17
Posts from r/thehatedone Powered by @reddit2telegram and @r_channels
Best privacy respecting android costum roms for samsung galaxy a10?
Well, the title says it all. I want a de-gôōgléd android costum rom that is privacy friendly and secure for a samsung galaxy a10 phone.
If you know any, please add a link to an instalation tutorial.
https://redd.it/tkpqne
@r_thehatedone
How possible is it to gain access to a person's webcam, computer or phone?
What kind of permissions would this require, and how can this be prevented? Is the indicator light from the camera hard-wired, and is it possible to override? I see a lot of people with a cover over their camera, so I am wondering if it is a legitimate threat.
Edit: webcam, whether on a computer or phone
https://redd.it/tlvvgu
@r_thehatedone
Twitter. You can take a screenshot of the original image and upload the screenshot. Or you can use an app like an Imagepipe or Scrambled Exif to remove image metadata from your original photos.
##### ObscuraCam
When you take photos and videos in a protest, be mindful of the privacy of others around you. If you don’t have their permission, you should redact their faces or personally identifiable features from your photos. ObscurCam was built exactly for this purpose. The app uses automatic face detection and lets blur or redact faces on demand. Obscurcam will remove all image metadata to protect your privacy as well.
Don’t forget to think about reflections on surfaces that could reveal locations, faces or personal information in your photos.
https://redd.it/tkugq2
@r_thehatedone
modern Android phones will be robustly encrypted. To check if your phone is encrypted, head to security settings and look under encryption. This is also where you can change your unlocking mechanism to a strong passphrase or a PIN code. Make sure to delete or disable any saved biometric prints.
If you use external storage, like an SD card, on your phone, it will likely not be encrypted. Remove it altogether or create an encrypted folder with Secure File Manager.
Before bringing your burner phone home or to your office, enable Airplane mode or completely power off your device. GrapheneOS can remain powered on as a WiFi-only device outside your protest. This is because GrapheneOS provides full MAC address randomization, making your phone anonymous every time it reconnects to a WiFi network. You may also use location services to navigate with an offline map. On other burner setups, keep your device offline or powered off when not in a protest.
Before attending a protest, agree to meet on a specific location with your friends where you can turn on your device and enable cell service. On GrapheneOS, enable LTE only mode in your settings to prevent downgrade attacks on your device. This will make your phone use less vulnerable to interception attacks.
For extra security, put your phone inside a Faraday bag to seal all radio signals from emitting to and from your phone.
### Setting up accounts
In all of our burner phone setups, we want to avoid third party access into our data as much as possible. This means we will avoid installing apps from the Google Play Store whenever possible and use encrypted open source apps for our communication.
##### F-Droid
The first app we’ll need is F-Droid. This is a secure repository of free and open source apps that respect your privacy. You can download and install F-Droid from your main browser. You will need to temporarily enable installation of apps from unknown sources. After you install F-Droid, go back to revoke your browser’s permission to install apps.
##### Orbot
From F-Droid, install Orbot. Orbot is a mobile Tor client that can securely route your device traffic through the anonymous Tor network. Launch Orbot and enable full-device VPN. In your system VPN settings, enable always-on VPN and block all connections without a VPN. This will make sure that when Orbot crashes, your device will not leak your true IP address.
Tor is slower than clear Internet access, but it is faster than spending time in jail because you didn’t protect your traffic. If Tor is blocked in your country, enable Tor Bridges to bypass restrictions.
##### Tor Browser
Next, download Tor Browser. Tor Browser will allow you to browse the web through the same anonymous network but it will also protect your browser fingerprint so that you cannot be identified. Use Tor Browser for all your sensitive browsing and searches.
##### Aurora
If you want to download apps that are only available on the Google Play Store, you can do so anonymously with the Aurora Store. Aurora will generate an anonymous sign in so that you don’t have to login to your Google account to download apps and updates.
### Setting up communication
Communication with your fellow protesters for organizing, agitating and sharing content on social media has to be anonymous and encrypted. There are various options depending on your situation.
Before we install messaging apps, let’s create a secure password database to store our account details.
##### KeepassDX
From F-droid, download KeepassDX and create a new database. Use this database to store login credentials and generate unique and strong passwords for your burner accounts.
##### Email
Next, download Tutanota from F-Droid and create an anonymous email address. Because you are using Orbot to route your traffic through Tor, your account creation might be paused for 48 hours to prevent spam abuse. This is fine as long as you do this long enough before a protest. You may also try your luck with ProtonMail, but it’s likely you will have to enter your phone number, which is not a
Anonymous Dissent Part 1: Burner Phone BETA
The following is a beta version of a comprehensive tutorial on creating a burner phone for protesting, activism and dissent. The guide takes into consideration various threat models in different countries. This is a beta version so please, share your input, criticism, and whether you think something is missing. This quide is made for a video script but could work well in a text form when complemented with pictures.
# Burner phone
Before attending a protest, you have to consider your digital devices. Your phone can be a crucial tool for documenting the protest, navigating streets and communication. But it can also be the first thing that compromises your identity.
Your phone has four main radio signals, all of which can compromise your security:
Cellular radio – is your phone’s most revealing data point. Your SIM card has a unique IMSI number that is broadcast indiscriminately into all directions. The police can capture this number with so called IMSI catchers, find your real phone number and even intercept your calls and SMS texts.
WiFi – is the second most common data point. Police can setup a rogue hotspot to trick your phone into connecting to it without you noticing and they can start monitoring your traffic in real time.
Police can also use Bluetooth beacons to catch your phone’s unique identifier. They could also try to exploit known Bluetooth vulnerabilities to attack your device with malicious payload.
GPS is broadly used for precise locations services, but this one is the safest data point. Your phone is only a receiver of GPS signals and doesn’t transmit any information. Your phone may, however, store GPS coordinates, which may be revealed to the police if they capture and unlock your phone.
Because of the inherent nature of this technology, you will need to obtain a burner phone. A burner phone is a single-use or single-purpose device purchased or obtained anonymously, that only contains information relevant to the task and nothing more.
A burner phone will allow you to bring a mobile device to a protest without revealing your identity or sensitive and personal information from your regular life. Unless you get arrested, it is possible to attend protest with a burner phone and remain completely anonymous.
This section will explain how you can obtain a burner phone, how to use it securely and anonymously and when and how to dispose of it.
### Obtaining a burner phone
There are multiple ways to go about obtaining a burner phone depending on your budget and capabilities. I will cover all acceptable solutions. iPhones cannot be used anonymously, since an iPhone will not function properly without an Apple ID. When using your iPhone, Apple will log personal information, such as your device IDs, location, IP address, real phone number and other personal information. Police can request this information from Apple at any time. Therefore, iPhones are not recommended for an anonymous dissent.
##### GrapheneOS
The most secure option is to anonymously purchase a carier-unlocked Google Pixel device with cash in a physical store. During your purchase, wear plain unidentifiable clothes, a hat, sunglasses and a face mask. Cover your tattoos and don’t wear any jewelry or unique clothing.
A Pixel device is the best choice, because it can be anonymized unlike any other phone and still maintain security updates and features unavailable in other setups. We are going to install GrapheneOS on our Pixel device, because it is far more secure and anonymous than any Android or iPhone device in existence.
Make sure that your Pixel is carrier-unlocked, otherwise the remaining steps might not work.
Do not bring this phone into your home yet. Connect to a public WiFi and install the latest security updates. You might have to create a new Google account for this. Do not give Google any real personal information. Especially when it comes to your phone number. Google will log your phone number and your IP address when you register your account
ANONYMOUS DISSENT: Let's help make protests anonymous and resilient!
Hello everyone!
​
Protesting governments is becoming increasingly riskier and hazardous. The 21st century technology gave the law enforcement tools to surveil citizens in the streets to crack down on peaceful protesters with unprecedented force. Let's balance the scales of power by building a robust and comprehensive guide on how to protect your anonymity during a protest and how to make protests unstoppable.
​
This will require deep considerations of multiple threats and this analysis should result in suggesting extreme measures. I have a compiled a list of points around which this guide should be build but I don't think it's exhaustive.
​
This guide will be released in text and video formats. **Your input here is incredibly important, so please share your points, suggestions, criticism**.
​
With your help, we can make and improve upon this guide and help people around the world, even the most authoritarian regimes that are still connected to the internet, safely protest in the streets against government or corporate overreach.
​
**We want this guide to be successful against autocratic regimes such as Russia, Iran, Israel, or Saudi Arabia as well as more democratic regimes with advanced surveillance state in Europe and North America**.
​
Below is a list of data points and most common threats associated with them.
​
**Identity protection:**
* Phone number - IMSI catchers, intercept
* Phone accounts (Google Account, Apple ID) - subpoenas
* media accounts - subpoenas
* Location:
* GPS - physical access
* Cellular data - intercept, subpoenas
* Bluetooth - intercept
* WiFi - intercept, subpoenas
* Facial recognition - bulk data collection
* Gait recognition - bulk data collection
* Tattoos, birth marks - bulk data collection, visual collection
* Clothing, jewelry, etc. - bulk data collection, visual collection
​
**Device protection:**
* Full device encryption
* Passcode, no biometrics acceptable - forceful unlock, court order, visual collection
* GrapheneOS - most secure/anonymous, Android - potentially anonymous, iPhone - secure but impossible to anonymize
**Communication:**
* End-to-end encrypted
* Anonymous accounts (strict metadata policy)
* Decentralized, peer-to-peer (must work in case of government shutdown of the Internet)
* Tor, Orbot, Tor Browser (to anonymize Internet traffic; VPNs are insufficient)
​
**Documentation:**
* Video/image metadata (can reveal device parameters, location, time stamps)
* Facial recognition in footage (can compromise identity of protesters)
* Location & temporal recognition in footage (pattern and weather recognition)
* Document without unlocking your device (keep your phone locked as much as possible)
​
**Legal protection**
* contacts to lawyers, legal advice, knowledge of rights in case of arrest
* avoid harm, damage, civil/criminal charges
​
Please share your input. This can save the lives of people who might be less technical than you.
https://redd.it/tjitwa
@r_thehatedone
Is there a alternate open source front ends tumblr?
https://redd.it/til7lz
@r_thehatedone
Questions about Disney Now app
Hello, my family is thinking of cutting cable and since some of us watch Disney shows we were thinking of downloading the Disney Now app but I wanted to know if anyone here has heard of the app collecting personal data. If they have could you please tell me how to protect our info?
Disney is no stranger to big data as shown in these articles
https://arstechnica.com/tech-policy/2010/08/lawsuit-disney-others-spy-on-kids-with-zombie-cookies/
https://www.washingtonpost.com/news/the-switch/wp/2017/08/07/these-42-disney-apps-are-allegedly-spying-on-your-kids/?utm\_term=.416f8b94c2fd
​
Kids' personal info is becoming a sought after commodity and what I want to know as much as I can before I download anything.
https://redd.it/thciko
@r_thehatedone
Now what??? (English translation in comments of original post)
https://fm4.orf.at/stories/3022719/
https://redd.it/tgsk6n
@r_thehatedone
How social media adverts became so invasive [13:32]
https://www.youtube.com/watch?v=h0wxC16crIA
https://redd.it/tdb77d
@r_thehatedone
Music used in The Hated One video?
Does anyone know what music was used from 1:52 to 2:13 in https://www.youtube.com/watch?v=LOPWNJxdxWY ? I've been looking for a few months but haven't found it yet
https://redd.it/tb7j6k
@r_thehatedone
idea for a change of tactics
instead of stopping everything, blocking connections, deleting cookies, preventing them from seeing what we do as much as we can
why not let them do it? why not let them collect all the data they want with garbage data generators? wouldn't that be a way more effective and efficient strategy?
if we keep sending them shitloads of garbage data, they won't even know which is accurate and which is not, they aren't competent enough to do that and they won't be for a long ass amount of time, not to mention it's gonna waste their resources and drive em mad
​
definitely check the addons out
https://redd.it/t9r64o
@r_thehatedone
Any foss app for the final link???
I really need a foss app to show me the final url destination before clicking on it, Any suggestions?
https://redd.it/t8ktq1
@r_thehatedone
Weight Watchers App Violated Kids’ Privacy, DOJ Says
https://www.forbes.com/sites/zacharysmith/2022/03/04/weight-watchers-app-violated-kids-privacy-doj-says/?sh=6ce0efc6298a
https://redd.it/t7ysjq
@r_thehatedone
Important question about using https encryption through bromite browser.
If the bromite always use secure connection is on and website is loading like forever while the ! icon say connection not secure does that mean the data is leak through http, being collect by isp and hackers? Even when after goin as far as use https before the website is loading like forever while the ! icon say connection not secure, even when https encryption is on? Does connection restart prevent http from occur after error or disconnection?
https://redd.it/tld8nv
@r_thehatedone
Samsung Keyboard for privacy
I was wondering if anybody knows how bad (or even how good?)the privacy of it is.
I would really like to switch to a fully FOSS one, but I just can't get myself to switch as they look and feel all a bit crappy and bad to type on.
So please hmu if you know anything about its privacy or any alternatives.
:)
https://redd.it/tm0q9d
@r_thehatedone
problem if you can obtain it anonymously.
##### OTP
Setup a two-factor authentication method. Don’t use your phone number for this. Instead , download Aegis Authenticator from F-Droid use OTP codes as a second-factor authentication for your email account. With Tutanota, you can also use a security token like Nitrokey or Onlykey for even more secure authentication. Don’t rely on passwords only for your account security.
##### Signal
If you are able to obtain a burner SIM card, get new one to create your anonymous Signal account. Remember to carefully follow the steps to purchase your SIM card anonymously. After you create a Signal account, feel free to securely discard it. Make sure that when you share you Signal phone number with your friends, you do so anonymously and without leaving a record on your personal accounts. Don’t post your anonymous Signal number on a Facebook chat. Send it over an other end-to-end encrypted service instead or do it in person. If your friends save your anonymous number in their personal phone number, your identity could be compromised. Your friend’s provider, Apple, Google or social media apps, could have access to their phone book and see your anonymous number there. Keep in mind that your anonymity depends as much on you as it does on your friends.
##### Briar
Even more secure and anonymous way to communicate with protesters is with Briar. Briar is a peer-to-peer encrypted messenger. The app doesn’t have any central servers so your messages and accounts exist only on your and your friends’ phones. You don’t need an email address or a phone number to create Briar. Just share anonymous identities remotely or in person. Remember to do so securely.
In a protest, Briar will work even if the Internet is shutdown by the government. Briar can send messages over your phone’s WiFi or Bluetooth signals. This gives Briar an unparalleled advantage over Signal, because there is no central point of failure.
Briar was built specifically for protesters and activists and it provides more security and resilience than any other option out there.
##### Wire
Another way to communicate without a phone number is with Wire. You can create a Wire account with an email address. This email can be an anonymous alias, which doesn’t lead to your identity.
To create an anonymous email alias, sign up for Simple Login and create an anonymous email for your Wire account.
Open Wire, paste your email alias into the account creation field. Use your KeepassXD database to generate a truly strong and unique password for your Wire account and save it.
To create an account, Wire will send you a verification code to your email alias, which you can open with your email address. Wire will not have a knowledge of your real email address.
Paste this verification into Wire and your account will be ready to use.
##### Twitter
Using a new email alias, we are going to create an anonymous Twitter account. Twitter is the only major social media platform that doesn’t require ID verification. It also has all the journalistic eyeballs on it. Twitter now operates an onion service so you access Twitter in your Tor Browser. https://twitter3e4tixl4xyajtrzo62zg5vztmjuricljdp2c5kshju4avyoid.onion/
You should be able to create an anonymous Twitter account using email only. An email alias should work but if it doesn’t, use your real anonymous email you’d created before with Tutanota or Protonmail.
Remember to setup a two-factor authentication method. Don’t use your phone number for this. Instead, setup an OTP with Aegis Authenticator or use a security token such as Nitrokey or Onlykey. Don’t rely on passwords only for your account security.
##### Metadata
Before uploading your pictures to social media, remove image metadata to prevent leaking sensitive information like your location or device information. You can do this in various ways. Signal automatically erases all image metadata. So you can send yourself pictures before you upload them to
and download updates. This information can be requested by the police.
If you can’t create a new account from your Pixel device without a phone number, purchase an anonymous prepaid SIM card if it is possible to do so in your country.
A prepaid SIM card should also be purchased anonymously with cash. However, many countries require that you provide a government ID to activate your SIM card. This defeats the anonymity of your SIM card. If you cannot obtain an anonymous SIM card and create an anonymous Google account to install the latest updates, you should avoid inserting your personal SIM card and proceed to install GrapheneOS without updating your phone first.
To obtain GrapheneOS, download the operating system for your Pixel device to your computer from https://grapheneos.org/releases. Then head over to https://grapheneos.org/install and follow the installation instructions on the screen. You should only follow the official installation guide as it is most up to date and correct. Installation is very easy and even non-technical people can do it.
If you can’t purchase a Pixel device in your country, or can’t obtain GrapheneOS yourself, you can buy a GrapheneOS phone from Nitrokey and pay with Bitcoin. https://shop.nitrokey.com/shop The benefit of this purchase is that you can have your microphone, sensors and cameras physically removed by the Nitrokey team. You also don’t have to purchase an anonymous SIM card to register for a burner Google account.
Our Pixel device can operate fully without Google Play services or any connection to Google at all. There is no Google account, no personal information to submit. It’s a truly anonymous device.
When you go to a protest with this device, the police will not be able to tie your device to a Google account and with an anonymous SIM card, they would never see you were there.
GrapheneOS allows you to crate up to 15 different profiles that are completely isolated and don’t share any data between each other. This is why you can re-use your GrapheneOS phone for multiple burner cases by creating a separate single-use profiles and discarding them after use.
##### Anonymous Android
If you can’t obtain GrapheneOS, an anonymous Android device might be the second best solution. This means following the same steps to purchase a new phone anonymously with cash, obtaining a burner SIM and leave your phone powered off at all times when not in a protest.
