@TheAnonymouseJoker
18
edit-2
4M

I might be late to the party, but I think I can point out some crucial things here.

They recommend a billion other bad things, like most VPNs that either track you by lying about policies, or have been hacked in the past. Privacy may be a gradient, but it is not a partial or full thing.

I was apparently silenced on r/privacytoolsio when I enquired about this page deployment: https://old.reddit.com/r/privacytoolsIO/comments/frz365/privacytools_delists_the_great_cloudwall/fm08anu/?context=10000

Digdeeper, a friend of mine lists more things. https://digdeeper.neocities.org/ghost/fake_initiatives.html#ptio

I do not know why I typed all this. Nonetheless maybe it can help.

@Coder
14M

AirVPN and NordVPN might not be good choices for privacy, just geoblock bypassing. The only handful VPN choices good would be Mullvad, Riseup, Disroot, Snopyta and 1-2 others I forgot.

What do you mean ?
Disroot and Snopyta don’t have VPNs, do they ?

@TheAnonymouseJoker
2
edit-2
4M

Seems Disroot and Snopyta no longer have VPNs. Editing it out. Thanks for alerting me.

@nutomic
admin
9
edit-2
4M

I dont think a 10 word passphrase for Keepass is necessary. Just 4 or 5 words already give plenty of entropy (assuming they were chosen randomly from a long enough list). Even better if you take words from different languages.

Here is another solution:

  • generate a full random 12 char password, write it down on a piece of paper that you keep safe
  • after a week or two of unlocking the password manager with it everyday you should be able to remember it
  • burn the paper, and you have the safest setup you can ever have.
@sia
2
edit-2
3M

deleted by creator

@dengismceo
24M

yup. 12 characters is too few

@sia
3
edit-2
3M

deleted by creator

@k_o_t
mod
admin
84M

wasn’t startpage bought by system1 (some weird mix between data analytics and advertising agency) 🤔?

Dessalines
admin
creator
114M

Hrm I think it was… I haven’t kept up to date on it tho. duckduckgo has lots of problems too iirc. Basically searx is the only good one privacy-wise and its barely functional imo.

@k_o_t
mod
admin
64M

yup, unfortunately the search engine niche is in bad shape to say the least: duckduckgo has gaslighted everyone into believing they are private and even bullied the tor devs to use as default search engine somehow lol

There’s also Infinity Search which is completely libre, it’s based in the USA, but I think it’s a start and it’s way better than the rest of the competitors and more functional than Searx IMO, it has some usability issues but they aren’t that big of a deal.

@k_o_t
mod
admin
34M

interesting, thanks, i’ll definitely check it out

@Nevar
3
edit-2
4M

It was. Its parent company is based in Florida.

@Echedenyan
34M

You could test MetaGer.

@kitsunekun
24M

What’s the issue with duckduckgo? Care to share? Thanks

Dessalines
admin
creator
34M
@kitsunekun
24M

yeah wow that’s awful stuff. Been using Qwant a lot more recently, any takes on it?

Dessalines
admin
creator
24M

Not sure, haven’t read anything on it yet.

@Kamui
34M

You know, I coulda also sworn I read that it was started in the US (New York)… but now it says it is the main branch is in the Netherlands. I do still use it ocassionally though.

@kitsunekun
14M

I was using startpage for a while but when using Vpn and searching a lot with it, it suddenly stops working and asks you to fill out a form explaining what you were searching for lmao with your email attached to it or something like that. Given that I wasn’t even looking for anything remotely illegal, I dumped them after the incident.

@tracyspcy
7
edit-2
4M

why there is no tutanota in your list? Do you know something compromising it? upd: tutanota is among recommended by https://www.privacytools.io/providers/email/

Dessalines
admin
creator
84M

I don’t have any email providers in there, seems kinda risky because nearly every one after a few years seems to get compromised. Email wasn’t really designed with encryption in mind like all of these new comms platforms like matrix.

@Echedenyan
44M

Tutanota, anyways, is propietary in server side.

@kitsunekun
14M

Tutanota is very trustworthy in my opinion. Many people in the dark web use it as their to-go email service there (I learned this while searching for places to buy THC online).

@Echedenyan
14M

I don’t understand how being used makes it better.

I would prefer to recommend Riseup or even Disroot instead.

@mrmanman
14M

What about Posteo?

@Echedenyan
2
edit-2
4M

They promote to use clean energies but as far I know, their services are provided with propietary software or it is mostly unknown.

