Open letter to anyone with a protest or rights-based website:
PLEASE get rid of Facebook and Google SSO login options and analytic tracking codes from your sites.
You are literally handing over your user data to unscrupulous players that are in direct opposition to your cause. These sites can and do hand over user-specific data.
To everyone, stop using these options. Set a strong password. Use an alias email. Use a VPN.
Malware Is Evolving — And So Are the Languages It’s Written In — A new study highlights a growing tactic among malware developers: coding in uncommon languages to evade detection.
Key takeaways:
Obscure languages like Lisp, Rust, Haskell, Delphi, and Phix are harder for static analysis tools to parse. These languages often produce fragmented memory layouts and more indirect execution paths, complicating reverse engineering. Even the choice of compiler — like Tiny C or Embarcadero Delphi — impacts how easily malware can be flagged. APTs (Advanced Persistent Threats) are increasingly adopting these strategies to fly under the radar.
Security teams must broaden their detection capabilities and adapt tooling for these underrepresented programming environments.
#CyberSecurity #ThreatIntel #MalwareAnalysis #Infosec #Programming #ReverseEngineering #security #privacy #cloud #infosec
https://www.theregister.com/2025/03/29/malware_obscure_languages/
I have been trying to make the point that when we give up our privacy, we give up our security for a long time. This is an article and short video from 2017. I could have made the same statements today.
I think many more are seeing the same. I know most of you here do.
What a great way to stalk people and get personal information! I hope AI eats all the info and in the future anyone can just ask a bot to fully dox anyone 
--
Google is publishing the home addresses of developers without their consent
https://news.ycombinator.com/item?id=43503720
New Privacy Guides article 
by me (kinda):
This article is an
interview with Micah Lee!
We are absolutely delighted at Privacy Guides that @micahflee has accepted to speak with us this week.
Thank you so much for your time Micah, this is a fantastic interview.
Check it out here! 
https://www.privacyguides.org/articles/2025/03/28/interview-with-micah-lee/
Continuing my survey of current web browsers, I'll note that the Tor Browser is really good at its job of keeping your private web browsing actually private, and there are mitigations available for edge cases like someone being able to tell that you're using Tor (even if they can't tell what you're doing with it).
The cost of that privacy is mostly that it's slow and won't be able to handle some web applications (either because features have been disabled or because the website blocks Tor), so it's inconvenient for everyday browsing, but if you need to hide activity from a stalker, an abuser, a harassment campaign, a government, etc. it's worth learning how to use it.
"While CBP said it only searched about 47,000 devices of the 420 million people who crossed the US border in 2024, experts the Guardian spoke to say border enforcement has been unpredictable under the Trump administration, so figuring out whether you’re at risk of a device search is not as straightforward as it once was. French officials said a French scientist was recently turned away at an airport in Texas because immigration officers found texts that were critical of Trump on his phone.
“The super-conservative perspective is to assume they are completely unhinged and that even the most benign reasons for travel are going to subject non-citizens to these device searches,” said Sophia Cope, a senior staff attorney at the Electronic Frontier Foundation (EFF), a non-profit digital rights group.
If you’re a US citizen, you must be admitted into the country. That said, some jurisdictions allow CBP to work with the FBI or local police to advance domestic investigations, so there are still some risks of your devices being searched for domestic reasons.
There are steps you can take to make it harder for CBP officers to access your device and the data on it. So what should you do to protect the data on your phone from being searched? The main thing is to prepare ahead of heading to the airport. Here is what you should be thinking about:"
https://www.theguardian.com/technology/2025/mar/26/phone-search-privacy-us-border-immigration
EFF's guide to using Signal has recently been updated to add the following note:
In large group chats, it can be worth checking occasionally to see who is in the chat. From the group chat screen, tap the chat name, then scroll down the list of members and make sure you recognize everyone.
(It's in the March 26 version, but not the March 6 version)
Speaking of #Signal, here’s the list of all the security audits they’ve gone through over the years: https://community.signalusers.org/t/overview-of-third-party-security-audits/13243
New app review on my website!
IronFox
★★★★☆
A privacy-hardened Firefox variation for Android, comparable to LibreWolf on desktops. Removes Mozilla tracking and services like Pocket. Locks down features that can leak data, but those changes can break some sites.
https://hyperborea.org/reviews/apps/ironfox/
#apps #firefox #mozilla #webBrowser #privacy #floss #review
I signed up years ago for the #NIH #AllOfUs research program so the NIH has extensive data about me, including genetic data.
I trusted NIH then to keep my data secure and private, but I am obviously reconsidering that and thinking about withdrawing from the program.
I've asked All Of Us what assurances they can give that my data will remain safe, but I am skeptical that they'll have a persuasive answer.
Anybody else in this boat?
#privacy #medicalResearch
Today we are very proud to announce that the United Nations has switched from Google Forms to CryptPad Form for collecting endorsements on the UN Open Source Principles: https://unite.un.org/news/sixteen-organizations-endorse-un-open-source-principles
CryptPad Form is a full-fledged application allowing you to build privacy-preserving questionnaires for your respondents.
