This is a very minor issue if it is an issue at all.
The system log is private. The only apps that can access it are apps that are given special permission from your phone manufacturer. This manufacturer could also get this information other ways if they wanted to.
The only real issue here is that it raises the attack surface because instead of a website or app needing to break into your OS, they can also break into one of these built-in apps. So it would be easier to find an exploit chain that could retrieve these identifiers.
The real question to be asking here is why do these apps need access to the system log in the first place?
Only works with gmail. This needs some sendmail support.
(Sidenote: I do realize that it is weird that a command line tool has become the defacto email sending API)
supposedly breaking the SSL and re-encrypting it with their SSL
supposedly breaking the SSL and re-encrypting it with their SSL
There is no doubt here, this is how basically all CDNs work. You need to see the plaintext request in order to perform caching and most other features that they provide.
I agree, if the content is very sensitive then you shouldn’t trust a third party. However in practice most companies trust third parties whether that is a hosting provider, analytics or any number of functions that it is easier to outsource.
I think the concern arises because Cloudflare is big. This has benefits and drawbacks.
I agree that we shouldn’t be giving money to companies who do not support our use cases on our hardware. But unfortunately RISC-V is years away from being close to competitive in the laptop space.
I agree! Just seeing a single parent of context would make a huge difference.
It would also be pretty cool to group replies to the same comment together.
That is a very large leap to assume from the leaked data. IIUC the leaked data just says that there was a Signal account associated to his phone number. It could have been one friend or journalist that he wanted to talk to. He may have signed up to see what it is all about. As far as I am aware there is no evidence that he was a significant user, or that he prefers it over his own messaging apps.
I’m not saying that FB apps are trustworthy, but I honestly would have been more surprised if he didn’t have a signal account.
I basically don’t like apps messing in my folders anyways so I don’t worry about it too much. I leave the defaults but the only XDG defined folder I really use is Downloads but I basically use that folder for any temporary data.
Other than that I will symlink the configs of certain apps that I care about (git, zsh, vim, …) into a good place for me and I keep most of my work in ~/p which is basically a directory of git repos.
So basically I find the XDG stuff mostly useless so I keep the stuff I care about out of those folders.
(Although I do wish more apps respected XDG_CONFIG_DIR rather than dumping crap into my home directory. )
Did you ping the ip? 10.0.0.191 or just try the hostname?
I do find it weird that this is an internal IP. I would check if this query works. Also maybe checking to see if your VPN has anything at this IP.
If you really want you can set a trace filter on your firewall to see what users those requests are coming from. This is reverse-DNS. It looks up the hostname for an IP address. There are various reasons to do this.
So there are a wide variety of reasons. You would have to trace this back to the application to find out why exactly it is happening for you.
Your best bet is using the Tor Browser.
But remember, you need to use the Tor Browser every time you log in. A single time that you login from your own IP and they will associate that IP with your account.
I don’t see the problem. People at sopuli.xyz are allowed to post to !email@example.com. In fact I don’t see a !firstname.lastname@example.org community https://sopuli.xyz/search/q/technology/type/Communities/sort/TopAll/page/1.
I’ve also successfully put self-hosted servers into a network namespace that routes everything through Tor (basically like a VPN, except through Tor). This works for basically every service as long as it uses TCP. However if it has native proxy support configuring that can be easier if you trust that it doesn’t leak.
RSS works by something downloading the RSS feed. So some IP will need to connect to Reddit to fetch it. If you don’t want to reveal your IP then you need to fetch it from somewhere else.
So basically yes, fetching an RSS feed will be associated with an IP address (like anything else across the internet) so if you don’t want Reddit to see your IP address you will need to get something else to connect to Reddit on your behalf.
Lemmy should probably add a <link rel=alternate> element that points to the feed. This way you can just put the page URL into your RSS reader and people who use RSS browser extensions can find it automatically.
I think it is a good idea, but I don’t think it is a significant concern anyways.
Since RSS is generally an async background job the cons are basically non-existent so why not get the minor privacy benefits?
This is controversial because they are “big bad” companies. But in some cases I think that is a plus because they have some responsibility to do as they say.
The major concern for all of these is that they are allowed the keep anonymized logs forever. This means that if the hostname itself it sensitive then it can be recorded forever. (For example if you have “secret” subdomains).
The other option is running your own recursive resolver, this mostly nullifies the private subdomain issue as only the authoritative server will see it (other than network snoopers) however this has very real downsides.
Disclaimer: I used to work at Google (but not on Google Public DNS) and have no affiliation with other named or referenced companies.
That’s cool! Last I checked peertube doesn’t support subscribing to mastodon accounts though. Maybe I’ll try it out. Most of my friends aren’t using peertube though so the private content isn’t as useful to me there.
There are also very few web-based chat apps that work well on a mobile display. Most services require you to install the app to access on mobile. (Although you can get the desktop interface by changing your user agent) So sure, it isn’t the most exciting thing but it is cool to know that you can access Matrix from anywhere as long as you have a web browser.