Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@walkinglampshade" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>walkinglampshade</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@jrredho" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jrredho</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fj" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fj</span></a></span> It's basic <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a>, really:</p><ul><li><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> has no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> to demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> and they use and abuse that to restrict functionality of their App (it doesn't matter that they merely claim <em>"comply with <a href="https://infosec.space/tags/sanctions" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sanctions</span></a>"</em> [their <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> disqalifies them even more!] because they have the tech to distinguish and discriminate users)...</li></ul><p>Thus <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> fails at protevting <a href="https://infosec.space/tags/Journalists" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Journalists</span></a> <em>and</em> theor sources because they do have that data and can be <a href="https://infosec.space/tags/subopena" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>subopena</span></a>'d for it if they don't already provide <a href="https://infosec.space/tags/BulkSurveillance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BulkSurveillance</span></a> & <a href="https://infosec.space/tags/LawfulInterception" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LawfulInterception</span></a> <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a>|s to comply with <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a>. (Or are you guys so naive and believe <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Mer__edith</span></a></span> will risk <a href="https://web.archive.org/web/20210606070919/twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">dying of old age in jail for non-paying users?</a>)</p><ul><li>This entire <em>"thread vector"</em> just doesn't exist with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> nor <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME! </li></ul><p>And if you believe <em>"this won't ne used/abused me because I'm from 'Murica!"</em> and point at <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a> as an example, then you really ignored all tze <a href="https://infosec.space/tags/Cyberfacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberfacism</span></a> since 9/11…</p>
Recent searches
No recent searches
Search options
Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.
Administered by:
Server stats:
16Kactive users
mstdn.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#legitimateinterest
1 post · 1 participant · 0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@Avitus" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Avitus</span></a></span> <span class="h-card" translate="no"><a href="https://udongein.xyz/users/lispi314" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lispi314</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> </p><p><a href="https://infosec.space/tags/TLDR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLDR</span></a>: <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> HAS NO <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> TO DEMAND <a href="https://ioc.exchange/@Avitus/114000090435386785" rel="nofollow noopener noreferrer" target="_blank">A</a> <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> (or any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> for that matter) TO BEGIN WITH!</p><ul><li><a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BDSG</span></a> literally bans such unnecessary data collection per law!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://udongein.xyz/users/lispi314" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lispi314</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lauren</span></a></span> Not.only.that, but with a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> it makes it trivial to get details from <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> targeting a known individual.</p><ul><li>And with the prevalence of <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> and the fact that there is <em>literally no <a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a></em> since <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> abandoned <a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TextSecure</span></a>, it's yet another design flaw that is beibg <em>intentionally kept</em> instead of fixing it <em>at all</em>!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://possum.city/@tauon" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>tauon</span></a></span> </p><p>1) <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudAct</span></a> is just <a href="https://infosec.space/tags/CyberFacism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberFacism</span></a>, look it up!<br><a href="https://en.wikipedia.org/wiki/CLOUD_Act" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">en.wikipedia.org/wiki/CLOUD_Act</span><span class="invisible"></span></a></p><ul><li>And with <a href="https://infosec.space/tags/Trumpism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trumpism</span></a> ravaging the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a> must be considered as <a href="https://infosec.space/tags/hostile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hostile</span></a> as <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> and the <em>"P.R."</em> <a href="https://infosec.space/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>China</span></a> by anyone who takes <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a> seriously!</li></ul><p>-</p><p>2) <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> 's <a href="https://infosec.space/tags/Server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Server</span></a> code is proprietary and since it's centralized we can't trust that the code they release is what's running on their backend! </p><ul><li>Plus their <a href="https://infosec.space/tags/App" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>App</span></a> doesn't allow <a href="https://infosec.space/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReproducibleBuilds</span></a> (if Signal was <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FLOSS</span></a> it would be on <span class="h-card" translate="no"><a href="https://floss.social/@fdroidorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fdroidorg</span></a></span> / <a href="https://infosec.space/tags/Fdroid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fdroid</span></a>) but alas it isn't!