I want to post a picture of my bathroom on Reddit for some decorating advice. Is there metadata in a photo captured on my phone that could be used to track/identify/etc me? How do I avoid this? Is there an app I can run it through? Send it to ChatGPT to modify then provide the modified image?

Anyone else getting tons of new terms of service from everywhere? I’ve read through them but I haven’t been able to detect any privacy changes. Anyone else?

I need a secure method of communication outside of my personal phone. I have an old iphone I can wipe and use that as a burner with a new sim and not connect all the apple accounts or have any unnecessary apps, just text and calls and functional apps.

How secure would this be for a side business?

How could I also make the phone more secure?

https://futureoflife.org/ai-safety-index-summer-2025/

There's a good summary by Siliconversations on Youtube if you don't want to read everything,

They are basically massive data collection apparatus, as everyone here suspected.

My job asked me to make an account on a recruiting website. The website is asking for my ID and I cant create the account without it. Im not sure why they need my ID and I dont really want to give it.

How should I approach this with my employer? They are probably going to think its ridiculous if I say I dont want to hand over my ID.

This absolutely seems like the type of company that will sell my information to data brokers. Im not even sure what they would gain from connecting my ID with my job?

The vulnerability we’re discussing in this post lies in how Comet processes webpage content... When users ask it to 'Summarize this webpage,' Comet feeds a part of the webpage directly to its [large language model] without distinguishing between the user’s instructions and untrusted content from the webpage.

This allows attackers to embed indirect prompt injection payloads that the AI will execute as commands. For instance, an attacker could gain access to a user’s emails from a prepared piece of text in a page in another tab.

The AI operates with the user’s full privileges across authenticated sessions, providing potential access to banking accounts, corporate systems, private emails, cloud storage, and other services.
...
For instance, malicious instructions could be hidden in a Reddit or Facebook post in white text on a white background, which isn't visible to the user, but readable by the Comet browser's agentic AI.

Source: https://futurism.com/ai-browser-hackers-drain-bank-account-public-reddit-post

say goodbye to Newpipe, revanced, xmanager

https://www.androidauthority.com/android-developer-verification-requirements-3590911/

Via Techcrunch: Harvard dropouts to launch 'always on' AI smart glasses that listen and record every conversation.

I don't see how this would possibly be legal. First, these glasses don't have any kind of indicator light to show that they're recording; second, some states require that both parties consent to being recorded.

“We trust our users to get consent if they are in a two-party consent state,” said one of the inventors.

I am absolutely CERTAIN that they know some users will knowingly violate this law. I remember reading a while back about a bracelet in development (at MIT maybe?) that emitted an inaudible sound that disrupted eavesdropping. I wonder if it made it to production, and I hate that normal people now have to worry about their everyday conversations being recorded without their consent.

With VLC I can navigate to `/.LockMyPix/temp/` and see every video or photo I've taken in the app, even fresh unshared content or content I deleted months ago. How is this app so highly rated and widely downloaded? It has one job and doesn't deliver.

First of all, I'm quite aware that Windows sucks for privacy. Saddly, I must use it for a number of reasons.

Since I'm stuck with windows, is there a guide somewhere on what can I do to increase my privacy on a windows machine?

I've found lots of stuff on the net, but a guide or site that gathers all this information would save me a lot of time. Does such a thing exist?

Recently I was at Privacy Tools looking at some tools, more of curiosity. And so I came across a list of search tools, like a browsertests, but search tools. And there I spoke of a good part of these tools. Mostly, it was said that it was or was not self-hosted, focused on profit or not focused.

In the middle of that, there was the SearxNG instance called "Tiekoetter". Then I started trying to use her, and it worked well.

So far I'm having a great experience. But is this really safe or private? I thought that to use SearxNG had to be self-hosted via docker or something. I did not know that there was public instances. And curiously, according to the site. They say it is a self-hosted instance.

Then. Is this really safe or private? What would you say about it?

I'm slowly degoogling and I saw a video from Louis Rossmann about Google storying old voice chats and voice recordings so I decided to download all the data from my google account (takeout it's called) and check myself.

I was astonished! I used to use an Android phone in the past for many years so this is what I've found so far (even though I've restricted google from tracking my data and deleting it as much as i can).

- All my online activity, literally everything, what device, serial id (if I bought the phone from google), logins and general activity info, all my activities on drive and google services

- Recordings of my voice for training "Hey Google".

- All my online purchases, even old ones that I would like to delete but cannot...

- All my old chats on google meet, all my meetings and meetings I've partecipated in and for how long

- Data that I deleted from my account (like my previous phone number for verification purposes).

- My fitness data, even derived data which I've no idea what it means, probably phone tracking steps rather than fitness watch.

And much MUCH more.

It's crazy how much we give away for free. If some government authority or other bad actors wanted to track me they would absolutely do it in NO TIME. I'm not in any danger but still I don't like that.

I hope that once I delete the account all my data will go away. I will try my best to delete it and obfuscate it before deleting but seeing how they store absolutely everything you do, even old data entries that you deleted or chagend I find hard to believe that I will be able to wipe all my data from Google.

