Examples of passive defenses against surveillance:

• Privacy Badger
• uBlock Origin
• Using open source Linux rather than Microsoft Windows
• etc.

But why not actively combat surveillance instead of passively defending against it? Examples of active combat:

• AdNauseam
• ScareMail
• Emacs spook.el

We must poison the data of those who are violating our privacy. Let us waste their time, increase their data storage costs, and waste their processing power. Let them drown in an ocean of data. Let them search for tiny needles in huge haystacks, with no way to distinguish between needles and hay.

Some ideas:

• Sending fake data to Google Analytics (How does Google Analytics prevent fake data attacks against an entity's traffic?)
• Create fake contacts lists to mislead those who are building social network graphs.
• Encrypt lots of worthless data, store them in the cloud or send them by email. If the encrypted data is intercepted by any nosy entity, they will have to waste storage space while waiting to be able to break the encryption.

What are some other possible methods?

Let us turn the tables on those who have been violating our privacy. Why do we have to be on the defense? Let us waste their resources in the same way that they are wasting ours!

I am using Firefox ESR on Linux. Does it make any sense to disable hardware acceleration for security reasons?

Whereas Firefox is open source, many hardware drivers, and most computer hardware are not. Enabling hardware acceleration in Firefox means using these non-open-source components, which could be a security risk. My impression is that bugs in drivers and hardware are able to cause far more damage than ones in userland software. Does this reasoning make sense?

I am using Mozilla Firefox as my web browser. I have configured it to clear cookies, active logins, form & search history, and offline website data when I close Firefox. Should I also configure it to clear the cache? What are the privacy implications if I don't clear the cache?

EDIT: additional information:

• My goal is to reduce fingerprinting and tracking by websites.
• I use Mozilla Firefox on my personal laptop that almost never leaves my residence. The laptop has full disk encryption. I am the only user of the laptop.
• I don’t erase my web browser history. I want to keep browser history for my future reference.

I have a "Digipass GO 6" hardware token generator that is issued by my bank. Is there a way to import the token generator into an open source authenticator app such as Aegis Authenticator?

I suspect that Digipass uses a proprietary TOTP algorithm, but I am hoping that there is an open source software solution.

cross-posted from: https://lemmy.ml/post/3549323

John Cowan has resigned as chair of the R7RS-large project.

John Cowan has resigned as chair of the R7RS-large project.

My mother uses a prepaid phone plan where mobile data usage is charged by the megabyte. It is currently not cost-effective to switch to a monthly fixed-cost subscription plan.

• When she is at home, she should:
  • Switch off mobile data.
  • Switch on WiFi (because her home WiFi has a fixed monthly cost).
• When she is outside home, she should:
  • Switch on mobile data (so that others can contact her using messaging apps such as Signal and WhatsApp).
  • Switch off WiFi (to conserve battery).

The problem: she often forgets to do the above. Sometimes she leaves home without switching on mobile data. Sometimes she accidentally uses lots of mobile data when at home.

Is there an app that can automatically switch on/off mobile data and WiFi based on the phone’s location? Location should be detected based on all the following data: latitude/longitude coordinates (if location is enabled on phone), WiFi networks in range (if WiFi is enabled on phone), and cell tower signals (if airplane mode is not on).

We would strongly prefer to use a privacy-respecting open source app for this. Phone: Samsung Galaxy A series. OS: Android 13.

I have been reading about Hachette v. Internet Archive, but as a layperson with little knowledge about legal matters, I was not able to completely understand the current situation.

Do the court cases mean that the Internet Archive is about to be forced to shut down its e-book lending system? If so, would such a shut down affect US users only, or would it be worldwide?

For open source software, I can easily use a widely-used open source license (e.g. MIT, Apache, GPLv3, MPLv2, etc.). However, source-available licenses are less easy to find.

Are there any source-available licenses that I can readily copy to apply to my software? I am hesitant to copy the source-available licenses listed on Wikipedia because license texts are copyrighted by default and should not be copied without permission from the author of the license text.

Specifically, I am looking for a source-available license that has conditions similar to the GitLab Enterprise Edition (EE) license that I can use for my software.

If websites are able to track their users' typing behavior and mouse movements, then the websites may be able to use that data to fingerprint, track, and possibly identify their users. Is this a real privacy risk? If so, what are the methods to counter keyboard and mouse fingerprinting by websites? Note that I do not want to disable JavaScript.

Does user privacy when using WhatsApp Web (https://web.whatsapp.com) differ substantially from using WhatsApp on Android? WhatsApp on Android has end-to-end encryption and (optional) encrypted backups. If I use WhatsApp Web, will Meta be able to see the contents of my WhatsApp messages?

I'm buying a Cat 6 cable. I have two available choices. One has fire rating "CM", and the other has Euroclass rating "Eca". Which one is more fire resistant? I was not able to find an equivalence table. Is "CM" comparable to "Eca"?