
privacy
Privacy is a human right.
“Monero & other privacy protocols are compromised”
> This article covers how Monero has been (allegedly) compromised & what distinguishes it from others
> It discussed a spectrum of attacks including RPC poisoning, dust storm, and how you can protect yourself from or perform them
https://x.com/signal_return/status/1899615272413311137
Source & Credit: cyscan.io
https://www.ghacks.net/2025/03/10/new-polymorphic-chrome-extensions-fake-others-to-steal-your-data/
Chainalysis: Yeah so, about that... it was actually a lot less...
US gov: oh okay, let's not tell anyone but you STILL intentionally helped North Korea launder $600M
Make it make sense.
https://x.com/FreeAlexeyRoman/status/1899485896904159648
Passkey support.
This changes what's possible and allows us to support any network & any identity with a truly global and interoperable secure messaging protocol...
For cloud:
- Ente
- Proton Drive
For self-host:
- Nextcloud
- Immich
Escape the walled garden.
Because of this: https://x.com/joeyneverjoe/status/1898032202447044925

How to Disable Ad ID Tracking on iOS and Android, and Why You Should Do It Now
The ad identifier - aka “IDFA” on iOS, or “AAID” on Android - is the key that enables most third-party tracking on mobile devices. Disabling it will make it substantially harder for advertisers and data brokers to track and profile you, and will limit the amount of your personal information up for...
https://librewolf.net/
https://www.waterfox.net/
https://zen-browser.app/
https://apps.gnome.org/Epiphany/
https://github.com/ungoogled-software/ungoogled-chromium
https://www.gnu.org/software/gnuzilla/
https://www.palemoon.org/ (I'm using this)
https://brave.com/ (and of course, this one as well)
https://ladybird.org/

Kazani
BROWSER ALTERNATIVES with Mitigations, Patches etc. ➡️ FireFox browser options: - Tor Browser (all) - Mullvad Browser (Desktop) - IronFox (Android) Read the Known Issues section on the Gitlab. - LibreWolf (mentally ill devs) ➡️ Make your own #Firefox with mitigations etc... - Phoenix Wiki - Arkenfox user.js Wiki Gui User-tool Mobile - Narsil Narsil Mobile - Betterfox Betterfox Mobile - pyllyukko - Compare some of the user.js files ➡️ Chromium based browser Options - Ungoogled Chromium (all) - Cromite (Android, Linux, Windows) ➡️ Browser extensions - uBlacklist - uBlock Origin or uMatrix (never both) - LibRedirect (setup your instances for each service in the settings) ➡️ Links to block lists - Yokoffing - Celenity/Phoenix - FilterLists ➡️ Set your default search engine to a search proxy - 4get instances - Searx instances ➡️ Why your favorite browser is not recommended - Celenity Firefox browser comparisons - How to choose a browser for everyday use? - Is your browser spyware? - Choose your browser carefully - Browsers and the connections they make compared - Fake Privacy and security ➡️ Additional reading - Wiki about extensions - Multiple Extension Conflicts - uMatrix for beginners - Firefox user.js install guide - Arch Linux Firefox Privacy wiki ➡️ Testing your browser - Fingerprint. com - How to test browsers for spyware - Privacytests browser comparison - Mullvad check - IP Leak - List of test sites A - List of test sites B * Thunderbird users should consider taking a look at Dove - Phoenix's sister project. [nostr note by Kazani]
Etcher is recommend by many people for burning image files to USB drives for distro testing, but TAILS just removed their recommendation for Etcher based on sharing information with third parties.
https://www.youtube.com/watch?v=ufDVKQ4C8-0
https://tails.net/news/rufus/index.en.html
https://www.omgubuntu.co.uk/2025/03/kag-orion-web-browser-coming-to-linux
A New Open-Source Tool from EFF to Detect Cellular Spying
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
https://github.com/EFForg/rayhunter

Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators (CSS) around the world.
GitHub - EFForg/rayhunter: Rust tool to detect cell site simulators on an orbic mobile hotspot
Rust tool to detect cell site simulators on an orbic mobile hotspot - GitHub - EFForg/rayhunter: Rust tool to detect cell site simulators on an orbic mobile hotspot
https://bsky.app/profile/grapheneos.org/post/3lgq7wqwzpk26
The Bluesky link has GrapheneOS posts explaining
https://gitlab.com/fdroid/fdroiddata/-/issues/3110#note_1613430404
Stuff here but not to the point like the Bluesky link
https://discuss.grapheneos.org/d/18731-f-droid-vulnerability-allows-bypassing-certificate-pinning/
GrapheneOS (@grapheneos.org)
A post from the developer of WireGuard on the severe security flaws and lack of trustworthiness of F-Droid: https://gitlab.com/fdroid/fdroiddata/-/issues/3110#note_1613430404