Online debit cards paid for with crypto? Looking for something like that

Hi all. I’ve ordered a Protectli Vault 1410 and while I await shipment I’ve gone down the OPNsense, Pfsense, openvpn, wireguard rabbit hole and have emerged none the wiser. I’m a Protonvpn user, so that part at least is fixed, but as for the other choices I understand they are not identical, but for someone like myself just wanting to block ads and use this as a good foundation for what I hope will be the first step to set up a home lab, does anyone have any strong opinions? I’m leaning towards Pfsense and OpenVPN, but only because the instructions are well detailed in the Extreme Privacy book. I’ve read that Wireguard is much faster, but for those of you who have used both, is it noticeable in the real world of every day browsing and downloading?

Hey guys,

with all the talks about "chat control" and the governmental fight against encryption, I started thinking about the encryption of actual hard drives or SSD's, where we all like to save our most private stuff on.

Let's say we've got a AES-encrypted hard drive with a password containing 30 characters (upper-case letters, lower-case letters, numbers and so on).

I believe if someone would be able to decrypt it, it would probably be a governmental entity, but what would it probably need to be successful? How realistic is that? Are there developments in technology to enable that?

I had this idea the other night and I have no idea if it makes any sense at all but hear me out. So I was thinking about the battle between ad blockers and youtube, and its seems to me that a major problem is that YouTube/Google somehow knows what your using in your own browser. Which I think is total bullshit no one else but the owner of the web browser should know which ad ons or plugin the user is using.

So I thought what if there was a way to use a local proxy of a web browser that is essentially a stripped down functional clone of the web browser your using (or something different) to act as a middle man between the websites and your actual browser. I thought maybe this would give the user more control and mask information contained in the actual browser without giving website hosters that information about your browser. And hopefully not allow youtube to not know whether or not you’re using an ad blocker.

This is just some idea I had and im sure there is a lot of problems with it, but I personally don’t know why this wouldn’t work at least for some of the privacy type problems.

What do you guys think of this idea? Would something like this actually help at all?

So, I requested a takeout of my data and whilst sifting through the data I had found my old boarding pass with my NAME and DOB and 5 AUDIO RECORDINGS WITH MY VOICE from my Google home.

Give me grace, these were from 4 years ago when I didn't really know about all these privacy alternatives and the data these companies collect. But holy shi, this is my first time feeling somewhat disturbed.

I already unplugged my google home and i didn't give any other identifying info (other than my location, since my Google home probably snitched).

However, I'm not sure what to do with my email. I know that will most definitely never delete my data, so I need advice on things; is there any point in deleting the account and hope they miraculously delete the date? Or do I leave it and switch to tuta and/or proton and reroute everything there.

Any other advice is welcomed too.

Most of us trade data for convenience every day, location tracking for maps, saving passwords in our browser, cloud backups for photos, and using autofill for payments. It feels harmless until we realise how much of our identity is stored on someone else’s servers.

Every device in our lives is quietly collecting data. Laws like GDPR and India’s new DPDP Act exist, but enforcement is patchy. Once your data leaks, there’s no way to “get it back”. It’s permanent exposure.

How do you balance privacy vs convenience? Do you use privacy-first tools or do you just accept that surveillance is a part of modern life?

I run and everyone around me is using Strava these days and some see me as eccentric for refusing to. I can't be bothered to learn what privacy terms they have because I simply refuse to sign up to anything (even with anonymous emails) and be exposed to a data breach like MyFitnessPal a while back.

I feel a little silly calculating my pace based on the time on my stopwatch app and distance using maps but I prefer this inconvenience.

Am I the only one?

Hello, first time posting here, I didn't know what tag to put. Recently, a No caller ID called me, which I picked up out of curiosity. After i hung up, (Presumed it was a bot), It called again saying my first name, and later my home address. Note that it was not a bot, as the person on the other end whispered it through the call. He also apparently found pictures of me, and described how i looked on call.
I disabled Show Caller ID after.
Do you have any idea how he might've done this? He was able to find the information rather fast, and found a lot of information about me, I'm guessing solely on the phone number.

I had requested them to delete all my information, including my messages, and I even went forward to give them every message ID I had in Discord by requesting my data earlier this month. Still, they refused to delete all of my messages. All they did was claim that they would delete some of the chats I no longer had access to, and even then they failed. What should I do, and how can I pressure them to delete my data since I am done with Discord and I want to take my privacy more seriously now?

Sorry for the post, I'm relatively new around these quarters, and I'ven't seen it put this way.

So google says it doesn't give out data, unless it is legally/judicially needed or consented by us. (Signing in — Somehow I missed the note where I was told it is a consent of data access. Rookie here, sir)

Benefit of doubt, granted.

The messed up thing, is analytics. To infer from loose pieces of data.. To try to infer motivations behind my each click and clank, (ref: Target predicted a teen pregnancy) fucked up beyond 1984 sir. It is.

Privacy policies fixate on data sharing, but barely talk about analytics. Shouldn't we demand to know how exactly our data is used? And opt out from certain named analytics? "Right to be left the fuck alone"?

TL DR : Privacy is not just about who keeps the data, but mostly on how they use it. Transparency is about using data only in the ways agreed upon. Privacy policies lack that.

Yeah, thoughts?