</li></ul><p>-</p><p>3) <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> still demands <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> which are <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> either by association (<a href="https://infosec.space/tags/Number" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Number</span></a> => <a href="https://infosec.space/tags/ICCID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICCID</span></a> = <a href="https://infosec.space/tags/SIM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SIM</span></a> = <a href="https://infosec.space/tags/IMSI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMSI</span></a> => <a href="https://infosec.space/tags/IMEI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IMEI</span></a> => Location Data <a href="https://infosec.space/@kkarhan/113467346741876822" rel="nofollow noopener noreferrer" target="_blank">as I explained before</a><a href="https://infosec.space/@kkarhan/113878565911126519" rel="nofollow noopener noreferrer" target="_blank">twice</a>) or mandatory <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KYC</span></a> / <a href="https://infosec.space/tags/ID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ID</span></a> requirements (even on prepaid cards), which an increasing amount of juristictions <em>do</em>...</p><ul><li>They have no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> demanding said <a href="https://infosec.space/tags/PersonallyIdentifyingInformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PersonallyIdentifyingInformation</span></a> to begin with! </li></ul><p>-</p><p>But don't take my word for it.<br><a href="https://www.youtube.com/watch?v=tJoO2uWrX1M" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=tJoO2uWrX1M</span><span class="invisible"></span></a></p><ul><li>Ask yourself if you'd trust someone <a href="https://www.youtube.com/watch?v=0DSGq9FQKU4" rel="nofollow noopener noreferrer" target="_blank">peddlibg</a> <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scams</span></a> like <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MobileCoin</span></a> with your data!</li></ul>
Heals :heart_nb:<p>First the <a href="https://indiepocalypse.social/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a> loophole around literally any <a href="https://indiepocalypse.social/tags/cookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookie</span></a> consent and now more and more pages ask you to give up your privacy or pay a monthly fee to almost have no profiling and almost no adverts.</p><p>I really wonder why the <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EUCommission" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCommission</span></a></span> is so chill with methods like this?</p><p>Maybe theyre too busy pushing out the next skewed legislation in their DMA wars?</p>
Novel Exploration<p>“Legitimate interest” -</p><p> Die! x10k x10k x10k x… </p><p>I don’t boost posts promoting websites that lead me down a ‘Legitimate interest’ garden path </p><p><a href="https://indieauthors.social/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a></p>
CCIA Europe<p>📢 @EtienneDrouard: "Scraping of data and training AI should be compatible with the <a href="https://eupolicy.social/tags/GeneralDataProtectionRegulation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GeneralDataProtectionRegulation</span></a> and <a href="https://eupolicy.social/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>. This means protecting people, not asking for their consent."</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://kanoa.de/@frodo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>frodo</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@evacide" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>evacide</span></a></span> <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monocles</span></a></span> </p><p>I don't compromise on <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a> and <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a>.</p><p>If I were to use <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> or <a href="https://infosec.space/tags/Threema" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Threema</span></a> or <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Telegram</span></a> or <a href="https://infosec.space/tags/SimpleX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SimpleX</span></a> or whatever shit messenger is trendy, I'd indirectly vouch for it and endorse it.</p><ul><li>Which I won't given ample of examples like Telegram, <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a>, <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a> aka. <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationIronside</span></a> aka. <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationTrøjanShield</span></a> and all the garbage that <a href="https://infosec.space/tags/CryptoAG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoAG</span></a> released.</li></ul><p>Trust must be earned, and <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> didn't even bother to do basic design considerations:</p><ul><li>All their <em>"but <a href="https://infosec.space/tags/Metadata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Metadata</span></a>"</em> <a href="https://infosec.space/tags/FUD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FUD</span></a> is horseshite when they demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumber</span></a> and are openly able and willing to discriminate and/or restrict service solely based off said info they have <em>NO "<a href="https://infosec.space/tags/legitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>legitimateInterest</span></a>"</em> in demanding at all!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.xyz/@privacyint" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>privacyint</span></a></span> Furthermore your website contains <a href="https://infosec.space/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloudflare</span></a> <a href="https://infosec.space/tags/Cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookies</span></a> & [malicious per concept] <a href="https://infosec.space/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a>, which has no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> to be there.</p><ul><li>There are <a href="https://www.youtube.com/watch?v=Np9erdnM4l8&list=PLI84-gNHkUdvE1u_Kfz3qS9h75n-m-T3y" rel="nofollow noopener noreferrer" target="_blank">no legitimate reasons</a> to use <a href="https://infosec.space/tags/ClownFlare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ClownFlare</span></a> and other <a href="https://www.youtube.com/watch?v=kYkFYmqJYvE&list=PLI84-gNHkUdvE1u_Kfz3qS9h75n-m-T3y&index=2" rel="nofollow noopener noreferrer" target="_blank">enablers and supporters</a> of <a href="https://infosec.space/tags/StochasticTerrorism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StochasticTerrorism</span></a>, espechally when there are <a href="https://www.youtube.com/watch?v=i4n6zmajfsM&list=PLI84-gNHkUdvE1u_Kfz3qS9h75n-m-T3y&index=3&pp=iAQB" rel="nofollow noopener noreferrer" target="_blank">better alternatives</a> on the market!