I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

  • nelson@lemmy.world
    423·
    18 days ago

    Pretty sure banks have a pretty good track record of “keeping your money safe”. Why the fork would anybody trust banks to keep their money safe if they can’t keep your money safe?

    I don’t really understand why that statement is even on there?

    Unless you mean to argue some anonimity point, which I could agree with considering e.g. Monero would be more anonymous than a bank.

    But safe? I’d say the bank is quite safe to store money.

    • 小莱卡@lemmygrad.mlEnglish
      6·
      18 days ago

      Banks literally seize and freeze assets from people, e.g. Julian Assange.

      Banks have also a track record of seizing countries international reserves like Russia, Venezuela, Iran, etc…

    • The 8232 Project@lemmy.mlOP
      3·
      18 days ago

      The intention was more “Banks keep my data safe,” but I wanted to provide a clearer explanation that if your data isn’t safe, neither is your money. I didn’t have enough room to put my full thoughts.

    • TurtleTourParty@midwest.socialEnglish
      3·
      19 days ago

      Banks keeping your money safe depends on what country you live in and how much its government has regulated them and/or provided some sort of backup in the case of a run or the bank going out of business.

    • The 8232 Project@lemmy.mlOP
      111·
      19 days ago

      Security isn’t the size of the app

      This could have two meanings, one of which I figure I should address:

      1. If you mean “size of the userbase for an app,” then yes, even projects that fly under the radar are much more secure than “mainstream” options. That’s the main purpose of this infographic.
      2. If you mean “physical size of the app on the infographic,” the reason they’re different sizes is simply because they were hard to fit on one page, and this made it look nice ;)
    • edel@lemmy.mlEnglish
      8·
      19 days ago

      Some of those mentioned likely are compromised, but cannot figured out which. The thing, is to diversify our risk and the privacy minded to use different platforms (Proton VPN and Mullvad VPN for instance).

      The good news, is that if an agency is compromising something, they will likely won’t use the intel gathered in court cases in order to leave it open to future prey, so that is good for vast majority of users. The very few that are relevant enough should not trust even the genuine privacy tools and resort to enhanced methods and combining methodologies.

      My impression, and just impression, is that I would trust **Tuta **more than Proton (and not because Proton’s CEO that many interpreted wrong anyways) On VPN… a tad more trust on Mullvad. Signal, I would not use it for high stakes communication but OK for most people. GrapheneOS seems okay and we know for sure it does not leak info on a daily basics, but we have to be careful, it could have an obscure code dormant waiting for a trigger or could easily send data to an unsuspected server, Ironically, if I were Snoden, I would feel more comfortable using a Huawei Mate with HarmonyOS than a Pixel 9 with GrapheneOS… of course China spies too massively, but it has far less beef with Snoden than the US does, therefore not of much interest to Beijing.

      Remember that overwhelming majority of FOSS goes without any audit, let alone a comprehensive one. This is what some trusted party should put AI checking ASAP all the FOSS out there!

      • nebulaone@lemmy.world
        3·
        19 days ago

        Very interesting insights. Funnily I use all of the services you cautiously recommend, including GrapheneOS, but not HarmonyOS, hard pass on that one. As a German I am also legally required to prefer Tuta. :) I still have that OG 1€/Month contract.

        Edit: Your last point is a good idea, although I think the more popular an open source app is, the less likely it is to be malicious. A lot more eyes on it and the xz backdoor was caught pretty much immediately.

        • edel@lemmy.mlEnglish
          21·
          18 days ago

          Of course… for us normies… GrapheneOS is the way to go. Very high targeted individuals in the West should however consider HarmonyOS. Of Course the Chinese government has eyes on that one but not specifically targeting you… unless they use it to trade intel on someone of high interest for China but no much collaboration between West and China intelligence agencies today…

          True, popularity increases the chances someone auditing. But, to a point. Ideally audit should be performed with every single update and on the servers, and there the premise of more eyes does not hold true no more. Then it comes trust. In a company like Tuta, the people behind showed their faces from day one, the same people are there, is a tight team so harder for a bad apple to do something. Considering both Tuta and Proton were good from inception (and I believe it may be the case), it would probably would be easier for an intelligence agency to penetrate Proton than Tuta, just for the structure that appears they have from outside. Now, Tuta made a horrible mistake once! In the Russian invasion of Ukraine, independently of one’s take on it, Tuta made the “Standing with Ukraine” (March 2022); that was a mistake, it may many doubt if privacy still their paramount over any other ideology. Maybe they have change since since no statements on Gaza… or maybe they agree with what is happening… who knows… that is why they should not make any statements at all, or clarify that while they have their ideologies in no case, ever will compromise their stands on privacy. To be fair, Proton did the same… nothing on Ukraine but on Gaza “We unequivocally condemn the terrorist attacks by Hamas against Israeli civilians […] We also condemn violence against civilians in Gaza”; so I guess both are comparable here! My trust for both is slim, as a company, and even their individuals.