wireguard inclusion policy violation (auto-updates w/o explicit user consent) (#3110) · Issues · F-Droid / Data · GitLab
Per https://f-droid.org/en/docs/Inclusion_Policy/ The software must not download additional executable binary files (e.g. addons, auto-updates, etc.) without explicit user consent....
Does anyone know if the Iron Fish founders (Elena Nadolinski and Jason Spafford) are on farcaster?
Excited to see more privacy projects on Base like @veilanon
Would love to hear @apex777.eth thoughts on this too
https://www.coinbase.com/blog/Coinbase-acquires-team-to-accelerate-privacy-efforts-on-Base
https://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html
Android System SafetyCore (com.google.android.safetycore) provides common infrastructure that apps can use to protect users from unwanted content. The classification of content runs exclusively on your device and the results aren’t shared with Google.
As a system service, SafetyCore is only active when an application integrates with SafetyCore and specifically requests content to be classified. SafetyCore performs the classification on the device itself and doesn’t send identifiable data or any of the classified content or results to Google servers
For now there is no app that uses it. In future any app can use it to avoid setting up his system not on device.
1/2 ⬇️
Honestly the least believable part of this story
https://www.itpro.com/security/data-breaches/its-your-worst-nightmare-a-batch-of-eur5-hard-drives-found-at-a-flea-market-held-15gb-of-dutch-medical-records-and-experts-warn-it-couldve-caused-a-disastrous-data-breach
https://www.buskill.in/techlore-review/
Stay in control of your email and keep email decentralized!
https://www.xmox.nl/
That's why I like Monero so much, the Monero community doesn't give two fucks about ETFs and Blackrock's Model Portfolio, or banks being allowed to custody crypto, strategic reserves, or politician pump and dumps. The Monero community just cares about creating digital cash that is completely outside of state control. It cares about ensuring you can hold wealth that is safe from confiscation. It cares about the ability to transfer value anywhere without being spied upon.
Qualcomm and Google have announced a collaboration to offer up to 8 years of software and security updates from their new Snapdragon 8 Elite processor
This will not only affect Google pixels, which will see their lifespan extended, but also other manufacturers if the manufacturer so chooses, making more Android phones have a longer lifespan.
This initiative will also extend to future Snapdragon 8 and 7 chips over the next five generations, making Androids with these processors much more attractive.
It will also benefit future Pixels that will come with these processors , forgetting about Google's "tensor" processors and gaining in power.
Everything points to the fact that with the next Pixel 10 we will have 8 years of updates for GrapheneOS.
https://librewolf.net/
https://www.waterfox.net/
https://zen-browser.app/
https://apps.gnome.org/Epiphany/
https://github.com/ungoogled-software/ungoogled-chromium
https://www.gnu.org/software/gnuzilla/
https://www.palemoon.org/ (I'm using this)
https://brave.com/ (and of course, this one as well)
https://ladybird.org/
What prevents Lazarus to first move stolen funds to Tornado Cash, then slowly release them to multiple new accounts and later deposit to Railgun from those accounts?
Recommend Brave or Kagi Orion Browser
Advanced player for set-top boxes and tvs running Android OS
Features
No Ads
Designed for TV screens
Up to 8K video resolution
Login into your account
Cast from the phone
Support tv box remote controller
Support external software keyboard
Support devices without Google Services
Open source
https://smarttubeapp.github.io
https://github.com/yuliskov/SmartTube
https://github.com/yuliskov/SmartTube/releases
WARNING NOT FULLY OPEN SOURCE
There are at least 5 proprietary libraries in the app.
https://github.com/yuliskov/SmartTube/issues/471
Majority off apps will be slop GPT code that wouldn’t normally even pass unit test.
If you can build something that actually works, doesn’t steal user data, is open source and private,
You will thrive.
You can now see:
📍 Country of phone number origin
📅 Account registration date (month/year)
👥 Number of shared groups
✔️ Whether the account is official
• https://x.com/officer_cia/status/1895442145370087681
https://techcrunch.com/2025/02/27/spyzie-stalkerware-spying-on-thousands-of-android-and-iphone-users/
Companies like Canal+ and LFP (Ligue de Football Professionnel) claim that VPN providers are contributing to illegal broadcasts of sports broadcasts. (Yes, they want to go after that again, just like in Spain.)
This is why, according to a journalist from "Línforme", Canal+ and LFP have different VPNs in mind.
Faced with this situation, VPN companies are considering leaving France, arguing that such measures are a threat.
Even ProtonVPN is willing to take the case to the EU Court of Justice . https://torrentfreak.com/protonvpn-site-blocking-is-an-attack-on-users-online-freedom-250214/?preview=true
There is no obligation to block VPNs for now, but we will be watching to see if such a measure is finally implemented.
➡ SQL Injection;
➡ Cross-Site Scripting;
➡ Command Execution;
➡ Clickjacking;
➡ Cross-Site Request Forgery;
➡ Directory Traversal;
➡ Reflected XSS;
➡ DOM-based XSS;
➡ File Upload Vulnerabilities;
➡ Broken Access Control;
➡ Open Redirects;
➡ Unencrypted Communication;
➡ User Enumeration;
1/ ⬇️
https://www.zdnet.com/article/a-new-android-feature-is-scanning-your-photos-for-sensitive-content-how-to-stop-it/