especially estonians

The only Pixel I have is a Pixel 3XL which is not supported anymore for updates. A few questions. does that mean at some point you have to buy a new phone all the time? How long are they supported, do I need the buy the newest one everytime to have a decently long support? If I can install Calyx, but have already degoogled my phone, is Calyx still useful? But I suppose at this point it's still better to get a Pixel anyway and install Graphene which is supposedly better? how risky is it to run an unsupported phone like my Pixel 3XL? What can happen?

After the whole Firefox debacle I'm trying to find a new privacy oriented browser for my Mac and iOS devices with bookmark syncing. Ideally an open source browser but I don't think one exists right now that has both macOS and iOS versions. For example LibreWolf has a Mac app but no iOS app.

It's not open source but Orion browser which exists on both Mac and iOS is the only browser I can find on Apple's App Store that has "Data Not Collected. The developer does not collect any data from this app." on its app store page.

And it has some interesting features like being able to run Chrome/Firefox extensions on iOS (including uBlock).

But I did some digging into Kagi, the makers of Orion and was turned off by them being an AI search company. Also, despite Kagi claiming Orion completely blocks fingerprinting I couldn't get Orion to pass EFF's fingerprinting benchmark tool; it always said I was unique no matter what settings I tried. And I've read some other questionable things about how Kagi operates its business which I won't go into here.

I know there's Brave but I'm turned off by the company's connection to crypto and their inclusion of AI in their browser.

Maybe Vivaldi? Vivaldi however says they do some anonymized telemetry to collect usage statistics. And again these two browsers also aren't open source either.

I'm afraid there are no good macOS + iOS browser setups? I'm hoping someone will correct me. 😬

edit: typos

Recently there has been controversy around Mozilla Firefox.

I've been looking for an alternative but really struggling, seems like every alternative has a downside:

• Vivaldi: Uses some proprietary code and likely not doing much better on the user data side of things, also based on Chromium.

• Tor: Uses Tor protocol and so is quite slow, my ISP would probably also think I'm a drug lord.

• Fennec: Basically looks the same as Firefox but guessing less up to date, F-Droid has a warning about it's using Mozilla services for tracking.

What are you guys using? Have you found anything good?

TL;DR: With Firefox 56, Mozilla combined Firefox Health Report and Telemetry data into a single setting called “technical and interaction data”, which was then enabled by default. This data was then shared with advertising partners on a de-identified or aggregated basis.

Porn companies must take strong action to protect privacy and prevent future harms

On March 3, 2025 Canada’s Privacy Commissioner announced that Pornhub’s practices fail to ensure meaningful consent has been obtained from everyone appearing in videos uploaded to the platform. (Shutterstock)

Elaine Craig, Dalhousie University

At a time of increased emphasis on buying Canadian, the country’s porn consumers can presumably rest easy. A Canadian business, Ethical Capital Partners (ECP), owns the world’s largest porn website, Pornhub. But do Canadian porn users have nothing to worry about?

On March 3, Canada’s privacy commissioner announced that Pornhub’s practices fail to ensure meaningful consent has been obtained from everyone appearing in videos uploaded to the platform, and that he will seek a federal court order directing Pornhub to comply with Canada’s privacy laws.

When ECP acquired Aylo (then called MindGeek), which owns Pornhub and other porn businesses, the company made numerous public statements. ECP’s executives stated in a release that Aylo was “built upon a foundation of trust, safety and compliance.” ECP executives also stated they were confident the company operates “legally and responsibly.”

However, class actions and individual lawsuits brought by women who allege Pornhub distributed videos of them without their consent, reports in 2020 of child rape videos on the platform and allegations of widespread content piracy do not align with ECP’s claims about Pornhub’s origins.

Privacy commissioner’s report

ECP’s assertion that Pornhub was built on trust and safety is also refuted by the privacy commissioner’s findings. In 2024, Commissioner Philippe Dufresne released a critical report regarding Aylo, following a complaint by a woman who alleged her ex-boyfriend uploaded a sexually explicit video of her to Pornhub without her consent. The video was copied and shared online hundreds of times.

The commissioner found that in 2015, when the video was posted, Pornhub’s process for ensuring consent was “wholly ineffective,” and that this had “devastating consequences for thousands of individuals whose intimate images were shared” without their knowledge and consent.

Dufresne stated the company was still failing “to ensure that it has obtained valid and meaningful consent from all individuals depicted in content uploaded to its websites.” He maintained this position in his announcement on March 2. ECP, which disputes the commissioner’s findings, launched unsuccessful legal proceedings to prevent Dufresne’s report from being published, delaying its release by nearly a year.

Numerous women have alleged horrific stories about their efforts to have videos removed from Pornhub that they did not consent to have uploaded (or in some cases, even created), only to be met with delay, a lack of response and administrative obstacles.

Today, Pornhub’s systems for verifying consent and responding to take-down requests are significantly more robust; they are likely superior to the mechanisms used by other platforms. But the lawsuits, testimony from victimized women and the commissioner’s report suggest this is hardly a company “built upon a foundation of trust, safety and compliance.” And according to the Dufresne, Pornhub is still not compliant with the law.

