hey,

i created a browser-based tool for p2p file transfer where it doesnt use any backend for storage. instead, it relies on storage provided by the browser.

https://file.positive-intentions.com/

its still a work in progress, but id like to know your thoughts. it isnt open source, but its largely based off another project which does P2P messaging (its just called "chat"). my intentions with this new app, is that i will aim for this to be a B2B SaaS product, but until i set up login+subscription, its free-to-use. id love to get feedback on features you would find useful.

i have some documentation, but im also sure that it isnt very clear. so feel free to ask any questions about how it works.

the landing page is also largely based off the "chat" project. https://positive-intentions.com/docs/file . i will try to make more time to improve the landing page experience.

cross-posted from: https://lemmy.dbzer0.com/post/36880616

Help Combat Internet Censorship by Running a Snowflake Proxy (Browser or Android)

Internet censorship remains a critical threat to free expression and access to information worldwide. In regions like Iran, Russia, and Belarus, journalists, activists, and ordinary citizens face severe restrictions when trying to communicate or access uncensored news. You can support their efforts by operating a Snowflake proxy—a simple, low-impact way to contribute to a freer internet. No technical expertise is required. Here’s how it works:

What Is Snowflake?

Snowflake is a privacy tool integrated with the Tor network. By running a Snowflake proxy, you temporarily route internet traffic for users in censored regions, allowing them to bypass government or institutional blocks. Unlike traditional Tor relays, Snowflake requires minimal bandwidth, no configuration, and no ongoing maintenance. Your device acts as a temporary bridge, not a permanent node, ensuring both safety and ease of use.

Is This Safe for Me?

Short answer: Yes.

Long answer: pobably. Here is why:

• Your IP address is not exposed to the websites they access. So, you don't have to worry about what they are doing either. You are not an exit node.
• No activity logs. Snowflake cannot monitor or record what users do through your connection. The only stored information is how many people have connected to your bridge. Check docs for further info on this.
• Low resource usage. The data consumed is comparable to background app activity—far less than streaming video or music.
• No direct access to your system
• No storage of sensitive data. Snowflake proxies do not store any sensitive data, such as IP addresses or browsing history, on your system.
• Encrypted communication. All communication between the Snowflake proxy and the Tor network is encrypted, making it difficult for attackers to intercept or manipulate data.

You are not hosting a VPN or a full Tor relay. Your role is limited to facilitating encrypted connections, similar to relaying a sealed envelope.

Your IP address is exposed to the user (in a P2P-like connection). Be mindful that your ISP could also potentially see the WebRTC traffic and the connections being made to it (but not the contents), so be mindful of your threat model.

For most users, it is generally safe to run Snowflake proxies. Theoretically, your ISP will be able to know that there are connections being made there, but to them it will look like you're calling someone on, say, Zoom.

Historically, as far as we know, there haven't been any cases of people getting in legal trouble for running entry relays, middle relays, or bridges. There have a been a few cases of people running exit nodes and getting in trouble with law enforcement agencies, but none of them have been arrested or prosecuted as far as I know it. If you are aware of any cases, let me know so I can update this post.

Do not hesitate to check Snowflake's official documentation for further reference and to make informed decisions.

How to Set Up a Snowflake Proxy

Option 1: Browser Extension (Brave, Firefox, or Chrome)

1. Install the Snowflake extension.
2. Click the Snowflake icon in your browser toolbar and toggle "Enable Snowflake."
3. Keep the browser open. That’s all.

Note: Brave users can enable Snowflake directly in settings. Navigate to brave://settings/privacy and activate the option under "Privacy and security."

Option 2: Android Devices via Orbot

1. Download Orbot (Tor’s official Android app).
2. Open the app’s menu, select "Snowflake Proxy," and toggle it on.
3. For continuous operation, keep your device charged and connected to Wi-Fi.

Your device will now contribute as a proxy whenever the app is active.

Addressing Common Concerns

• Battery drain: Negligible. Snowflake consumes fewer resources than typical social media or messaging apps.
• Data usage: Most users report under 1 GB per month. Adjust data limits in Orbot’s settings or restrict operation to Wi-Fi if necessary.

Why Your Participation Matters

Censorship mechanisms grow more sophisticated every year, but tools like Snowflake empower ordinary users to counteract them. Each proxy strengthens the Tor network’s resilience, making it harder for authoritarian regimes to isolate their populations. By donating a small amount of bandwidth, you provide someone with a critical connection to uncensored information, education, and global dialogue.

Recent surges in demand—particularly in Russia—highlight the urgent need for more proxies. Your contribution, however small, has an impact.

By participating, you become part of a global effort to defend digital rights and counter censorship. Please, also be mindful of your threat mode and understand the potential risks (though very little for most people). Check Snowflake's official documentation for further reference and don't make any decisions based on this post before taking your time to read through it.

Please share this post to raise awareness. The more proxies, the stronger the network.