Edited: At least in their e-mail service they promote to be fully open source, the only issue is that they references to the client side later when referencing js licenses which makes it a bit sad.

I didn’t see any other mention to FLOSS.

@onlooker
14M

I don’t know about Riseup. After what happened in 2016 (click), I’ve been kind of wary of them.

@tracyspcy
14M

you know, after reading several posts on c/privacy I have such an impression that one can trust nothing: either closed-source servers or OTF funding or wrong location :)

@Echedenyan
34M

And it is right but you can still choose the lower bad thing and even try to obtain that ideal step by step.

@tracyspcy
24M

one of currently popular/active posts regarding funding of privacy oriented tools staggered me. I have never heard of OTF and BBG before and was really surprised that briar got funding 3! times from them. What do you personally think, is this fact corrupts briar itself?

@mrmanman
2
edit-2
4M

Never trust - verify. And services that depend on proprietary server-side solutions are not verifiable. You can’t verify that they run the code on their servers - not even if the code is openly available. That’s why people self-host.

Just tried OpenBoard and I love it. I used Anysoft Keayboard before but the spell checking was a disaster.The only thing I will miss is the ability to have buttons to go back and forward one character:

Screenshot showing the buttons

I just noticed that it is possible to go back and forward with by sliding on the spacebar !

So this is no by far my favourite keyboard!

Dessalines
admin
creator
54M

I used anysoftkeyboard for the longest time, but switched to openboard after like 5 minutes of using it, the auto-correct works really well, just no swipe.

yeah I’m using anysoft right now and I mainly use it for the swipe, though without good autocorrect it isn’t as useful as gboard swipe was.

That sums up my experience pretty well!

Absolutely love it!

Any idea how we can get an option to search gifs?

@dengismceo
6
edit-2
4M

dess you recommend protonvpn but like… protonmail takes money from gives money to CIA-backed orgs & talks about “freeing” hong kong…

also what about git hosting? i see this is on github pages (which is mad convenient, no doubt) but is there a hosting provider you recommend?

*edited to fix misinformation

Dessalines
admin
creator
84M

I didn’t know that abt proton, I’ll remove. I use mullvad myself.

For code hosting, codeberg.org seems okay, I have all my repos mirrored there. Otherwise self-hosted gitea. I don’t have a good recommend for a VPS, except for maybe OVH.

I’ll add this stuff.

Mullvad has been pretty good so far!

Dessalines
admin
creator
54M

wireguard is wonderful for phone battery life too.

@ksynwa
44M

I have set up a wireguard tunnel on my VPS (german so I can’t use it for torrents) and it works very well. Way better than openvpn,

@dengismceo
44M

cool, thank you for the recommends! and i love your essays, btw. i think you do a really good job of summarizing socialist ideas in a way that is easily accessible.

Dessalines
admin
creator
34M

Thank :heart suit:

@Nevar
34M

Mullvad (Sweden) and AirVPN (Italy) seem to be the best for respecting privacy from my research. The AirVPN guys are a bit dogmatic though.

@abbenm
1
edit-2
4M

I didn’t know that abt proton,

Wait, what? Didn’t know what about Proton? I don’t see that there is anything in that wall of text that established any harm from Proton.

I think people are just seeing a big wall of text and being overwhelmed by it, and concluding that it must prove somethingorother. But I did my best to squint and read through line by line, word by word, argument by argument, and either I’m just a crazy person or there’s no real concrete connection to the CIA, no anti-privacy behaviors alleged, no anti-competitive practices claimed. There’s a lot of hand waiving and speculation related to CRV and MIT, which is quite intangible and several degrees removed from any direct thing Protonmail is doing.

Contrast that with, say, Google: you can look at their privacy policy or an article about them disabling adblocking extensions, and know immediately that Google is up to shady stuff. None of it depends on speculating about their associations with second or third parties which may or may not be doing something that isn’t proven.

Where are people seeing any proof of wrongdoing on Protonmail’s part? I feel like I’m either crazy or I’m the only one here that read through the whole wall of text.

@dengismceo
14M

dess’ comment wasn’t a response to the long comment but response to my first comment, where i had originally said this:

dess you recommend protonvpn but like… protonmail takes money from CIA-backed orgs & talks about “freeing” hong kong…

and then realized i had mixed something up so i commented this:

i’m sorry – i mixed up two facts. it is protonmail who monetarily (and publicly) supports CIA-backed orgs, not the other way around (afaik).

and edited my first comment accordingly.

dess had responded prior to my edit, but i suspect knowing political leanings, proton would not be recommended regardless. i’m happy to be corrected. @dessalines@lemmy.ml

@abbenm
54M

any more info on where protonmail gets their money?

