeper.neocities.org/ghost/fake_initiatives.html#ptio

    I do not know why I typed all this. Nonetheless maybe it can help.

    • Coder@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      4 years ago

      AirVPN and NordVPN might not be good choices for privacy, just geoblock bypassing. The only handful VPN choices good would be Mullvad, Riseup, Disroot, Snopyta and 1-2 others I forgot.

      What do you mean ?
      Disroot and Snopyta don’t have VPNs, do they ?

  • nutomic@lemmy.ml
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    4 years ago

    I dont think a 10 word passphrase for Keepass is necessary. Just 4 or 5 words already give plenty of entropy (assuming they were chosen randomly from a long enough list). Even better if you take words from different languages.

    • Dreeg Ocedam@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 years ago

      Here is another solution:

      • generate a full random 12 char password, write it down on a piece of paper that you keep safe
      • after a week or two of unlocking the password manager with it everyday you should be able to remember it
      • burn the paper, and you have the safest setup you can ever have.
    • sia@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 years ago

      Yeah I already type that shit ten times a day, I won’t make it use double the time I already waste 😃

  • k_o_t@lemmy.mlM
    link
    fedilink
    arrow-up
    8
    ·
    4 years ago

    wasn’t startpage bought by system1 (some weird mix between data analytics and advertising agency) 🤔?

    • Dessalines@lemmy.mlOP
      link
      fedilink
      arrow-up
      11
      ·
      4 years ago

      Hrm I think it was… I haven’t kept up to date on it tho. duckduckgo has lots of problems too iirc. Basically searx is the only good one privacy-wise and its barely functional imo.

      • k_o_t@lemmy.mlM
        link
        fedilink
        arrow-up
        6
        ·
        4 years ago

        yup, unfortunately the search engine niche is in bad shape to say the least: duckduckgo has gaslighted everyone into believing they are private and even bullied the tor devs to use as default search engine somehow lol

        • ghost_laptop@lemmy.ml
          link
          fedilink
          arrow-up
          5
          ·
          4 years ago

          There’s also Infinity Search which is completely libre, it’s based in the USA, but I think it’s a start and it’s way better than the rest of the competitors and more functional than Searx IMO, it has some usability issues but they aren’t that big of a deal.

    • Kamui@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      4 years ago

      You know, I coulda also sworn I read that it was started in the US (New York)… but now it says it is the main branch is in the Netherlands. I do still use it ocassionally though.

    • kitsunekun@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      4 years ago

      I was using startpage for a while but when using Vpn and searching a lot with it, it suddenly stops working and asks you to fill out a form explaining what you were searching for lmao with your email attached to it or something like that. Given that I wasn’t even looking for anything remotely illegal, I dumped them after the incident.

  • dengismceo@lemmy.ml
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    4 years ago

    dess you recommend protonvpn but like… protonmail takes money from gives money to CIA-backed orgs & talks about “freeing” hong kong…

    also what about git hosting? i see this is on github pages (which is mad convenient, no doubt) but is there a hosting provider you recommend?

    *edited to fix misinformation

    • Dessalines@lemmy.mlOP
      link
      fedilink
      arrow-up
      8
      ·
      4 years ago

      I didn’t know that abt proton, I’ll remove. I use mullvad myself.

      For code hosting, codeberg.org seems okay, I have all my repos mirrored there. Otherwise self-hosted gitea. I don’t have a good recommend for a VPS, except for maybe OVH.

      I’ll add this stuff.

          • ksynwa@lemmy.ml
            link
            fedilink
            arrow-up
            4
            ·
            4 years ago

            I have set up a wireguard tunnel on my VPS (german so I can’t use it for torrents) and it works very well. Way better than openvpn,

      • dengismceo@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        4 years ago

        cool, thank you for the recommends! and i love your essays, btw. i think you do a really good job of summarizing socialist ideas in a way that is easily accessible.

      • Nevar@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        4 years ago

        Mullvad (Sweden) and AirVPN (Italy) seem to be the best for respecting privacy from my research. The AirVPN guys are a bit dogmatic though.

      • abbenm@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        4 years ago

        I didn’t know that abt proton,

        Wait, what? Didn’t know what about Proton? I don’t see that there is anything in that wall of text that established any harm from Proton.

        I think people are just seeing a big wall of text and being overwhelmed by it, and concluding that it must prove somethingorother. But I did my best to squint and read through line by line, word by word, argument by argument, and either I’m just a crazy person or there’s no real concrete connection to the CIA, no anti-privacy behaviors alleged, no anti-competitive practices claimed. There’s a lot of hand waiving and speculation related to CRV and MIT, which is quite intangible and several degrees removed from any direct thing Protonmail is doing.

