openpgp4fpr:588f6e4eabe8c7b552d00fa641911f722b0f9ae3

  • 1 Post
  • 60 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle





  • Ungoogled Chromium is my current favourite

    The reason we don’t recommend Ungoogled Chromium and instead recommend Brave on the privacyguides.org website is because they have proper build infrastructure managed by the Brave. With Ungoogled Chromium the binaries are produced by third parties, vary in version etc. People claim they would only use “open source software” but they do download binary versions nevertheless and don’t compile that code themselves. This increases the risk of a supply chain attack, where a malicious binary is submitted and nobody has really knows until it is too late. The other issue is they disable CRLSets because of “google hate” which we think actually increases the likelihood of a MiTM attack occurring because rogue certificates are not detected and invalidated as quickly as they could have been.

    This article describes a few other things https://qua3k.github.io/ungoogled/


  • ungoogled chromium exists

    The reason is they have proper build infrastructure managed by the Brave. With Ungoogled Chromium the binaries are produced by third parties, vary in version etc. People claim they would only use “open source software” but they do download binary versions nevertheless and don’t compile that code themselves. This increases the risk of a supply chain attack, where a malicious binary is submitted and nobody has really knows until it is too late. The other issue is they disable CRLSets because of “google hate” which we think actually increases the likelihood of a MiTM attack occurring because rogue certificates are not detected and invalidated as quickly as they could have been.

    This article describes a few other things https://qua3k.github.io/ungoogled/



  • dngray@lemmy.oneMtoPrivacy Guides@lemmy.oneleaving google
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I always understood it as they don’t parse the actual details of emails (the body) to generate an add profile. It doesn’t mean they don’t track what websites you’re visiting whilst logged in though.

    My guess to this is that it’s not accurate, for example email chains, or someone mentioning something that you have no intention of buying. As the email body is very unstructured it would be quite difficult to interpret whether those keywords should be added as an interest, having said that, with advanced AI that can parse context of a sentence they may just start doing that again if they can with accuracy.


  • KeyPassXC is super easy

    One of the things I dislike about KeepassXC is that it exports to a unstructured CSV file, whereas Bitwarden exports to JSON. It’s a lot easier to use something like jq to parse a JSON structure, if you want to import it somewhere as opposed to dealing with CSV files.

    I also found the importer for Keepass CSV in Bitwarden didn’t import my “notes” and I had to individually check that for each record.




  • dngray@lemmy.oneMtoPrivacy Guides@lemmy.oneleaving google
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    No, they do not read your email, they’re very clear about this, that is mostly FUD pushed by privacy providers who lack ethical marketing standards.

    We do not scan or read your Gmail messages to show you ads

    If you have a work or school account, you will never be shown ads in Gmail.

    When you use your personal Google account and open the promotions or social tabs in Gmail, you’ll see ads that were selected to be the most useful and relevant for you. The process of selecting and showing personalized ads in Gmail is fully automated. These ads are shown to you based on your online activity while you’re signed into Google, however we do not process email content to serve ads.

    To remember which ads you’ve dismissed, avoid showing you the same ads, and show you ads you may like better, we save your past ad interactions, like which ads you’ve clicked or dismissed.

    The place where Google makes the money is on the sites you visit with Google Adsense and your search terms being associated with a logged in Google account. Most people want to stay logged into their email (and thus their Google account), so that’s where the behavioral/adsense analytics comes in. Much fewer people use email clients these days.





  • dngray@lemmy.oneMtoPrivacy Guides@lemmy.oneleaving google
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Skiff is another option to replace Gmail

    Make sure you don’t depend on features like email clients. You also can’t use encryption like PGP so, that will mean that you’ll only have E2EE if you’re sending to other Skiff users. (There is no external E2EE with Skiff).