@dengismceo
34M

i’m sorry – i mixed up two facts. it is protonmail who monetarily (and publicly) supports CIA-backed orgs, not the other way around (afaik). protonmail does have a big US backer but i forget who it is so i will do some digging (and fix my original post) sorry again!!

@kitsunekun
34M

Protonmail is a little sketch, too. Much of their funding comes from Silicon Valley, and they, in turn, are all in bed with the intelligence services. When it comes to Protonmail, it does sound too good to be true, but they may be the real deal. See: https://www.ic3.gov/Media/Y2021/PSA210115

@abbenm
1
edit-2
4M

That link doesn’t have anything to do with funding though, right? And “Silicon Valley” is extremely vague, exponentially so when you attach the claim of connections to intelligence services. You’re not necessarily wrong, but to me this is way too vague to establish anything.

You sound like a shill for ProtonMail. Are they paying you for each post you make in their defense? As all things in life, nothing speaks louder than the people who sponsor you and sustain your operation, and when it comes to that, ProtonMail is highly suspicious, even if there are no clear indicators that they are compromised. Given the evidence provided you should, at the very least, be a bit skeptical of their operation. Unless, of course, you are shilling for them here, or benefit in other way or form by making people believe that they are legitimate.

@dengismceo
24M

Certainly some of their funding comes from paid memberships. Beyond that, here is what my (not remotely extensive) research found:

In 2014 ProtonMail is listed as a Boston finalist for MassChallenge, (the same MassChallenge Boston who runs a US Air Force Lab), through whose programs start-ups

participate in a four-month, industry-agnostic accelerator where they receive:

  • Hands-on support from top mentors and experts
  • Free co-working space
  • Access to MassChallenge’s unrivalled network of corporate partners
  • Tailored workshops and office hours
  • The opportunity to win a portion of more than $2M in cash prize

I am unsure if the MassChallenge application resulted in a grant, though there are finance sites that suggest it did.

Also in 2014, they raised $550,377 from backers on IndieGoGo In their campaign they said this:

We firmly believe that ProtonMail can only succeed in its mission if it remains independent. By raising money through crowd funding, we can ensure that our first and only priority is protecting the privacy of our users.

There are certain powerful governments and corporations out there who are in the business of controlling and exploiting personal data that will try to hinder us. If we want to live in a future where privacy on the internet is respected, we must stand together now and fight for those rights. With your support, we can make this brighter future a reality.

And yet…

They took 2 Million USD from venture capitalists at Charles River Ventures (CRV) and from FONGIT, described by ProtonMail as “a foundation supporting innovation on behalf of the State of Geneva and the Swiss Federal government”. The head of ProtonMail’s Advisory Board also serves as Director of FONGIT.

There have been people who claim to connect CRV to In-Q-Tel, the venture capital arm of the CIA, but my (very brief) research only came up with a loose connection through an employee. I did, however, find out an unrelated piece of information I would not have otherwise: In-Q-Tel lists GitLab in their portfolio. There is another (stronger) connection to the US government through CRV; a partner was appointed by Obama in 2012 to represent the US at the UN General Assembly.

It is also of note that Protonmail is advised by the MIT Venture Mentoring Service which is exclusively for the MIT community. I mention this because Protonmail has scrubbed much of the MIT influence, presumably because they think it will harm their business. This is the “about” now:

ProtonMail was founded in 2013 by scientists who met at CERN and were drawn together by a shared vision of a more secure and private Internet. Since then, ProtonMail has evolved into a global effort to protect civil liberties and build a more secure Internet, with team members also hailing from Caltech, Harvard, ETH Zurich and many other research institutions.

And this was that same page in 2014:

ProtonMail was founded in summer 2013 at CERN by scientists who were drawn together by a shared vision of a more secure and private Internet

ProtonMail is developed both at CERN and MIT and is headquartered in Geneva, Switzerland. We were semifinalists in 2014 MIT 100K startup launch competition and are advised by the MIT Venture Mentoring Service

@abbenm
14M

Okay, a lot of information that helps me know more detail about various relationships Protonmail has had for fundraising.

But in terms of having any clear takeaways, this is kind of a mess. IT sounds like the connections to CIA are largely speculative, derived from possible connections of CRV and MIT, right?