        Contrast that with, say, Google: you can look at their privacy policy or an article about them disabling adblocking extensions, and know immediately that Google is up to shady stuff. None of it depends on speculating about their associations with second or third parties which may or may not be doing something that isn’t proven.

        Where are people seeing any proof of wrongdoing on Protonmail’s part? I feel like I’m either crazy or I’m the only one here that read through the whole wall of text.

        • dengismceo@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          4 years ago

          dess’ comment wasn’t a response to the long comment but response to my first comment, where i had originally said this:

          dess you recommend protonvpn but like… protonmail takes money from CIA-backed orgs & talks about “freeing” hong kong…

          and then realized i had mixed something up so i commented this:

          i’m sorry – i mixed up two facts. it is protonmail who monetarily (and publicly) supports CIA-backed orgs, not the other way around (afaik).

          and edited my first comment accordingly.

          dess had responded prior to my edit, but i suspect knowing political leanings, proton would not be recommended regardless. i’m happy to be corrected. @[email protected]

    • SnowCode@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      4 years ago

      I don’t know anything about the protests in honk kong, why is it a problem? (it’s a real question, not a troll)

      • dengismceo@lemmy.ml
        link
        fedilink
        arrow-up
        4
        arrow-down
        3
        ·
        4 years ago

        the protests are a color revolution. it is very clear when you look at who the protesters support & where their funding comes from. hong kong is has already been freed - it is no longer a colony of britain.

      • dengismceo@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        4 years ago

        i’m sorry – i mixed up two facts. it is protonmail who monetarily (and publicly) supports CIA-backed orgs, not the other way around (afaik). protonmail does have a big US backer but i forget who it is so i will do some digging (and fix my original post) sorry again!!

        • abbenm@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          4 years ago

          That link doesn’t have anything to do with funding though, right? And “Silicon Valley” is extremely vague, exponentially so when you attach the claim of connections to intelligence services. You’re not necessarily wrong, but to me this is way too vague to establish anything.

          • kitsunekun@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            2
            ·
            4 years ago

            You sound like a shill for ProtonMail. Are they paying you for each post you make in their defense? As all things in life, nothing speaks louder than the people who sponsor you and sustain your operation, and when it comes to that, ProtonMail is highly suspicious, even if there are no clear indicators that they are compromised. Given the evidence provided you should, at the very least, be a bit skeptical of their operation. Unless, of course, you are shilling for them here, or benefit in other way or form by making people believe that they are legitimate.

      • dengismceo@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        4 years ago

        Certainly some of their funding comes from paid memberships. Beyond that, here is what my (not remotely extensive) research found:

        In 2014 ProtonMail is listed as a Boston finalist for MassChallenge, (the same MassChallenge Boston who runs a US Air Force Lab), through whose programs start-ups

        participate in a four-month, industry-agnostic accelerator where they receive:

        • Hands-on support from top mentors and experts
        • Free co-working space
        • Access to MassChallenge’s unrivalled network of corporate partners
        • Tailored workshops and office hours
        • The opportunity to win a portion of more than $2M in cash prize

        I am unsure if the MassChallenge application resulted in a grant, though there are finance sites that suggest it did.

        Also in 2014, they raised $550,377 from backers on IndieGoGo In their campaign they said this:

        We firmly believe that ProtonMail can only succeed in its mission if it remains independent. By raising money through crowd funding, we can ensure that our first and only priority is protecting the privacy of our users.

        There are certain powerful governments and corporations out there who are in the business of controlling and exploiting personal data that will try to hinder us. If we want to live in a future where privacy on the internet is respected, we must stand together now and fight for those rights. With your support, we can make this brighter future a reality.

        And yet…

        They took 2 Million USD from venture capitalists at Charles River Ventures (CRV) and from FONGIT, described by ProtonMail as “a foundation supporting innovation on behalf of the State of Geneva and the Swiss Federal government”. The head of ProtonMail’s Advisory Board also serves as Director of FONGIT.

        There have been people who claim to connect CRV to In-Q-Tel, the venture capital arm of the CIA, but my (very brief) research only came up with a loose connection through an employee. I did, however, find out an unrelated piece of information I would not have otherwise: In-Q-Tel lists GitLab in their portfolio. There is another (stronger) connection to the US government through CRV; a partner was appointed by Obama in 2012 to represent the US at the UN General Assembly.

        It is also of note that Protonmail is advised by the MIT Venture Mentoring Service which is exclusively for the MIT community. I mention this because Protonmail has scrubbed much of the MIT influence, presumably because they think it will harm their business. This is the “about” now:

        ProtonMail was founded in 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Since then, ProtonMail has evolved into a global effort to protect civil liberties and build a more secure Internet, with team members also hailing from Caltech, Harvard, ETH Zurich and many other research institutions.

