Check this out, its a pretty good view into good practice, beginner, intermediate, and advanced, with recommendations. https://digital-defense.io/
There is so so so much, and they do get caught, and when they do we keep a peek into how invasive they are. As someone who has had to worry about being targeted by intelligence agencies and nation-states, I was completely blindsided by corporate/capitalist surveillance.
for example, look at this action by Meta, where they broke out of security sandboxes and exploited protocols in order to tie your browsing history (even private browsing) back to your identify saved in their databases back in meta land
https://www.theregister.com/2025/06/03/meta_pauses_android_tracking_tech/
the amount of data that is being harvested and sold, and resold, is absurd, and the greater threat is not just that they are exploiting you, its that they dont care who the data gets sold to. Bad actors (criminals, etc) can and will purchase information they can use against you.
So, consider the unintentional ramifications of all that info being harvested and available in addition to the intentional ramifications of hyper greed, and couple that with the amount of available compute and you will see that you do not need to be a person of interest, everyone is a data point that can be and will be exploited.
I would encourage everyone to take their privacy seriously.
Just saw this. Feel like the alternate title could have been "When digital privacy went mainstream", "I was into privacy before it was cool", or finally "No I am not wearing a tin foil hat!"
hahah, nice. try and message me when you get a chance and ill share my notes.
Think im ahead of the curve on this one, but I applaud you! keep doing it.
or XMPP would work as well
There is a lot, and there are a lot of levels. I am working on this now as well. Escalating from where I was, its a learning process. Too much to type in a single comment/response.
If you would like more info on removing your info from the internet, reducing the amount of spyware on your android phone, de-googling yourself, or limiting how much info you spill while you browse, we can connect and I can share what I have been doing. Ive got plenty I still need to do beyond this, but I am happy to share my lessons learned as it were.
I did a search for posts on Google Takeout before posting this and the only one I saw was from a year ago so I guess its ok to post this.
I just learned about it this morning.
The TLDR; is that you can request all the info Google has on you, in my case I want to do something with that data as I move away from Google, but just seeing what they have is nuts.
You might want to consider doing so.
(i would link the url, but its long and ugly, just search for Google Takeout, you will find it)
you are not kidding, this one is driving me crazy. no pun intended.
Im working on de-googling as well, from a privacy perspective. I am also looking at Proton for email. for
trying to think of the others, lol but im tired.
the two I heard about are mysudo.com and privacy.com. I think both are US only. Are they both based in the US? It didnt say on the privacy.com about us page
edit: yes, they are both based in the US.
any non-US based options that offer services to the US?
found it but was super limited. went into developer settings and enabled unknown sources but it didnt change the options. did some searches but cant find any way of really doing anything about it without rooting my phone. so meh.
just saw this 2 hours ago from Sam Bent
This is a bit dated, but the case it not yet resolved. If you search it its still pending and in mediation. Life360 is looking to limit who it sells the info to in order to resolve the case. There is no debate that they were selling the info.
So there are lots of ways to figure out who people are, and I am sure I dont know all of them, but I bet I know some you dont.
Lets put together a list of known ones. Ill start.
(If we dont get a big list, which we may not, for bonus points add techniques to ease drop/intercept information)
fingerprinting techniques
Food for thought.
So DNS Black-holing is not new obviously, and what stands out as the go to solution? Pihole probably... and yeah thats what im using because hey its a popular choice. Though I am running it in docker. Combining that with Unbound (also in docker), and configuring outbound DNS to use DNS over TLS, with a few additional minor tweaks, but otherwise mostly standard configuration on both.
Wondering what you guys might be using, and if you are using Pihole and/or Unbound if you have any tips on configuration.
Happy to share my config if there is interest.
At this point it not about passive collection, corporations are going to extreme ends to get our data.
https://www.zeropartydata.es/p/localhost-tracking-explained-it-could
I am interested in what people are doing to enforce their privacy while using the web.
I have some things in place, looking to compare with the community.
(btw, I am new here, this is my first post. So uh… Hi )
this was great! I hadnt considered leaked passwords. I already use uniques, but damn if this isnt a great reason to. Thanks