@dengismceo
14M

that is correct.

my biggest takeaway from the search was the venture capital funding. not because i think it means 3 letter agencies are involved (which i don’t, to be clear) but because i think it compromises being committed to the best interest of their users. also on a personal level i hate that they crowdfunded with the promise they were going to remain independent and then broke that promise. it feels really slimey. how can one trust their word that they won’t break more promises in the interest of $$$?

@abbenm
14M

There’s a huge huge elephant in the room here, which I feel like nobody is talking about. And it has to do with how scatterbrained, speculative, and disconnected all of these details are, and how far short they are of establishing, like really establishing anything at all. If you ask me why I shouldn’t use Amazon, I can immediately point you to an article about anti-competitive practices. Same with Google Chrome, I can instantly point you to some article about how they’re pulling adblock extensions from the chrome store or how they’re misbehaving at the W3C. It’s a straight shot to a clearly expressed problem with no speculation needed.

Normally, in everyday life, if I’m in a room with people I know, I could explain something like what I just said above and people would instantly know what I mean. But in internet comment sections, people appear to be completely unable to distinguish between speculative and concrete allegations of harm.

@dengismceo
1
edit-2
4M

i don’t disagree. i only mentioned the CIA connection because if you look it up, you will find claims. hell, you can find a bunch of claims in this very thread. it is unsurprising, as any US involvement in a privacy project makes people skeptical.

facts (that can be verified on protonmail’s own website):

  • proton received the funds i listed (crowdfunding, EU grants, CRV, FONGIT, possibly additional grants)
  • they had teams both in the US + switzerland
  • they receive counsel from MIT
  • they have openly promoted orgs who have concrete connections to the CIA

that last point is why some think they are compromised. especially because they are always on the side of the CIA. even though they claim they fight for “freedom of speech everywhere” somehow that has not included censorship which is not advantageous to the US gov’t

i will never pay for protonmail’s services because i refuse to give money to an organisation that supports CIA-backed causes. as someone who cares deeply about others, proton’s support to me is what google pulling adblock is to you.

SnowCode
54M

I don’t know anything about the protests in honk kong, why is it a problem? (it’s a real question, not a troll)

@dengismceo
14M

the protests are a color revolution. it is very clear when you look at who the protesters support & where their funding comes from. hong kong is has already been freed - it is no longer a colony of britain.

ProtonMail is a commonly acceptable email provider, and for normies it might be good to use. That said, it does a lot of privacy posing and certainly does not make you immune to 14 Eyes spooks as the email header is unencrypted on transit, and you cannot use your own PGP keys properly.

P.S. People who believe UK-USA funded HK insurrection was a protest are scared of being cancelled for criticising mainstream propaganda and/or keep their mouths shut about the past 20 years of MEA stuff. I can see this from India, though I get called “a certain party” shill for it.

@rek2
54M

was going to fork and do a spanish translation and add some libre apps I use for terminal but is on github… one will think at least they will use gitlab or gitea etc. :(

@Echedenyan
44M

I would recommend Riseup VPN here.

how’s the speed on riseup?

@Echedenyan
24M

The test at max speed I know was a friend with 100 Mbps who told me he didn’t notice any slowdown.

Also in LTE I made tests in the mobile version without issues.

deleted by creator

rafael
34M

This is amazing! Thank you! (I love Lemmy btw <3) I’m just wondering about github, as mentioned by @dengismceo@lemmy.ml. I love github, but the idea of foss code being hosted by Microsoft is weird… I’m gonna give gitea a try, but how do you think gitlab compares to github?

@dengismceo
44M

in my research about protonmail i discovered that GitLab is in In-Q-Tel’s portfolio (In-Q-Tel is the venture capital arm of the CIA) so if that is concerning to you for any reason, i would stay away from GitLab. dess did mention codeberg as an option

@Nevar
34M

Some solid recommendations here, a lot overlaps with my own research. Good to know I’m on the right path.

@marmulak
34M

Very nice

@onlooker
2
edit-2
4M

Man, whoever this Dess guy is, it looks like he knows what he’s talking about.

EDIT: I suppose an /s is in order.

Mr.Toto
1
edit-2
4M

I change: Code: atom and Markdown: Zettlr

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 39 users / day
  • 74 users / week
  • 203 users / month
  • 541 users / 6 months
  • 2742 subscribers
  • 1206 Posts
  • 5635 Comments
  • Modlog