Very cool -- teddit.net is a new privacy-friendly Reddit frontend, similar to Invidious / YouTube, Bibliogram / Instagram, and Nitter / Twitter.

Source code: codeberg.org/teddit/teddit

- No JavaScript or ads
- All requests go through the backend, client never talks to Reddit
- Prevents Reddit from tracking your IP or JavaScript fingerprint
- Lightweight (teddit frontpage: ~30 HTTP requests with ~270 KB of data downloaded vs. Reddit frontpage: ~190 requests with ~24 MB)

New security audit of Threema by Cure53.

“...despite dedicating sixteen days to the security-centered investigations and reaching the expected coverage, three members of the Cure53 team could only spot seven minor weaknesses on the scope. The absence of vulnerabilities and the generally low severity scores contribute to the positive verdict reached about the security standing of the Threema mobile applications during this October 2020 assessment.”

threema.ch/en/blog/posts/audit

Whoa, this will be convenient!

"We plan to add support for using a GrapheneOS release of microG this way. In the longer term, we also plan to offer a more minimal compatibility layer implemented by pretending that Google services are offline. Both will be options you can choose to install in a specific profile."

nitter.snopyta.org/GrapheneOS/

Just discovered RSS-Bridge; really helpful, open-source project.

github.com/RSS-Bridge/rss-brid

For instance Mozilla doesn't provide a feed for their security advisories page (mozilla.org/en-US/security/adv) but rss-bridge does (github.com/RSS-Bridge/rss-brid) 👍🏼

@amolith and @snopyta both run public instances too.

- NixNet: rss.nixnet.services
- Snopyta: rss-bridge.snopyta.org/

"When you click on a sponsored tile, Firefox sends anonymized technical data to our partner (admarketplace.com) through a Mozilla-owned proxy service (github.com/mozilla-services/to). This data does not include any personally identifying information and is only shared when you click on a Sponsored Top Site."

Show thread

There's a new "experimental feature" being tested in Firefox 83: sponsored sites in the URL bar.

"Mozilla works with advertising partners to place sponsored tiles on the Firefox home page (or New Tab) that would be useful to Firefox users. Mozilla is paid when users click on sponsored tiles."

support.mozilla.org/en-US/kb/s

You can disable this by setting `browser.newtabpage.activity-stream.showSponsoredTopSites` to `false`.

Found via old.reddit.com/r/firefox/comme

Looks like Ghostery will be launching a desktop browser based on Firefox and search engine powered by Bing early next year.

wired.com/story/ghostery-brows

Huh, does Signal rely on Cloudflare for any infrastructure like domain fronting or something? Just noticed in my DNS logs when opening the iOS app a connection was made to cdn2.signal.org.cdn.cloudflare.net 🤔

New IVPN update:

“Generating an account for our VPN service no longer requires an email address, and we dropped renewing subscriptions by default in favor of a pre-paid system.”

Source code for website: github.com/ivpn/ivpn.net/

ivpn.net/blog/new-open-source-

“Microsoft (owner of Hotmail, Yahoo!, Outlook, Live.com, Office360, etc.) is rejecting all emails originating from Disroot.org servers.”

disroot.org/en/blog/microsoft_

Very cool, the Guardian Firewall team is working on a proof-of-concept for configuring a jailbroken AppleTV w/ a VPN profile.

guardianapp.com/blog/2020/11/a

No surprise, Firefox appears to have Google set as the default geo provider for location services for some installations.

You can change this manually to use Mozilla's location services via `about:config`'s geo.provider.network.url by updating the URL string to:

location.services.mozilla.com/

Or even a hard-coded longitude/latitude.

More here: old.reddit.com/r/privacytoolsI

Like twice/week MySudo pushed these spammy notifications with no option to opt out without disabling notifications altogether. 😠

“According to records recently released by the Seattle Police Department (SPD), a detective working for SPD signed up for and used facial recognition app Clearview AI, which appears to be in violation of the City of Seattle’s Surveillance Ordinance.”

itsgoingdown.org/seattle-polic

Neat! The Privacy Redirect web extension merged my addition for redirecting to the old or compact Reddit design 👍🏼

github.com/SimonBrazell/privac

From SnowHaze VPN:

“You can recreate our server infrastructure and verify for yourself that the code running on our servers is the same that we published.”

github.com/snowhaze/zka-sgx

Show more
nitrohorse Ⓐ

Personal instance of nitrohorse (nitrohorse.com).