Q&A: Overcomplicated Privacy Tools
Added 2025-03-05 18:00:13 +0000 UTCQ&A216: Are there any privacy tools we've ditched for being too complicated? Do we have any recommendations for privacy-focused VPS providers? Is it worth making new accounts periodically to avoid tracking? Is endpoint security being neglected?
Welcome to the Surveillance Report Q&A - featuring Techlore & The New Oil answering your questions about privacy and security.
Video Version: https://youtu.be/ORCQ9OgN0lw
(00:00) Introduction
(00:23) Overomplicated Privacy Tools
(05:44) Recommended VPS Providers
(07:53) Account Recycling
(11:20) Endpoint Security vs E2EE
---
π Go ahead and leave some questions below for us to look at for SR217 this weekend! (Note: We record on Friday nights in the US, so it's highly recommended to leave all questions by noon on Friday in the US)
It can be about a specific story, a general question about privacy/security, a question about the world, a question you tried last week, or anything else. Due to time restraints we can't promise that we'll get to yours, but we appreciate all of them!
To receive these posts via RSS, get your own custom link using these instructions.
Comments
Are there any privacy focused education apps you recommend? Re: recent, current DHS monitoring of over 200 sites, including Duolingo
Ethan Hindmarsh
2025-03-13 15:22:06 +0000 UTCWhat crypto for private & instant tx? XMR takes too long for when I need to send money irl on the spot, instantly confirmed
Ethan Hindmarsh
2025-03-10 20:07:38 +0000 UTCI need help getting a good recommendation for Android alternative. I have looked at e/OS, Lineage, Graphene. I would like a good default messenger app for SMS/MMS/RCS (family won't move to Signal), and other solid default apps. Skill level aside, I am hoping to pick one that is easy to use, private, secure, and open-source.
Gregory Zingler
2025-03-08 22:06:13 +0000 UTCWhich social media apps are you using most frequently now?
Ethan Hindmarsh
2025-03-08 02:18:34 +0000 UTCWhat are the biggest usability barriers on qubesos (ignoring hardware compatibility issues)? What changes would you want to see before you would recommend qubesos to any layman? Do you self-host an OIDC provider? If so which I've seen lots of news on "behavior modification capitalism", do you think the current news supply chain is inadequate? How can someone know which news sources to trust? I'm very excited for peer to peer applications, have you seen anything cool on that topic? Are peer to peer applications more private than centralized applications? I worry about the added risk of being hacked due to being connected on a peer to peer network using potentially vulnerable code
Ethan Hindmarsh
2025-03-08 02:16:37 +0000 UTCA series of interconnected questions about browser fingerprinting and VMs: How much importance do you assign to combating advanced fingerprinting techniques that go beyond easy-to-thwart cookie-type technology, trying instead to extract unique data from hardware-specific performance metrics? Meaning techniques that can reliably produce the same fingerprint even on new sessions of the same privacy-hardened (and made to look generic) browser that will persist across device reboots and browser updates. It is claimed that a lot of such techniques are not VM-resistant; in other words, the fingerprint will not persist across the same VM configuration on different VMs on the same machine with the same hypervisor, presumably owing to subtle VM-to-VM variation in resource allocation. (Presumably, the same is true for different qubes on QubesOS and for single-use VMs). Do you do anything to compartmentalise your same-browser browsing activity into different VMs for this reason to avoid having all of it connected by fingerprinting? The book you recommend by Byron Tao goes into quite a bit of detail into large-scale harvesting and resale of phone location data (and to some degree of DNS query data) by surveillance-capitalism companies. How likely do you think it is that the same is going on with advanced browser fingerprinting data but has not yet been brought to light? Of the 3 main Linux-compatible local VM options -- VirtualBox, VMware, KVM/Qemu -- which do you prefer and what do you think the main differences and pros/cons are? People in the privacy and security community also mention tails, but it seems the main use case for that OS would be for someone worried about having their machine seized and forensically examined; do you think there are other, less extreme, reasons to use it?
David Johnson
2025-03-06 10:23:40 +0000 UTC
![J.A.X [Ai art]](https://xaiju.com/istorage/100248.jpg)