Harmful content

When they acquired the company, ECP executives told the media they bought Aylo to promote “consensual and sex-positive adult entertainment.” Academic research, including my own, has examined content on porn platforms that depicts the sexual assault of sleeping or unconscious women, the sexual abuse of children by their fathers or step-fathers and the use of misogynistic meta-data — video titles, tags, and content categories — to promote content to users.

Depictions, including fictional ones, of sexual assault by step-fathers against step-daughters, or of sexual acts imposed upon sleeping women, are not sex-positive. Using misogynistic video titles and tags to organize and amplify hateful assertions about women and adolescent girls is not sex-positive.

Pornhub’s content moderation policies prohibit this type of harmful content. If Pornhub consistently enforced its own rules regarding depictions of non-consensual sex, hate speech and community standards, the depictions of sexual assault and the hateful and discriminatory titles, tags and categories of porn that I found in my research would not be present.

The company could presumably do this, given its claim that every piece of content on its site is approved by human moderators, and the success it has had relative to other platforms in eliminating and preventing child sexual abuse material.

The harms posed by fictional depictions of sexual assault, and the use of misogynistic titles and tags to promote porn, are significantly heightened because of the nature of the porn business today. Porn has changed enormously in the last decade. It has become social media.

Contemporary porn’s ubiquity and social media character greatly enhance its capacity to shape our sexual culture, including in harmful ways. (Shutterstock)

Porn as social media

Like big tech generally, and social media in particular, the porn industry is shaped by search engine optimization, algorithms, data and the advertising revenue that drives the internet’s attention economy. As a result, porn is now freely available to anyone with a cellphone, exploding rates of consumption. And like other forms of social media, porn today is interactive.

These technological changes in the porn industry reveal that, if made easily accessible, many people will watch porn. Indeed, close to 10 per cent of Canadians visit Pornhub every day.

Contemporary porn’s ubiquity and social media character greatly enhance its capacity to shape our sexual culture, including in harmful ways. Broad social engagement with any practice, including the consumption of sexually explicit material, informs our relationships, norms and values. Eroticizing the sexual assault of unconscious women or step-daughters, or deploying misogynistic hate speech to shock, entice and arouse large segments of our communities, shapes how we understand and relate to consent, allegations of sexual assault and concepts of sexual desire.

There is nothing inherently harmful about watching porn, and not all porn contributes negatively to our social environment. However, ECP’s claims about the history of the world’s largest porn company suggest a lack of accountability regarding the tremendous harm that porn websites cause women and girls.

Transparency and accountability

Given porn’s heightened role in shaping our sexual culture in a platform society, content that depicts sexual assault or is framed in the language of misogyny is harmful to all of us. Presumably, this is why Pornhub’s policies prohibit this type of content. But content moderation rules are only as good as their enforcement.

ECP says it rebranded Aylo to reflect a “renewed commitment to…trust and safety” and to allow “the company to refocus its efforts to lead by example through transparency and public engagement.” The type of leadership that ECP contemplates requires a commitment to the truth and a willingness to rigorously uphold one’s own rules: the kind of commitment and willingness exhibited by Canada’s privacy commissioner, in this case.

To “lead by example,” ECP should start with transparency and forthright public accountability regarding the foundations upon which Pornhub was actually built and how it operated for many years. This must be followed by compliance with the privacy commissioner’s recommendations, and insistence that Pornhub’s content moderation policies are consistently and rigorously enforced.

Elaine Craig, Professor of Law, Dalhousie University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

I haven't played Minecraft since 2015, but I get the feeling I might again in the new few years as I wanna find new hobbies. I know that game has changed a whole lot but I don't have any official online data on it.

I've had this Microsoft account for over a decade and its probably full of personal information that I wanna let go of, I've already exported all my data. I would need to pay $30 for another copy of Minecraft, same price I paid in 2013. I just did a bunch of searching and its not possible to transfer my Minecraft license to another account.

Synopsis

Starting April 1, 2026, the income tax department will have the authority to access social media, emails, and other digital spaces to curb tax evasion. This has been granted to them under the new income tax bill. This will also include search and seizure powers over your assets and documents, which have raised major privacy concerns. Experts warn of challenges to fundamental privacy rights without judicial oversight and procedural safeguards.

I need a Google account to sign up for a service I'm interested in, so I want to create a bogus account for that. Problem is I need a phone number to verify it. I obviously don't want to use my actual number, so I tried some of those online temporary number services, but none of them worked. I get different error messages when trying to use them: "Number has been used too many times", "Number can't be used for verification", stuff like that. Do you guys know of a way to get a working number?

I'm curious what everyone thinks about DuckDuckGo's current settings. I have my browser settings set to delete history, cache and cookies on closing. This creates an issue when using duckduckgo as my primary search engine. Their 'default' settings (available right below the searchbar) seem far from privacy focused. AI Chat is on by default and used 'sometimes', as well as 'advertisting' and 'location' settings that are on by default. This requires me to have to change the settings every time I load my browser due to any settings I save being deleted by my browser setup. I don't want to install a duckduckgo extension. How do others deal with this? I know you can 'save anonymously' your settings in the cloud, but I'm not eager to do that.