</li></ul><p>Please reconsider your <a href="https://infosec.space/tags/TechStack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechStack</span></a> <em>AND</em> the opening, cuz 40k p.a. won't get you a legal consultant except <a href="https://infosec.space/tags/remote" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>remote</span></a> or part-timer...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>GrapheneOS</span></a></span> <span class="h-card" translate="no"><a href="https://muenchen.social/@thomas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>thomas</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@wonka" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wonka</span></a></span> Also I think the issues usually outweigh the benefits - at least when we look at individuals & devices owned by consumers vs. <em>corporate <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a></em> where locking down devices is seen as desireable!</p><ul><li>It should be the sole discretion of the devices' owners whether or not such a feature should be used or accessible and it shpuld be disallowed to coerce people into <em>"consenting"</em> under threat of denied access.</li></ul><p>Because for every <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> (i.e. <a href="https://infosec.space/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://infosec.space/tags/Authenticator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Authenticator</span></a>) I can find a dozen reasons this <em>"functionaloty"</em> should be discontinued and considered malware.</p>
Kevin Karhan :verified:<p>Whoever at <span class="h-card" translate="no"><a href="https://respublicae.eu/@EUCouncil" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>EUCouncil</span></a></span> decided to install <a href="https://infosec.space/tags/ClownFlare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ClownFlare</span></a>-like, <a href="https://infosec.space/tags/ableist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ableist</span></a> bs like this deserves to get fired!</p><ul><li>This shit should be illegal, because <a href="https://infosec.space/tags/JavaScript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JavaScript</span></a> like that is at best <a href="https://infosec.space/tags/bricking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bricking</span></a> <a href="https://infosec.space/tags/ScreenReaders" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScreenReaders</span></a> and is rather <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> IMHO!</li></ul><p>Espechally since there is no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> for blocking <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> users from accessing i.e. press releases anonymously!</p><p>FIX THAT SHIT - NOW!<br><a href="https://www.consilium.europa.eu" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">consilium.europa.eu</span><span class="invisible"></span></a></p><p><a href="https://infosec.space/tags/noJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>noJS</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@dangillmor" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>dangillmor</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@eff" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>eff</span></a></span> Yes, but also acknowledge obvious misguidings.</p><ul><li><p>Only if you exercise <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the keys are you in control and able to exercise your right to remain silent!</p></li><li><p>Only choose fully <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralized</span></a>, <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiVendor</span></a> & <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MultiProvider</span></a> solutions that - <em>if necessary</em> - can be <a href="https://infosec.space/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosted</span></a>, like <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PGP</span></a>/MIME for <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>eMail</span></a> and <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> for <a href="https://infosec.space/tags/InstantMessaging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InstantMessaging</span></a>.</p></li><li><p>NEVER EVER TRUST ANY PROVIDER / SERVICE, CUZ <a href="https://web.archive.org/web/20220112020000/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" target="_blank">THEY WILL TALK IF HELD AT GUNPOINT</a> - yes that includes <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> which collect <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> for no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> to this day, making them at best <a href="https://infosec.space/tags/UsefulIdiots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UsefulIdiots</span></a> of the <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EncroChat</span></a> kind but most likely a giant <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Honeypot</span></a> like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANØM</span></a> aka. <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationIronside</span></a> aka. <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OperationTrøjanShield</span></a>. </p></li><li><p>Use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a> & <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> instead of a <a href="https://infosec.space/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPN</span></a> because it's proven to be battle-tested against bad - <em>including state-sponsored</em> - actors trying to hijack Tor infrastructure!</p></li><li><p>Realize and acknowledge the abilities <em>AND</em> limitations of every method, tool, software, etc.</p></li><li><p>Do learn proper <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ComSec</span></a>!!!</p></li></ul>
BerlinFokus<p>Dammit.</p><p>There is no "<a href="https://berlin.social/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>" for spying on me while I read something, dear internet.</p><p>If in a library someone would try to go through my purse while I read a paper .. that would end very badly for that person.</p><p>Maby the anonymus ad-people of <a href="https://berlin.social/tags/Cookiedom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookiedom</span></a> should get their fair share of being beaten up too.</p><p>🤕</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> The lack of a single <em>"<a href="https://infosec.space/tags/DeclineAll" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeclineAll</span></a>"</em> button but instead requring 6 clicks instead of one is another level of <a href="https://infosec.space/tags/assholeism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>assholeism</span></a>... </p><p>Also can we please ban the phrase <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> in terms of <a href="https://infosec.space/tags/Cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookies</span></a> and <a href="https://infosec.space/tags/Malvertising" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malvertising</span></a>?</p><ul><li><p>There is <em>no law</em> requring sites to <em>tag</em> visitors.</p></li><li><p>You ain't on a payment processors' site or online store where <em>fraud prevention</em> has a place to be.</p></li><li><p>This also ain't like a bank where on top of <em>fraud prevention</em>, <em>KYC</em> & <em>AML</em> applies and they don't want skiddies to empty customer accounts with trivially stolen credentials.</p></li></ul>