        And this was that same page in 2014:

        ProtonMail was founded in summer 2013 at CERN by scientists who were drawn together by a shared vision of a more secure and private Internet

        ProtonMail is developed both at CERN and MIT and is headquartered in Geneva, Switzerland. We were semifinalists in 2014 MIT 100K startup launch competition and are advised by the MIT Venture Mentoring Service

        • abbenm@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          4 years ago

          Okay, a lot of information that helps me know more detail about various relationships Protonmail has had for fundraising.

          But in terms of having any clear takeaways, this is kind of a mess. IT sounds like the connections to CIA are largely speculative, derived from possible connections of CRV and MIT, right?

          • dengismceo@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            4 years ago

            that is correct.

            my biggest takeaway from the search was the venture capital funding. not because i think it means 3 letter agencies are involved (which i don’t, to be clear) but because i think it compromises being committed to the best interest of their users. also on a personal level i hate that they crowdfunded with the promise they were going to remain independent and then broke that promise. it feels really slimey. how can one trust their word that they won’t break more promises in the interest of $$$?

            • abbenm@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              4 years ago

              There’s a huge huge elephant in the room here, which I feel like nobody is talking about. And it has to do with how scatterbrained, speculative, and disconnected all of these details are, and how far short they are of establishing, like really establishing anything at all. If you ask me why I shouldn’t use Amazon, I can immediately point you to an article about anti-competitive practices. Same with Google Chrome, I can instantly point you to some article about how they’re pulling adblock extensions from the chrome store or how they’re misbehaving at the W3C. It’s a straight shot to a clearly expressed problem with no speculation needed.

              Normally, in everyday life, if I’m in a room with people I know, I could explain something like what I just said above and people would instantly know what I mean. But in internet comment sections, people appear to be completely unable to distinguish between speculative and concrete allegations of harm.

              • dengismceo@lemmy.ml
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                4 years ago

                i don’t disagree. i only mentioned the CIA connection because if you look it up, you will find claims. hell, you can find a bunch of claims in this very thread. it is unsurprising, as any US involvement in a privacy project makes people skeptical.

                facts (that can be verified on protonmail’s own website):

                • proton received the funds i listed (crowdfunding, EU grants, CRV, FONGIT, possibly additional grants)
                • they had teams both in the US + switzerland
                • they receive counsel from MIT
                • they have openly promoted orgs who have concrete connections to the CIA

                that last point is why some think they are compromised. especially because they are always on the side of the CIA. even though they claim they fight for “freedom of speech everywhere” somehow that has not included censorship which is not advantageous to the US gov’t

                i will never pay for protonmail’s services because i refuse to give money to an organisation that supports CIA-backed causes. as someone who cares deeply about others, proton’s support to me is what google pulling adblock is to you.

    • TheAnonymouseJoker@lemmy.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      2
      ·
      4 years ago

      ProtonMail is a commonly acceptable email provider, and for normies it might be good to use. That said, it does a lot of privacy posing and certainly does not make you immune to 14 Eyes spooks as the email header is unencrypted on transit, and you cannot use your own PGP keys properly.

      P.S. People who believe UK-USA funded HK insurrection was a protest are scared of being cancelled for criticising mainstream propaganda and/or keep their mouths shut about the past 20 years of MEA stuff. I can see this from India, though I get called “a certain party” shill for it.

    • Dreeg Ocedam@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      4 years ago

      I just noticed that it is possible to go back and forward with by sliding on the spacebar !

      So this is no by far my favourite keyboard!

      • Dessalines@lemmy.mlOP
        link
        fedilink
        arrow-up
        5
        ·
        4 years ago

        I used anysoftkeyboard for the longest time, but switched to openboard after like 5 minutes of using it, the auto-correct works really well, just no swipe.

  • ReK2@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    4 years ago

    was going to fork and do a spanish translation and add some libre apps I use for terminal but is on github… one will think at least they will use gitlab or gitea etc. :(

  • Nevar@lemmy.ml
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    4 years ago

    Some solid recommendations here, a lot overlaps with my own research. Good to know I’m on the right path.

  • rafael@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    2
    ·
    4 years ago

    This is amazing! Thank you! (I love Lemmy btw <3) I’m just wondering about github, as mentioned by @[email protected]. I love github, but the idea of foss code being hosted by Microsoft is weird… I’m gonna give gitea a try, but how do you think gitlab compares to github?

  • onlooker@lemmy.ml
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    4 years ago

    Man, whoever this Dess guy is, it looks like he knows what he’s talking about.

    EDIT: I suppose an /s is in order.