    • pyre@lemmy.world
      2·
      18 days ago

      proton has already shared user data with authorities; you don’t have to go by your gut

    • archchan@lemmy.ml
      21·
      18 days ago

      For starters, it’s open source. And I’m not too into the details, but the creator of Anubis even mentioned that they were interested in creating a non-javascript version for privacy.

      Google’s reCaptcha, to which Anubis is being compared to by OP, is obviously far less private. It’s just another mechanism of control and data harvesting for Google. One of the ways that they determine if you’re malicious/human or not is to check if you have a Google cookie in your browser and are signed in. Not to mention fingerprinting (hardware and software info), browsing data, AI training ironically enough (the fucking streetlights), etc etc.

      Anubis is relevant here because it is more private, among other things.

  • Ardens@lemmy.ml
    7·
    19 days ago

    But you do know that Tor/VPN is not really privacy, nor security? It hides your IP, but that’s about it. If you still login, and give any information, and that could just be your “fingerprint” you are not anonymous…

  • Zerush@lemmy.ml
    61·
    19 days ago

    It’s not about what you use, but how you use it. PEBCAK Almost 100% privacy and security is offline at home, reading a book, if you bought the book with cash and not online and/or with credit card.

      • KiwiTB@lemmy.world
        1·
        18 days ago

        Proprietary sure, but how is it privacy invasive let alone invasive on computers?

        What non-proprietary option is there? I can’t think of a single antivirus option which is actually remotely decent which is open.

        • The 8232 Project@lemmy.mlOP
          31·
          18 days ago

          ClamAV is an open source antivirus, but I would recommend against using an antivirus altogether due to their invasive nature. You shouldn’t need one with proper sandboxing and isolation.

          • KiwiTB@lemmy.world
            31·
            18 days ago

            ClamAV is slow to get updates and frankly not a great tool to use. AV is a must as isolation and sandboxing are only as good as the next exploit. Not too mention scams like phishing are not stopped by isolation.

  • hperrin@lemmy.caEnglish
    41·
    19 days ago

    Same email for everything is fine if you use subaddressing. My email service, Port87, makes it super easy.

  • lock@lemmy.ml
    2·
    16 days ago

    How is iCloud not secure or privacy focused? You make no sense with this list. iOS is insanely secure compared to stock android.

  • commander@lemmy.world
    1·
    17 days ago

    The hardest online privacy is not operating in a way that just links all your “private” activity because you logged in around enough places to link them together and at least one place somewhere can be linked to your real identity

  • KingDingbat@lemmy.world
    1·
    19 days ago

    I chose Nord VPN based on several posts I read on here (Lemmy). Why are Proton and Mullvad better choices?

    • The 8232 Project@lemmy.mlOP
      12·
      19 days ago

      Proton VPN and Mullvad VPN are both open source, meaning their code can be publicly audited to make sure they’re upholding their standards of privacy and security. Furthermore, Proton VPN offers a free tier. These are the main 2 reasons. NordVPN only protects your privacy against other websites, not NordVPN themselves. Hope this helps! Let me know if you want more details.

      Edit: Mullvad VPN can also be paid for in cash/Monero, and they don’t ask for any personal information to use it (not even a username!)

      • unixcat@lemmy.world
        52·
        19 days ago

        Being open source doesn’t uphold a lot of standards of privacy and security for VPNs. It’s not useless, but the most common worry about VPNs is traffic logging, and open source apps do nothing to prevent this since it’s server side. ProtonVPN and Mullvad VPN don’t protect from themselves, and they can keep logs. The reason they’re commonly recommended is that they’re more trusted in the privacy community in general. Obscura VPN and Nym VPN do mostly protect from themselves because they’re a two-hop VPN. In the case of Obscura VPN, it’s a first hop through their servers, and a second hop through Mullvad’s. So to associate your traffic with your IP address, Obscura and Mullvad would need to cooperate, which is quite a bit less likely than a single VPN operator logging user traffic.

    • BlackPenguins@lemmy.world
      5·
      19 days ago

      I just think the most trustworthy VPN is the one no one is talking about. NordVPN is a sponsor on every single YouTube video. They are mainstream. I don’t trust mainstream. Mullvad has proven they don’t keep logs. They are simple. They don’t even have accounts. A 16 digit number is all you get to login. No pass. No email. No ties to you. You fill your subscription like quarters in a meter.

    • d00phy@lemmy.world
      1·
      19 days ago

      I don’t think there’s anything wrong with Nord. They are kind of disliked here because they’re not open source and they did a lot of commercials not long ago. Despite all that, they’ve publicly reported multiple third-party audits of their code, which I think is a good thing.

  • kaidezee@lemmy.ml
    22·
    19 days ago

    I don’t undurstand how Graphene can bigger than Linux on this list.

    • Zetta@mander.xyz
      32·
      18 days ago

      The post is about security /privacy, the non American ceos political opinions don’t impact that. Proton is still a good VPN/mail provider