Terminal stage of console

  • 1 Post
  • 38 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle

  • Telegram’s servers are located in US, Singapore, Netherlands (and maybe some other countries) from what I’ve gathered. And all chats that are not E2EE’ed are stored there, encrypted at rest at best with keys in the same database, or somewhere else that can still be accessed in automated way. Maybe it is not even encrypted at rest.

    The point is, all those countries are either in 5 eyes or have information sharing agreements with 5 eyes countries. So as far as I’m concerned, TLAs can still have their fingers in those pies, in addition to Telegram’s overall shadiness and Russian ties. So maybe you get KGB strongman keeping a watch over your chats too.

    This is not something I’d have much confidence in to be honest.











  • I’d not expect the private booth to have the club’s employee sitting there and waiting for me to do something that is against the rules preemptively.

    We mostly argue about semantics, but in this instance you are trying to excuse some very questionable behaviour by companies by saying something along the lines of “well you better go and live in a forest then”. And I don’t think that’s a good take.

    For example, how many Lemmy instances are fine with you direct linking to piracy torrents?

    Irrelevant, as all content on Lemmy is public in a proper sense of this word.




  • As a rule of thumb, do not put all your eggs into one basket. No software is infallible and vulnerabilities can be uncovered and exploited in both open and closed sourced applications.

    That’s being said, as long as you don’t store all information necessary for a successful login in your password manager, you should be fine.

    So storing credentials for your bank account is fine, as long as it is also protected by MFA and you do not use the same password manager for handling that.

    You can store PIN codes from your debit cards in the password manager as long as you do not store card number / expiration / CVV2 there too.

    Personally, I keep passwords in a password manager, MFA tokens in a separate authenticator, MFA recovery codes go to FIPS 140-2 certified encrypted USB sticks (3 separate copies). I do store debit card PIN codes in my password manager, but only alongside the last 4 digits of the card number.


  • Mullvad is trusted. They are pretty open with their policies, exist for a long time already, not involved in any privacy scandals (to my best knowledge), charge flat and fair fee without 60% sales and other dubious marketing practices. It is one of the better VPN providers, not in 5/9 eyes (they are in 14 eyes though), you can buy a subscription with crypto, which (assuming crypto was acquired anonymously too) is a good start for some privacy guarantees.

    Pretty much every cyber security professional I know uses Mullvad in one way or another, usually as part of a more complex solution.

    But all in all, please bear in mind that VPN is not some magic silver bullet to preserve your privacy and anonymity. With VPNs you basically shift your trust from your ISP to the VPN provider. That trust you put into the provider, it is still a requirement. Not to mention that a good chunk of tracking is happening on a lower level nowadays, so if you use Mullvad on Windows / any Apple device etc. do not expect to become untraceable :)




    • Settings -> General -> Language & Region -> Region
    • Settings -> YOUR NAME -> Media & Purchases -> Account Settings -> Country/Region

    Both must be changed to a different region to fully switch. Requires a valid payment method from that region (e.g. a debit card from that region). There are consequences to changing regions too, so be careful.

    From my experience, sometimes you also need to contact Apple support to finish the change process. Otherwise it may just revert back.

    Overall, Amazon surely knows where you are now and it will be set in your Amazon account, I suspect there is nothing you can do.

    The best way to achieve what you want is to boot something like TailsOS and create a new account while under the VPN in that region. With a payment method from that region.

    VPNs are not magic. Most big companies nowadays have means of detecting actual user locations, which is pretty trivial if you use an app or an operating system that leaks data when under the VPN.