for the first time in my life i just got an email about a password reset request that i did not ask for

what is the best way to get safer/more anonymous online

Ok, security and anonymity are not the same thing, but when you combine them you can enhance your online privacy.

My question is: how tech literate are you and what is your aim? As in do you live in a country where your government would benefit from monitoring private (political) conversations or do you just want to degoogle? Because the latter is much easier for the average user.

Some general advice:

Leave Windows and Mac operating systems and switch to Linux distributions like Fedora and Ubuntu (both very user friendly). Switch from Microsoft Office or Pages/Numbers/Keynote (Mac) to LibreOffice.

You want to go more hardcore with a very privacy-focused operating system? There are Whonix and Tails (portable operating system).

Try to replace all your closed source apps with open source ones.

Now, when it comes to browsers, leave Chrome behind. Switch to Firefox (or Firefox Focus if you're on mobile). Want to go a step further? Use LibreWolf (a modified version of Firefox that increases protection against tracking), Brave (good for beginners but it has its controversies), DuckDuckGo or Bromite. You like ecofriendly alternatives? Check Ecosia out.

Are you, like, a journalist or political activist? Then you probably know Tor and other anonymous networks like i2p, freenet, Lokinet, Retroshare, IPFS and GNUnet.

For whistleblowers there are tools like SecureDrop (requires Tor), GlobaLeaks (alternative to SecureDrop), Haven (Android) and OnionShare.

Search engines?

There are Startpage (obtains Google's results but with more privacy), MetaGer (open source), DuckDuckGo (partially open source), Searx (open source). You can see the comparisons here.

Check libRedirect out. It redirects requests from popular socmed websites to privacy friendly frontends.

Alternatives to YouTube that value your privacy? Odysee, PeerTube and DTube.

Decentralized apps and social media? Mastodon (Twitter alternative), Friendica (Facebook alternative), diaspora* (Google+ RIP), PixelFed (Insta alternative), Aether (Reddit alternative).

Messaging?

I know we all use shit like Viber, Messenger, Telegram, Whatsup, Discord etc. but there are:

Signal (feels like Whatsup but it's secure and has end-to-end encryption)

Session (doesn't even require a phone or e-mail address to sign up)

Status (no phone or e-mail address again)

Threema (for mobile)

Delta Chat (you can chat with people if you know their e-mail without them having to use the app)

Team chatting?

Open source options:

Element (an alternative to Discord)

Rocket.chat (good for companies)

Revolt.chat (good for gamers and a good alternative to Discord)

Video/voice messaging?

Brave Talk (the one who creates the talk needs to use the browser but the others can join from any browser)

Jami

Linphone

Jitsi (no account required, video conferencing)

Then for Tor there are various options like Briar (good for activists), Speek! and Cwtch (user friendly).

Georestrictions? You don't want your Internet Provider to see what exactly what you're doing online?

As long as it's legal in your country, then you need to hide your IP with a VPN (authoritarian regimes tend to make them illegal for a reason), preferably one that has a no log policy, RAM servers, does not operate in one of the 14 eyes, supports OpenVPN (protocol), accepts cash payment and uses a strong encryption.

NordVPN (based in Panama)

ProtonVPN (Switzerland)

Cyberghost

Mullvad (Sweden)

Surfshark (Netherlands)

Private e-mails?

ProtonMail

StartMail

Tutamail

Mailbox (ecofriendly option)

Want to hide your real e-mail address to avoid spam etc.? SimpleLogin (open source)

E-mail clients?

Thunderbird

Canary Mail (for Android and iOS)

K-9 Mail (Android)

Too many complex passwords that you can't remember?

NordPass

BitWarden

LessPass

KeePassXC

Two Factor Authenticators?

2FAS

ente Authenticator

Aegis Authenticator

andOTP

Tofu (for iOS)

Want to encrypt your files? VeraCrypt (for your disk), GNU Privacy Guard (for your e-mail), Hat.sh (encryption in your browser), Picocrypt (Desktop encryption).

Want to encrypt your Dropbox, Google Drive etc.? Cryptomator.

Encrypted cloud storage?

NordLocker

MEGA

Proton Drive

Nextcloud

Filen

Encrypted photography storage?

ente

Cryptee

Piwigo

Want to remove metadata from your images and videos? ExifCleaner. For Android? ExifEraser. For iOS? Metapho.

Cloak your images to counter facial recognition? Fawkes.

Encrypted file sharing? Send.

Do you menstruate? Do you want an app that tracks your menstrual cycle but doesn't collect your data? drip.

What about your sexual health? Euki.

Want a fitness tracker without a closed source app and the need to transmit your personal data to the company's servers? Gadgetbridge.

I don't want to give you my phone number I don't want to use the cloud I don't want to hook up two factor authentication I don't want to connect my facebook my instagram my contacts list I don't want to give you my first and last name I don't want to give you my zip code for the love of god why won't technology just mind its business.

i hate you apps i hate you two factor authentication i hate you sign in with your email i hate you please create an account to continue i hate you qr codes i hate you connect your facebook page i hate you add your phone number i hate y

facebook has suspended my account due to somebody apparently accessing my instagram and making an account that violated guidelines...i tried to appeal through the website but now it's saying my account doesn't even exist so i sent a sad email and sent something to insta but i'm having Much Anxiety and two factor authenticating any accounts i haven't yet

uggghh

Privacy Concerns: How Gen Z is Protecting Their Data?

What’s the first thing you do when a pop-up asks, “Do you accept cookies?”—immediately click “Accept” or hesitate as if pondering the secrets of the universe?

If you’re Gen Z, the answer might surprise you. While they’re often labelled as the oversharing Snapchat generation, they’re also becoming the poster children for digital privacy warriors. Want to know how? Stick around. By the end of this blog, you’ll not only uncover Gen Z’s surprising strategies for safeguarding their data but also pick up a few tips to reclaim control of your own.

The Paradox of Gen Z: Masters of Oversharing, Yet Privacy-Conscious

On the surface, Gen Z seems like the generation that lives for Instagram reels, TikTok challenges, and viral tweets. But underneath the filters and hashtags lies a surprising truth: they care—deeply—about their digital footprints. They may post a dance video on TikTok but won’t hesitate to use pseudonyms on Facebook or create private Instagram accounts (finstas) to keep their personal lives personal.

How Did Gen Z Get So Privacy-Savvy?

Growing Up With Data Breaches

From hearing about massive breaches (remember the infamous Cambridge Analytica scandal?) to watching documentaries like The Social Dilemma, Gen Z grew up knowing that even their memes could fuel someone’s data-mining empire. Lesson learned? Share strategically.

Cybersecurity 101 Is Their Second Nature

For this generation, two-factor authentication isn’t optional—it’s a lifestyle. “123456” as a password? Please, that’s so 2010. Gen Z knows their passwords should look like they smashed their keyboard in frustration.

Tech Education in Schools

Unlike older generations, who stumbled their way through the internet’s dark corners, Gen Z often received digital literacy education. They know the difference between a phishing scam and an actual email from their bank. (Pro tip: If it starts with “Dear Customer,” run.)

Privacy Tips We Can All Steal (Ethically, of Course)

Gen Z is showing us the way, and here are some of their best practices:

Think Before You Link

Clicking on that shady “You’ve Won a Free iPhone!” ad is the digital equivalent of walking into a trap. Gen Z gets it—they avoid suspicious links like the plague.

Limit Permissions

Why should a weather app need access to your contacts? Gen Z regularly audits app permissions, keeping unnecessary snoopers at bay.

Use Burners for Fun

They know that creating a “throwaway” email address for subscriptions keeps spam out of their primary inbox.

The Ironic Humor of Gen Z’s Privacy Stance

Isn’t it ironic that the generation branded as addicted to screens is leading the charge for digital privacy? They’ll meme about data breaches but won’t let companies snoop on their Spotify playlists.

Conclusion: A Balancing Act

Gen Z proves you can live your best digital life and protect your data. Whether it’s using VPNs, switching to encrypted messaging apps, or simply saying no to invasive permissions, they’re rewriting the rules for online privacy.