Try it for free, without even registering an account, on our CryptPad.fr flagship instance!
If you click on a link in a Bluesky post, it is now automatically redirected via the domain go.bsky.app before it actually goes to the link in the post. There is no way to stop this or know that it is happening as the redirect only flickers on the screen for a fraction of a second.
Presumably this means Bluesky can now track all link clicking on their platform, including IP addresses, destinations etc?
Or have I misunderstood?
Bluesky is spinning it as a tool for publishers to track referrals, but going beyond the spin it seems to be giving Bluesky access to people's online activity?
Safety reminders for these times:
- Direct messages on Fedi are not encrypted.
- If your instance is hosted in the US, the admin has to comply with US law.
- Discord text chat is not encrypted. Video is.
- Encrypted group chats are only as secure as the people with access and their security practices.
If you're interested in protecting the contents of your conversations or work, follow the #privacy tag. People posts some really interesting things on there.
Your privacy protects your friends too. Do it for all of us.
An excellent step-by-step executable guide to implementing better privacy. https://www.optoutproject.net/the-cyber-cleanse-take-back-your-digital-footprint/
Recommended privacy people:
- @Em0nM4stodon
- @techlore
- @privacyguides
- @thenewoil
More advice from smarter people:
- Passwords & General Privacy hygiene: https://infosec.exchange/@avoidthehack/113867140078775299
- VPNs: https://mas.to/@joeturner/113867181288155342
Recommended privacy communities:
- https://discuss.techlore.tech
- https://discuss.privacyguides.net
The rest of this thread describes options that I'm considering and my personal privacy journey.
(Thanks to @joeturner@mas.to and everyone else in the community for your recommendations.)
Tracking bits of this migration via the #MayDeFAANGing tag.
Good Privacy & Personal News! 
I am absolutely delighted to
officially announce today that I have joined the wonderful team at @privacyguides ! 
I will be working with the team as a Journalist, and I am overjoyed by this opportunity to write and investigate for the Privacy Guides non-profit organization (donations welcomed 
).
Thanks to all the staff and volunteers for your excellent privacy advocacy work, and welcome to the two teammates who have recently joined as well. I look forward to working with you all.
By the way, these are all amazing
and very talented people you should definitely follow on Mastodon
@jonah @sgp @freddy @blacklight447 @jw @kevpham
And of course you should follow Privacy Guides as well if you don't want to miss any of our upcoming articles, videos, and other material!
Official announcement here 
https://www.privacyguides.org/articles/2025/01/17/privacy-guides-hires-three-staff-members/
In the spirit of a recent post on making the #Fediverse a more welcoming place, renewing a post I had on my old profile but apparently not here: ask me anything! I can't guarantee I'll have all the answers or be fast to reply but lll try to at least say something. Some things I can talk vaguely usefully about include:
#DNS #Google #InfoSec #SRE #SysAdmin #Internet #Unions #Organizing #Baseball #Web #Tor #Privacy and probably a billion more.
In the weeks to come,
protecting your communications and online activities might become increasingly important
Remember that complete anonymity online is difficult to achieve,
But here are a few tools
you can start using *right now* to greatly improve your protections and data privacy online:
VPN (Proton VPN): https://protonvpn.com/
Browser - Day-to-Day (LibreWolf): https://librewolf.net/installation/
Browser - Sensitive Activities (Tor): https://www.torproject.org/download/
Email (Proton Mail): https://proton.me/mail/pricing
Throwaway Email Addresses (SimpleLogin): https://simplelogin.io/
Messaging & Audio/Video (Signal with username): https://signal.org/download/
Shared Documentation (Anytype): https://download.anytype.io/
File Sharing (OnionShare): https://onionshare.org/
Maps (OsmAnd): https://osmand.net/
Activism & Groups (Mobilizon): https://joinmobilizon.org/en/
Scheduling Meetups (Framadate): https://framadate.org/abc/en/
#EU States Push for Access to Encrypted Data and Increased #Surveillance #GoingDark
"Most EU member states welcome the demands of a group of experts for more surveillance. The panel was criticized in advance for being biased and one-sided. Nevertheless, there is hardly any opposition to the panel’s recommendations, as a secret protocol that we are publishing shows."
https://netzpolitik.org/2024/going-dark-eu-states-push-for-access-to-encrypted-data-and-increased-surveillance/
@surveillance@a.gup.pe
#introduction! I'm a pro #guitarist with the band Maggie Speaks. Freelance video editor (indie doc Cover 21: Ignite Chicago, on Amazon). Amateur #photographer.
Interests:
#guitar
#music
#musician
#audio
#recording
#MusicProduction
#photography
#VideoEditing
#postchat
#camera
#design
#typography
#tech
#ios
#apple
#privacy
#history
#micromobility
#infosec
#cybersec
#law
#AI
#aerospace
#UnitedKingdom
#LatAm
#EU
#austria
Languages: #english #spanish #german #espanol #deutsch #francais #italiano