Kevin Karhan :verified:<p>No, <em>you don't, asshole</em>!</p><ul><li>Stop lying to my face and own that shit of yours... </li></ul><p><em>SHIT LIKE THIS</em> is what <em>"radicalizes"</em> me even harder <em>and</em> is the reason why I use <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/TorBrowser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TorBrowser</span></a> as my main & default <a href="https://infosec.space/tags/Browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Browser</span></a>!</p><ul><li>There is no <em><a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a></em> for <a href="https://www.baeldung.com/linux/curl-wget" rel="nofollow noopener noreferrer" target="_blank">this website</a> to even store a single <a href="https://infosec.space/tags/Cookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookie</span></a>, much less <em>at least 1.434 (!!!) different tracking <a href="https://infosec.space/tags/Cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cookies</span></a>!</em></li></ul><p>This level of <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Enshittification</span></a> should be illegal - period!!!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@inthehands" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>inthehands</span></a></span> how about the <a href="https://infosec.space/tags/InconvenientTruth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InconvenientTruth</span></a> that both <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>signalapp</span></a></span> / <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Signal</span></a> and <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Telegram</span></a> are <em>BOTH EQUALLY BAD</em> since they both are <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>centralized</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleProvider</span></a> solutions that collect <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhoneNumbers</span></a> with no <em>"<a href="https://infosec.space/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a>"</em> because they are not <em>"technically necessary"</em> to fulfill their services.</p><p>Plus they not only can but will include <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backdoors</span></a> when pressed hard enough aka. cops with 3-hole masks put a gun to their heads...</p><p>Just like there are no <a href="https://infosec.space/tags/LoglessVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LoglessVPN</span></a>'s these Services and their <a href="https://infosec.space/tags/staff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>staff</span></a> have addresses...<br><a href="https://web.archive.org/web/20210226175949/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">web.archive.org/web/2021022617</span><span class="invisible">5949/https://twitter.com/thegrugq/status/1085614812581715968</span></a></p> <p>Instead, consider something where the <a href="https://infosec.space/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>developers</span></a> nor <a href="https://infosec.space/tags/maintainers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>maintainers</span></a> can't do that - like with <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XMPP</span></a> + <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OMEMO</span></a> where you have <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfCustody</span></a> of all the <a href="https://infosec.space/tags/Keys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keys</span></a> and thus you are in control!</p>
Swift<p>An app on <a href="https://sunny.garden/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a> that turns your torch on and off. Here's the "consent" page... Most defaulted to on. Obvs I uninstalled.</p><p>It's the <a href="https://sunny.garden/tags/legitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>legitimateInterest</span></a> options that make me laugh/cry. What possible legitimate interest is there in telling 79 vendors about me,because I wish to operate my phone's torch?</p><p> <a href="https://sunny.garden/tags/SurveillanceCapitalism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SurveillanceCapitalism</span></a> <a href="https://sunny.garden/tags/ads" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ads</span></a> <a href="https://sunny.garden/tags/apps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>apps</span></a> <a href="https://sunny.garden/tags/youAreTheProduct" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>youAreTheProduct</span></a></p>
artfulrobot<p>Big tech doesn't want people visiting other websites bc it takes eyes away from their ads. Hence in-search answers which are marketed successfully as useful - my kids hate having to visit a site to get an answer. Then you get to a site and you have to fight a slow loading complex cookie policy with <a href="https://fosstodon.org/tags/darkPatterns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>darkPatterns</span></a> (and sometimes dodgy legal nonsense like <a href="https://fosstodon.org/tags/consent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>consent</span></a> for <a href="https://fosstodon.org/tags/legitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>legitimateInterest</span></a>). But mostly we only need these things *bc* of the same companies that benefit from people not visiting our site</p>
Serg<p>Nothing says "we value your privacy" like making people object to hundreds "lEgItImAtE iNteReSts" individually.</p><p><a href="https://mastodon.nl/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.nl/tags/cookies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookies</span></a> <a href="https://mastodon.nl/tags/legitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>legitimateInterest</span></a> <a href="https://mastodon.nl/tags/gdpr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gdpr</span></a></p>
Stubbs<p>What is the point of <a href="https://mastodon.me.uk/tags/GDPR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GDPR</span></a> if sites can pull stuff like this? <a href="https://mastodon.me.uk/tags/LegitimateInterest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LegitimateInterest</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload