Yeah I totally agree that the whole ordeal is unnecessarily complex and confusing. The number of websites that have started mandating 2FA despite having complex, unique passwords that have never been shared annoys me regularly. It's frustrating that because other people can't figure out how to use a password manager, we can't have nice things. My guess is that there is a certain number of account actions you're allowed to take (changing password, email, etc) before they force you into a cool down period where you can't delete your account for like a week. Maybe not, but this is one approach I've seen before. As for the video call, I totally see your train of thought. This is gonna sound dumb, but consider that nobody at LI knows you, so a video call is of limited value, especially in this world of ai models that can apply filters to video in real time. I'm not saying this is their rationale, but it could be part of it. I'm gonna nerd out here for a second but hopefully you'll humor me. Authentication is tricky, especially if you want more than one factor for 2FA/MFA. The factors are often explained as something you know (password), something you have (perhaps a yubikey, in this case a state issued ID), or something you are (biometrics). The biggest issue as I understand it is that people reuse the same password over and over, so if your LI password were compromised then it isn't too big of a leap to assume that your email was also compromised, meaning that any form of authentication relying on email cannot be trusted. If LI has a policy that any account deletion actions attempted within a month of changing the primary email require the account to have at least 2 factors, that would trigger the request for your ID, because they're assuming that a threat actor is controlling all of the relevant accounts and they are no longer useful for authentication. State issued ID is one of the best ways to authenticate because when your state provides the ID, they are providing a level of guarantee that the information is both true and being provided without modifications (authentic). Having said all of that, could you not photoshop a state ID and provide that? Some in the comments have suggested that as an option. If I were designing the program then this third party, Persona, would have relationships with issuers of state ids and could do some level of validation that the ID being uploaded is authentic. I realize none of this solves your problem, but sometimes I feel better about "stupid" policies if I can work backwards and understand how they came to be in the first place and what they're meant to accomplish. My advice is to wait a week or 3 and try to delete again, but obviously that is still no guarantee. Good luck!

In this case the only alternative is to use Vivaldi instead of FF forks, it has an own EE2E no knowledge sync in all devices.

I don't know how to set one up I already have NextDNS and I can make that work everywhere I go. Having AdGuard for windows on both of my laptops and my 3 desktops and my server and my windows tablet already serves the purpose of Pihole plus a few extra things to block the bullshit in windows that PiHole can't do as effectively Updating a Pihole periodically involves buying and configuring a whole new piece of hardware, updating to a new version of AdGuard involves running the installer and sometimes restoring from a settings file or two. Why two laptops and a windows tablet? One is a beefy gaming laptop, the other is a mediocre laptop that I sometimes take to wifi hotspots. The windows tablet is a different form factor, I don't really use it much anymore Two desktops? One for gaming and my daily driver, the other for work. I'm not telling you what I do for a living.

Yeah it's a pain to get to work. Proton VPN seems to work with it. I don't know of another way

Gotcha! Another approach could be to set up the watch for a guest wifi / vpn routed access point? That's what I do with mine. It means I can use the Garmin website for stats, get updates, sync / plan routes - but not have it connected to my phone, only connect to specific wifi when I allow, and only use data I agree to with Garmin's variois policies. Obviously I dont get any notifications from my phone / weather, but that's not something I care for.

I also use ubiquiti. It is the apple of WiFi systems, for better or worse. I have yet to be able to find if they are privacy respecting or not. I am leaning more towards no since everything is by default through their cloud (my brand new UCG-ultra wouldn't even let me set it up locally, it would break when trying to set it up locally via the app and DNS & IPs would be messed up so I couldn't even contact it to fix it, I had to hard reset it and do it via their cloud)

Cheogram has a better featureset on Android in my experience. Movim has quite a lot of features & good performance for a web app—which covers the folks that “don’t want to install any new apps” (generally the right skepticism, but really most F-Droid ones are safer with less worry), or platforms without good clients. The biggest pushback I have heard was bad iOS clients—but being a self-hostable service with almost exclusively free software clients, it should be of no surprise any iOS dev is lackluster, being an entirely closed platform, anti-GPL, & with a hefty fee just to list an application.

Did you read the link about privacy pass? I’m guessing not since you think that your searches are somehow tracked with that.

$735,234 as of September 2024 Form 990s are publicly available tax documents submitted by nonprofits. I just searched for "form 990 signal".

Yeah so, Dynamic IP set up with the ISP. Running Librewolf, on the strictest browser settings, using Mullvad's secure DNS and Riseup-VPN, with my IP address being NL (Nowhere close to my part of the world). No pop-ups enabled, resist finger printing enabled, no cookies, delete temporary files and cache upon exit. Sharing location disabled (obviously) requests to use any of the hardware all blocked. Only thing running to get the site to work is Java, that I turn on after already getting to the site. Still knows where I am. Start Tor Relay with browser configured to route traffic over socks5, try again with New DNS, Try a 3rd time now with Tor over vpn, still nothing. I actually had a much spookier thing happen with Brave's Leo attempting this from my phone. I use a chinese phone, banned where I live, never for sale. I lived on a different continent when I purchased it. I asked it a question about enabling developer options. It gave me the specific instructions then my make, model and firmware version. When I asked how it knew what phone I had, it told me it was guessing and denied being able to see all the data on my device. This is on the android web browser, with the embedded AI. Fuck me, dude, how do we stop them from collecting data on our hardware? Like, I would love to use Qubes, but the architecture of my machine, just doesn't support it.

So, in the end, it sounds that is better to use Secureblue as it is It ultimately depends on what you wish out of your system. For a general use system, I can't fathom myself preferring Bazzite over secureblue; simply for how secureblue's superior security comforts me. However, Bazzite would definitely be preferred as a HTPC/"game-console". Ultimately, it depends on what you wish on your system. As we are talking on /c/privacy, secureblue is definitely the preferred system within that context. since it seems to support quite a lot of the things that Bazzite does. Am I following this right? Close enough. Usability-wise, it's pretty smooth sailing after first setup. There are some minor things like how Waydroid works on Bazzite, but doesn't on secureblue (at least, it didn't when I tried it the last time). But, aside from those, it's definitely a very viable daily driver. Just ensure to do a thorough read of their FAQ and Articles.

Exactly the issue, same as always. Signal got rid of sms because it was insecure but enable reply in notifications by default.

Not really necessary people make DNS requests which are pretty easy to track if you know what URL was requested that will be the exact product. This can all be done by man in the middle and monitoring network traffic. But even that is sort of unnecessary. They could very possibly have contracts with ISPs or other network operators some of that is likely just secret and they dont disclose it.

Thank you. I was about to say the same. As a business can subscribe to office 365 and get the business version of Teams.

Spokesperson Lauren Raemhild provided the following statement: “The Alexa experience is designed to protect our customers’ privacy and keep their data secure, and that’s not changing. We’re focusing on the privacy tools and controls that our customers use most and work well with generative AI experiences that rely on the processing power of Amazon’s secure cloud. Customers can continue to choose from a robust set of tools and controls, including the option to not save their voice recordings at all. We’ll continue learning from customer feedback and building privacy features on their behalf.” She continued- ”None of these things will do squat, and we will continue harvesting anything and everything, but you can certainly click the buttons.”

"I don't understand the question"

It's called Luanti now

The easiest way to stop spam bots (and also spammers), I saw in the past in an Forum, where simply on creating an account, the activation mail was delayed for an hour. So a bot or an spammer, which always work with an disposable mail, which last normally less than half an hour, never recieve it. A normal user for sure can wait for it. The Forum never had problems with spam with this time filter.

Two links to X.com. Right. And she is against the article twit, perhaps the article. Nothing to do with what Snowden nor his material.