To fill these gaps in our knowledge, we have created an open source project called Rayhunter.1 It is developed to run on an Orbic mobile hotspot (Amazon, Ebay) which is available for $20 or less at the time of this writing. We have tried to make Rayhunter as easy as possible to install and use, regardless of your level of technical knowledge. We hope that activists, journalists, and others will run these devices all over the world and help us collect data about the usage and capabilities of cell-site simulators (please see our legal disclaimer.)

Rayhunter works by intercepting, storing, and analyzing the control traffic (but not user traffic, such as web requests) between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected. Rayhunter analyzes the traffic in real-time and looks for suspicious events, which could include unusual requests like the base station (cell tower) trying to downgrade your connection to 2G which is vulnerable to further attacks, or the base station requesting your IMSI under suspicious circumstances.

I think those websites are over using trackers in their websites for extra profit with no care for the privacy of their users, I highly recommend avoiding them.

• The Guardian.
• The Verge.

For comparsion:

• Associated Press(AP).
• Al Jazeera.
• BBC.
• CBC.
• Sky News.
• ABC News.
• The Register.

We're very happy to share Techlore's video review of the BusKill Kill Cord.

Can't see video above? Watch it on PeerTube at neat.tube or on YouTube at youtu.be/Zns0xObbOPM

Disclaimer: We gave Techlore a free BusKill Kit for review; we did not pay them nor restrict their impartiality and freedom to publish an independent review. For more information, please see Techlore's Review Unit Protocols policy. We did require them to make the video open-source as a condition of receiving this free review unit. The above video is licensed CC BY-SA; you are free to redistribute it. If you are a video producer and would like a free BusKill Kit for review, please contact us

To see the full discussion about this video on the Techolore forums, see:

• discuss.techlore.tech/t/buskill-secure-your-laptop-in-seconds

Support BusKill

We're looking forward to continuing to improve the BusKill software and looking for other avenues to distribute our hardware BusKill cable to make it more accessible this year.

If you want to help, please consider purchasing a BusKill cable for yourself or a loved one. It helps us fund further development, and you get your own BusKill cable to keep you or your loved ones safe.

Buy a BusKill Cable
https://buskill.in/buy

You can also buy a BusKill cable with bitcoin, monero, and other altcoins from our BusKill Store's .onion site.

Stay safe,
The BusKill Team
https://www.buskill.in/
http://www.buskillvampfih2iucxhit3qp36i2zzql3u6pmkeafvlxs3tlmot5yad.onion/

cross-posted from: https://feddit.nl/post/29675306

I am not the author.

I found this blog to have both a short summary of the reasons as well as a pretty complete overview of the options for protecting against this specific threat model. I can just send this to people and they'll understand the why and the how.

@privacy Privacy Roundup: Week 9 of Year 2025

https://avoidthehack.com/privacy-week9-2025

Sharing from Mastodon; figured Lemmy users would appreciate a direct post as well... hoping this goes through without messing up any kind of formatting.

Disclaimer: I author these.

I noticed the other day that the majority of the content on [email protected] are made by accounts that are deleted after making some posts. Most often no comments are made by these burner accounts, but sometimes they will create a new separate account to respond to comments.

Is there any real privacy benefits for this over something like having a single separate account you post only images and no text posts?

Is there a tool that facilities creating short-term accounts like this?

The answer to "what is Firefox?" on Mozilla's FAQ page about its browser used to read:

The Firefox Browser is the only major browser backed by a not-for-profit that doesn’t sell your personal data to advertisers while helping you protect your personal information.

Now it just says:

The Firefox Browser, the only major browser backed by a not-for-profit, helps you protect your personal information.

In other words, Mozilla is no longer willing to commit to not selling your personal data to advertisers.

A related change was also highlighted by mozilla.org commenter jkaelin, who linked direct to the source code for that FAQ page. To answer the question, "is Firefox free?" Moz used to say:

Yep! The Firefox Browser is free. Super free, actually. No hidden costs or anything. You don’t pay anything to use it, and we don’t sell your personal data.

Now it simply reads:

Yep! The Firefox Browser is free. Super free, actually. No hidden costs or anything. You don’t pay anything to use it.

Again, a pledge to not sell people's data has disappeared. Varma insisted this is the result of the fluid definition of “sell” in the context of data sharing and privacy.

"Android System SafetyCore’ claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application."

If you don't want to navigate android settings you can also simply uninstall it from the Play Store https://play.google.com/store/apps/details?id=com.google.android.safetycore

Additionaly you can install this placeholder app to prevent Google from reinstalling it every time it updates: https://github.com/daboynb/SafetyCore-placeholder

In TOS they can have our data entered in browser as royalty free data. Now, what? I know we can use Librewolf but if Mozzila goes full evil. Then what choice we have. Can we make Mozzila reverse this changes? Remind them to be not evil? Both Proton and Firefox are core part of my privacy focus life. I swear to God I hate capitalism they all are just doing this for money.