The takeaway? Protecting your data doesn’t mean going off the grid; it means being intentional with your digital choices.

Do you think Gen Z has cracked the code on balancing online presence and privacy, or are they just lucky digital natives? Drop your thoughts in the comments below!

Notice for the Public (Please Read)

I know this isn't at all what I normally post, but there's been a major hack. Fun. :'D

Apparently, almost 200 million people with Apple, Google, and Meta ("Meta" being anyone with accounts like Facebook and Instagram) accounts might have had their information associated with their accounts leaked. Here's an article on it, if y'all would like to learn more:

If you even remotely suspect you were affected by this, change passwords. Set up two-factor authentications. Avoid any and all biometrics (face/fingerprint/palm recognition stuff), because hackers can use that to get into a bunch of accounts. Do whatever you can to safeguard your identity, because now more than ever, your online protection is hand-in-hand with your life security.

Stay safe out there, people.

With <3,

Ros!e

Social Media and Privacy Concerns!!! What You Need to Know???

In a world that is becoming more digital by the day, social media has also become part of our day-to-day lives. From the beginning of sharing personal updates to networking with professionals, social media sites like Facebook, Instagram, and Twitter have changed the way we communicate. However, concerns over privacy have also grown, where users are wondering what happens to their personal information. If you use social media often, it is important to be aware of these privacy risks. In this article, we will outline the main issues and the steps you need to take to protect your online data privacy. (Related: Top 10 Pros and Cons of Social media)

1. How Social Media Platforms Scrape Your Data The majority of social media platforms scrape plenty of user information, including your: ✅ Name, email address, and phone number ✅ Location and web browsing history ✅ Likes, comments, and search history-derived interests. Although this enhances the user experience as well as advertising, it has serious privacy issues. (Read more about social media pros and cons here) 2. Risks of Excessive Sharing Personal Information Many users unknowingly expose themselves to security risks through excessive sharing of personal information. Posting details of your daily routine, location, or personal life can lead to: ⚠️ Identity theft ⚠️Stalking and harassment ⚠️ Cyber fraud

This is why you need to alter your privacy settings and be careful about what you post on the internet. (Read this article to understand how social media affects users.) 3. The Role of Third-Party Apps in Data Breaches Did you register for a site with Google or Facebook? Handy, maybe, but in doing so, you're granting apps access to look at your data, normally more than is necessary. Some high profile privacy scandals, the Cambridge Analytica one being an example, have shown how social media information can be leveraged for in politics and advertising. To minimize danger: 👍Regularly check app permissions 👍Don't sign up multiple accounts where you don't need to 👍Strong passwords and two-factor authentication To get an in-depth overview of social media's impact on security, read this detailed guide. 4. How Social Media Algorithms Follow You You may not realize this, but social media algorithms are tracking you everywhere. From the likes you share to the amount of time you watch a video, sites monitor it all through AI-driven algorithms that learn from behavior and build personalized feeds. Though it can drive user engagement, it also: ⚠️ Forms filter bubbles that limit different perspectives ⚠️ Increases data exposure in case of hacks ⚠️ Increases ethical concerns around online surveillance Understanding the advantages and disadvantages of social media will help you make an informed decision. (Find out more about it here) 5. Maintaining Your Privacy: Real-Life Tips

To protect your personal data on social media: ✅ Update privacy settings to limit sharing of data ✅ Be cautious when accepting friend requests from unknown people ✅ Think before you post—consider anything shared online can be seen by others ✅ Use encrypted messaging apps for sensitive conversations These small habits can take you a long way in protecting your online existence. (For more detailed information, read this article) Final Thoughts Social media is a powerful tool that connects people, companies, and communities. There are privacy concerns, though, and you need to be clever about how your data is being utilized. Being careful about what you share, adjusting privacy settings, and using security best practices can enable you to enjoy the benefits of social media while being safe online. Interested in learning more about how social media influences us? Check out our detailed article on the advantages and disadvantages of social media and the measures to be taken to stay safe on social media.

All right, since I bombarded a poor mutual yesterday...