You should aim for a phone with the latest Android updates to make sure its security is up to date. Although, keep in mind that cheaper phones usually don’t provide extended security updates.
If you can’t purchase a new phone at all, you might be able to turn your personal device into a temporary burner phone, although this is the least secure recommended method.
First, you should backup your phone’s data, contacts and files to your computer. Then remove the SIM card and factory-reset your phone. This will give you a clean slate although you shouldn’t re-insert any SIM card into your phone because even a burner SIM would be tied to your phone’s identifiers that are already linked to your identity. You would be limited to use this setup as a WiFi only device during a protest.
If you can’t obtain an anonymous prepaid SIM card and purchase a new phone with cash, your last option is to buy a cheap Android device, use it without a SIM card, and discard it immediately after use.
### Setting up security
Whatever your burner setup is, you have to follow the strongest security precautions. If you default to unlock your phone with biometrics, police could forcibly use your face or fingerprints to unlock your device without your consent. In this case, you might be legally protected not to give out your passcode if there are no mandatory key disclosure laws in your country. A long alphanumeric passcode is the most secure option. If you go for a digit-only PIN code, use at least 8 digits or more.
GrapheneOS and all
This is how we win back the Internet | Privacy, Security, Surveillance Podcast | The Hated One w/ Closed Ntwrk
https://www.closedntwrk.com/episode-12-collab-with-the-hated-one-youtube-personality/
https://redd.it/tk5j8d
@r_thehatedone
I want to ditch netflix
After the new password sharing fee I finally want to ditch Netflix but still want to enjoy shows so what are some good alternative apps or even sites to do so.
https://redd.it/tj4qi8
@r_thehatedone
Farside: A smart redirecting gateway for various frontend services (nitter, teddit, invidious, etc.)
https://github.com/benbusby/farside#readme
https://redd.it/thtvzg
@r_thehatedone
You Need To Have A Digital Bugout Bag
https://www.youtube.com/watch?v=qqboMMBOJRE
https://redd.it/th3li8
@r_thehatedone
Where to learn the foundational knowledge to understand these tools?
Not a stranger to CS, but not exactly specialising in anything where privacy applies majorly. I fortunately have the patience and time to dedicate myself to learning the technical side of things. Problem is I don't know where to look.
I am overloaded so far by subpar resources online, with no clear format or road map, and honestly I feel lost. I was wondering if anyone had a STRUCTURED road map or curriculum of resources they knew of that they could share for someone who wants to be able to fully understand the technical side of the topics The Hated One talks about and maybe even contribute to such projects. When I mean structured I mean how it all builds on each other or relates to one another.
For context, my specialisation is in Data Science and AI, so I know how those work, but everything else related to say Networking or OSes or Hardware, I have a high level idea but not the specifics, and I'm jot even sure if those are the proper categories that he talks about, they are just what I refer to based off my limited knowledge. Any suggestions?
https://redd.it/tdj9gw
@r_thehatedone
EU and UK open antitrust probes into Google and Meta over 2018 ad deal
https://www.cnbc.com/2022/03/11/google-meta-face-antitrust-probes-from-regulators-in-europe-and-uk.html
https://redd.it/tczccp
@r_thehatedone
Why Sanctions On Russia Will Not Work On Putin
https://www.youtube.com/watch?v=eGrlrtfNhpc
https://redd.it/tb6kq9
@r_thehatedone
I need help with Facebook account Disabled
Hello, I got my facebook account disabled. Facebook is not accepting Review Request. What should I do?
https://redd.it/t95jqk
@r_thehatedone
Why you're wrong about the value of NFTs [5:50]
https://youtu.be/zfPYMRbSne4
https://redd.it/t8227s
@r_thehatedone
ProxiTok: Open source alternative frontend for TikTok made using PHP
# ProxiTok
Use Tiktok with an alternative frontend, inspired by Nitter.
Features
Privacy: All requests made to TikTok are server-side, so you will never connect to their servers
See user's feed
See trending
See tags
See video by id
Discovery
Create a following list, which you can later use to see all the feeds from those users
RSS Feed for user, trending and tag (just add /rss to the url)
GitHub Page
BrodieRobertson:5/proxitok-finally-a-tiktok-privacy:3">Brodie Robertson's Video about ProxiTok
ProxiTok's WebSite
https://redd.it/t7wtoo
@r_thehatedone
Volodymyr Zelenskiy vs Vladimir Putin | Short Essay
https://youtu.be/YNSWleZnWJg
https://redd.it/t5xzr3
@r_thehatedone