– llama

!privacy@lemmy.dbzer0.com

Hello everyone,

After a discussion on !fedigrow@lemm.ee ( https://feddit.org/post/6950586 ), a few people interested in privacy decided to reopen !privacy@lemmy.dbzer0.com as an alternative to !privacy@lemmy.ml .

Feel free to join us there!

Note: created a same post yesterday, didn't federate (https://lemmy.zip/post/30504557?scrollToComments=true ), hope it works this time!

!privacy@lemmy.dbzer0.com

Hello everyone,

After a discussion on !fedigrow@lemm.ee ( https://feddit.org/post/6950586 ), a few people interested in privacy decided to reopen !privacy@lemmy.dbzer0.com as an alternative to !privacy@lemmy.ml .

Feel free to join us there!

App: https://chat.positive-intentions.com/

A p2p encrypted file transfer and messaging app. Here are some features below:

• Open Source
• Cross platform
  • PWA
  • iOS, Android, Desktop (self compile)
  • App store, Play store (coming soon)
  • Desktop
    • Windows, Macos, Linux (self compile)
    • run index.html on any modern browser
  • Decentralized
• Secure
  • No cookies
  • P2P encrypted
  • No registration
  • No installing
• Messaging
  • Group Messaging (coming soon)
  • Text Messaging
  • Multimedia Messaging
  • Screensharing (on desktop browsers)
  • Offline Messaging (in research phase)
  • File Transfer
  • Video Calls
• Data Ownership
  • Self Hosting
  • GitHub pages Hosting
  • Local-Only storage

Check it out!

• App: https://chat.positive-intentions.com/
• More info: https://positive-intentions.com/blog/introducing-decentralized-chat
• GitHub: https://github.com/positive-intentions/chat

Its clear that the technology is there and in use to track cars in real time. And for better or worse, its not even remotely secure.

I want to keep a list of my contacts on my phone so I can call them, but I never want the list of contacts to leave the device, through contact sync or similar. I'm using the Android built-in Contacts app.

On my old phone I used an F-droid app called 'local contacts' or 'offline contacts', but I can't find it with my new phone. It would create a new account, separate from your gmail account, to associate the contacts with. Something like that might be nice to have, although I don't know how effective it is.

I see in my settings under "Google Contacts sync" that "Sync is off" and "Also sync device contacts" is off. "Device contacts" sounds like maybe some Android built-in version of the offline contacts app I mentioned before. Does anyone know if this is the case?

I'm worrying that if I use a builtin features, Google will ask me about backup for photos or something at a later point, I'll reflexively click 'proceed' without realizing what I'm doing, and this will activate all Google-related sync features, including contact sync, updating my Xkeyscore (NSA) profile with my social graph before I know what's happening.

Perhaps it's best to assume my social graph is already known by Google? Then maybe I should focus on limiting others from getting access to it? I believe apps have to ask before accessing any contacts so I guess I could just deny access for apps I don't trust.

There are few questions above, but I'm really mostly looking for a discussion about what good security practices are when it comes to phone contacts. It seems like one of the more sensitive sets of information on a phone.

There's a meme that every person has a U.S. government agent assigned to read their text messages. That’s not true. But government agencies, from the National Security Administration to local police departments, can potentially read the conversations on many text messaging applications. Fortunately, this is not always the case, and there are many ways you can protect your privacy.

Does that mean that other apps like signal for example have back doors?

Do criminals have a knowledge of exploits in the recommended messaging apps?

This paper investigates the feasibility of a proactive DeepFake defense framework, {\em FacePosion}, to prevent individuals from becoming victims of DeepFake videos by sabotaging face detection. The motivation stems from the reliance of most DeepFake methods on face detectors to automatically extract victim faces from videos for training or synthesis (testing). Once the face detectors malfunction, the extracted faces will be distorted or incorrect, subsequently disrupting the training or synthesis of the DeepFake model. To achieve this, we adapt various adversarial attacks with a dedicated design for this purpose and thoroughly analyze their feasibility. Based on FacePoison, we introduce {\em VideoFacePoison}, a strategy that propagates FacePoison across video frames rather than applying them individually to each frame. This strategy can largely reduce the computational overhead while retaining the favorable attack performance. Our method is validated on five face detectors, and extensive experiments against eleven different DeepFake models demonstrate the effectiveness of disrupting face detectors to hinder DeepFake generation.

This article is the best answer to people who say that they have "nothing to hide".

China’s Communist Party is stepping up the use of big data to predict people’s behavior in a bid to identify “social risks” and prevent violent attacks on members of the public in the wake of the car killings in Zhuhai earlier this month.

A New Jersey federal judge on Tuesday denied data brokers’ requests to dismiss a case brought by state law enforcement officers who sued the companies for failing to take their home addresses and phone numbers off the web.

India’s telecommunications regulator has rolled out rules designed to protect the country’s critical infrastructure networks from cyberthreats, but experts warn that the new guidelines have inadequate safeguards for users' fundamental privacy rights.