Privacy is not security and security is not privacy. These terms are not interchangeable, but they are intrinsically linked.

While we're at this, anonymity =/= security either. For example, Tor provides the former, but not necessarily the latter, hence using Https is always essential.

It is impossible to have privacy without security, but you can have security without privacy.

A case in point is administrators being able to view any data they want due to their full-access rights to a system. That being said, there are ethics and policies that usually prevent such behavior.

Some general tips:

Operating System: Switch to Linux. Ubuntu and Linux Mint are widely used for a reason. Fedora too. And don't worry! You can keep your current operating system, apps and data. If you're on a Mac computer, you can easily partition your hard drive or SSD by using Disk Utility. If you're on Windows, you can follow this guide.

You want to go a step further? Go with Whonix or Tails. They're Linux distributions as well, but they're both aiming for security, not beauty so the interface might not be ideal for everyone. Many political activists and journalists use them.

You want anonymity? Then you need to familiarize yourself with Tor. Also, Tor and HTTPS and Tor’s weaknesses. When you're using it, don't log in to sites like Google, Facebook, Twitter etc. and make sure to stay away from Java and Javascript, because those things make you traceable.

Alternatives for dealing with censorship? i2p and Freenet.

Is ^ too much? Welp. All right. Let's see. The first step is to degoogle.

Switch to a user-friendly browser like Firefox (or better yet LibreWolf), Brave or Vivaldi. There are plenty of hardened browsers, but they can be overwhelming for a beginner.

Get an ad blocker like Ublock Origin.

Search Engine? StartPage or Duckduckgo. SearXNG too. Like I said degoogle.

Get a PGP encrypted e-mail. Check Protonmail out.

There's also Tutamail that doesn't cover PGP, but uses hybrid encryption that avoids some of the cons of PGP.

Skiff mail is also a decent option.

Use an e-mail aliasing service such as SimpleLogin or AnonAddy.

Check OpenPGP out. Claws Mail is a good e-mail client for Windows and Linux, Thunderbird for Mac OS.

Gpg4win is free and easy to use for anyone that wants to encrypt/decrypt e-mails.

Instead of Whatsapp, Facebook messenger, Telegram etc. use Signal for your encrypted insant messaging, voice and video calls.

Get a metadata cleaner.

Get a firewall like Opensnitch, Portmaster or Netguard which can block Internet for trackers.

Alternatively, go with a private DNS that blocks these trackers. NextDNS is a good paid service. Rethink a good free option.

Replace as many of your applications as you can with FOSS (free and open source) ones. Alternativeto can help you.

Always have automatic updates on. They are annoying af, I know, but they are necessary.

Keep your distance from outdated software.

Always have two-factor authentication (2FA) enabled.

Do not use your administrator account for casual stuff. If you're on Linux, you probably know you can be sudo, but not root.

On Linux distributions use AppArmor, but stay away from random antivirus scanners. Other distributions default to SELinux, which is less suited to a beginner.

Never repeat your passwords. If you can't remember them all, use a password manager like KeePass.

Encrypt your drive.

Honestly, VPNs have their uses and ProtonVPN, Mullvad and Windscribe are decent, but eh. If you don't trust your ISP, why would you trust the VPN provider that claims they don't log you when you can't verify such a thing?

facebook security is so great that even with two factor authentication active i cant login because the text message with the code never arrived so far like what the fuck facebook get your shit together would you

This day in history

I'm on tour with my new, nationally bestselling novel The Bezzle! Catch me in TUCSON (Mar 9-10), then San Francisco (Mar 13), Anaheim, and more!

