Matrix messaging apps. It's nice to have modern messaging features, end-to-end encrypted, with no single point of failure, no Google involvement, and no phone numbers. I expect to start recommending it widely when the 2.0 features land in the popular clients.

WireGuard VPN. It's fast, even on low-power devices.

Self-hosted Mumble. Excellent low-latency voice quality for chatting or gaming with friends.

Radicale, DAVx⁵, and Thunderbird, for calendar and contact sync between mobile and desktop, without handing the data over to Google or anyone else.

In that case, I think you'll appreciate the voice cast in this new adaptation.

I ended up watching some new anime. Ranma ½ (2024) is kind of bonkers, in a fun way.

SDF is a quirky instance, isn't it? It might go down once in a while, but at least to me, it feels more like a community system than some of the bigger instances. I love that it hasn't made Cloudflare an observer and gatekeeper of our Lemmy activities.

I did notice sdf giving an error for a minute or two, not very long ago. Maybe whatever caused that was related.

Edit: And then, shortly thereafter, it went down for hours. Maybe fixed now?

I commented a couple hours ago on a lemmy.world post, and got a reply from another instance. Seemed to be working fine at that time.

The security provided by a browser is constantly changing, as the vulnerabilities, attacks, and countermeasures are constantly changing. It's a cat-and-mouse game that never ends.

The privacy provided by a browser would be difficult to measure, since it depends a lot on browsing habits, extensions, code changes between versions, etc.

There's no good way to calculate a metric for either type of protection, and even if there was, the metrics would be obsolete very quickly. For these reasons, I wouldn't have tried what you attempted here.

However, there is a very simple way to compare the major browsers on privacy and reach a pretty accurate conclusion: Compare the developers' incentives.

Cryptocurrencies are not reliably fungible, nor stable, nor widely accepted. They have their uses, but they are not suitable replacements for PayPal and not what OP asked for.

There is no privacy-focused PayPal alternative in the US, in part because US money transfer laws and policies (e.g. Know Your Customer) directly oppose privacy.

However, there are a couple of new projects that might eventually lead to something less bad for privacy than PayPal is:

• GNU Taler, if they ever get any exchanges, and they either figure out how to mitigate the high fees for wire transfers or use some other settlement method when people on different exchanges make small payments. (Their plan to use batch wire transfers won't help until the exchanges get a lot of adoption and frequent use. Of course, high fees discourage adoption and use, so this might not ever happen.)
• FedNow, if banks ever use it to offer appealing person-to-person payment services instead of just using it for themselves and their business customers.

The rest of the sentence you truncated points out forwarding services. Yes, others exist beyond the four I mentioned, of course.

Edit to clarify: Your "it doesn't" argument is that you can use forwarding from other domains that you own. Indeed you can, but that's not a counterargument, because those are forwarding services. They do exactly what I described: the same thing as the example forwarding services in my original comment. You still have to maintain the them, as well as maintain the extra domains.

I don't know if Element Web/Desktop was affected by the vulnerabilities in the title, but another one (also announced today) is fixed in Element Web/Desktop v1.11.81.

https://github.com/element-hq/element-web/security/advisories/GHSA-3jm3-x98c-r34x

The correct fix is to get the site maintainers to stop rejecting email addresses based on the characters they contain. They shouldn't be doing that. Sadly, some developers believe it's an appropriate way to deter bots, and it can be difficult to educate them.

If they won't fix it, the workarounds are to either not use those sites, or to give them a different address. Unfortunately, the latter means having to maintain multiple email accounts, or forwarding services like Addy.io, SimpleLogin, Firefox Relay, or DuckDuckGo Email.

I no longer consider any email app to be okay for privacy if I can't build it from source code. There are just too many opportunities and incentives for someone to exploit it. That could be the developer, or the maintainer of some obscure code library, or a company that buys one of them out, or an attacker who found a vulnerability. We no longer live in a world where it's reasonable to think we'll get privacy from communications software that we can't inspect.

Thankfully, we also no longer live in a world without options. There are more than a few email apps with nothing to hide. :)

There are a few that do a good job of protecting our messages with end-to-end encryption, but no single one fits all use cases beyond that, so we have to prioritize our needs.

Signal is pretty okayish at meta-data protection (at the application level), but has a single point of failure/monitoring, requires linking a phone number to your account, can't be self-hosted in any useful way, and is (practically speaking) bound to services run by privacy invaders like Google.

Matrix is decentralized, self-hostable, anonymous, and has good multi-device support, but hasn't yet moved certain meta-data into the encrypted channel.

SimpleX makes it relatively easy to avoid revealing a single user ID to multiple contacts (queue IDs are user IDs despite the misleading marketing) and plans to implement multi-hop routing to protect meta-data better than Signal can (is this implemented yet?), but lacks multi-device support, lacks group calls, drops messages if they're not retrieved within 3 weeks, and has an unclear future because it depends on venture capital to operate and to continue development.

I use Matrix because it has the features that I and my contacts expect, and can route around system failures, attacks, and government interference. This means it will still operate even if political and financial landscapes change, so I can count on at least some of my social network remaining intact for a long time to come, rather than having to ask everyone to adopt a new messenger again at some point. For my use case, these things are more important than hiding which accounts are talking to each other, so it's a tradeoff that makes sense for me. (Also, Matrix has acknowledged the meta-data problem and indicated that they want to fix it eventually.)

Some people have different use cases, though. Notably, whistleblowers and journalists whose safety depends on hiding who they're talking to should prioritize meta-data protection over things like multi-device support and long-term network resilience, and should avoid linking identifying info like a phone number to their account.

Signal is not my tool of choice, so I'll answer from a more general perspective:

Having multiple friends and social groups on an e2ee chat system for the past few years feels great. Knowing that our words aren't being recorded and exploited by half a dozen companies, we no longer feel the need to self-censor. The depth and value of our online conversations have grown noticeably.

Yes, there is more work to do, both at the endpoints and in the protocols. No, not all of us have flipped all the switches to maximize our privacy yet. That's okay. Migrating is a gradual process. We do it together, helping each other along the way, rather than trying to force it all at once. Every step an improvement.

I think how often this is a problem varies widely from person to person. I don't remember the last time I gave a mobile number out to a company, but it was more than a few years ago. The last few that strictly required one were non-essential; I just took my business elsewhere.

It might be interesting to determine whether the freezes are limited to Plasma or are happening within the kernel.

• Have you tried Control+Alt+F1/F2/F3 ... F8, to see if switching virtual consoles still works while the freezes are happening?
• Do you have another machine on the same network? You could use it to ssh into your desktop machine, and when the freezes are happening, see if they affect ssh interactivity.

Announcement from last year:

https://www.consumerreports.org/media-room/press-releases/2023/10/consumer-reports-introduces-free-permission-slip-by-cr-app-to-empower-consumers-to-take-back-control-of-their-personal-data/

Completely off-topic:

I'm surprised to learn from the comments here that people on other instances subscribe to this sdf-specific community. I have no idea why they would, but it somehow makes me happy.

Thanks, but the posts in question are not showing up on your instance, either.

https://discuss.tchncs.de/c/technology@lemmy.world

https://discuss.tchncs.de/c/baldurs_gate_3@lemmy.world

The Tor network cannot protect against that, because the attack circumvents it. Certain tools, like the Tor browser, do have protection against it (as much as they can) when you use them correctly, but they cannot keep users from inadvertently opening a link in some other tool. Nor can they protect against other software on a user's device, like a spyware keyboard or the OS provider working with law enforcement.