#15yrsago Chinese gold farming https://www.theguardian.com/technology/2009/mar/05/virtual-world-china

#10yrsago Comment-spammers threaten to sabotage their victims through Google Disavow if the evidence of their vandalism isn’t removed https://ellis.fyi/blog/gordon-sands-threatens-seattle-bubble-google-disavow-comment-spam/

#10yrsago Obama whirls the copyright lobbyist/government official revolving door https://www.eff.org/deeplinks/2014/03/obama-nominates-former-sopa-lobbyist-help-lead-tpp-negotiations

#10yrsago CIA spied on Senate committee writing damning torture report and Obama knew about it https://www.theguardian.com/world/2014/mar/05/obama-cia-senate-intelligence-committee-torture

#5yrsago Jibo the social robot announces that its VC overlords have remote-killswitched it, makes pathetic farewell address and dances a final step https://www.theverge.com/circuitbreaker/2019/3/4/18250104/jibo-social-robot-server-shutdown-offline-dead

#5yrsago Bowing to public pressure, Coinbase announces it will “transition out” the ex-Hacking Team cybermercenaries whose company it just bought https://www.vice.com/en/article/qvyndw/coinbase-says-ex-hacking-team-members-will-transition-out-after-users-protest

#5yrsago The NSA has reportedly stopped data-mining Americans’ phone and SMS records https://www.nytimes.com/2019/03/04/us/politics/nsa-phone-records-program-shut-down.html

#5yrsago Facebook forces you to expose your phone number to the whole world in order to turn on two-factor authentication https://www.eff.org/deeplinks/2019/03/facebook-doubles-down-misusing-your-phone-number

#5yrsago America is not “polarized”: it’s a land where a small minority tyrannize the supermajority https://www.nytimes.com/2019/03/05/opinion/oppression-majority.html

Name your price for 18 of my DRM-free ebooks and support the Electronic Frontier Foundation with the Humble Cory Doctorow Bundle.

Be me...

Computer's running a bit glurgy, lets run ccleaner.

<run ccleaner, restart everything> Okay, lets log into the email and do the two factor authentication with my...

Phone.

Where's my phone?

Search whole apt, no phone. It's either vanished into the ether, or I left it in mom's car.

That's cool, I'll message mom on Facebook to see if-

Facebook wants two-factor authentication.

Fuck.

My.

Life.

FIDO U2F Security Key, Thetis [Aluminum Folding Design] Universal Two Factor Authentication USB (Type A) for Extra Protection in Windows/Linux/Mac OS, Gmail, Facebook, Dropbox, SalesForce, GitHub

http://i.securitythinkingcap.com/T4DWLw

I'm on a family cell phone plan with my parents. Yesterday after 18 years with Verizon, they texted that we were switching to T-Mobile and I needed to get to a store as soon as possible to switch my sim card.

I asked how soon was soon, because my parents constantly forget that just because they're retired doesn't mean the rest of us don't have work. They told me it didn't need to be right away but it had to be soon.

Then like two hours later, my mom called me on Facebook Messenger, which it's damn fortunate I actually have on my phone (I didn't for a long time), to tell me that they switched my number early and I needed to get to a store asap because I wouldn't have cell service until I did. Not like I have a fucking job or anything, or that I was at work when they called. Not like I don't need 2-factor authentication for EVERYTHING I use at work.

So after work I went to the nearest T-Mobile store and they switched my sim card. Calls and texts are back, yay! Immediately call my parents, both of their phones are off.

By the time I get home, I realize I don't have data. And I can't send or receive texts in group threads. I text my mom to tell her this, she asks me if I'm still at the store. Two hours later? No, I'm fucking not. She tells me to go back in the morning. I HAVE A JOB. T-Mobile stores don't open until 10am, which is when my shift starts, and I'm not in the office today, so I would be going into a different store.

Dad texts this morning and tells me to restart my phone, which I have already done like four times. Then he tells me I should call the tech who did their switchover, since it was "her blunder" that caused my number to be switched early. I. AM. AT. WORK.

I shouldn't complain, because my parents still pay this bill and as someone paycheck-to-paycheck, it's a huge relief to have one bill that isn't mine. But I got no notice on the switch and then they messed it up and now I have to fix it. AND WE'RE GOING TO ALL BE TOGETHER IN SIX WEEKS AND COULD HAVE EASILY DONE THIS THEN.

Or, you know, we could have planned this better so that we could go into the store at the same time, even though we live in different states, and do this all at once, instead of me scrambling to catch up because I don't merit any consideration in this situation at all.