532
submitted 10 months ago by sidgames5@lemmy.zip to c/privacy@lemmy.ml

I created a google takeout and in that zip file I found some files containing a ton of data about me. It has logged every single page I visited while using the google search engine and chrome browser. It even logged every single time I opened an app on my old android phone. It even has VOICE RECORDINGS of me and a log of every time I used google assistant. This is just some of the data and I'm very sure there is even more data they have.

you are viewing a single comment's thread
view the rest of the comments
[-] EpicVision@monero.town 13 points 10 months ago
[-] Loucypher@lemmy.ml 6 points 10 months ago

Can you use banking apps on it?

[-] EpicVision@monero.town 4 points 10 months ago
[-] Duke_Nukem_1990@feddit.de 4 points 10 months ago* (last edited 10 months ago)

Will this still be true after safetynet is deprecated? Not trying to be difficult, just don't want to get my hopes up.

Edit: ah its adressed in the link lol

[-] delirious_owl@discuss.online 2 points 10 months ago

Why would you want to use a banking app on something as insecure as a phone??!?

[-] Hamartiogonic@sopuli.xyz 5 points 10 months ago

When your bank tells you that the code booklet will be phased out and mobile app will be the only way in the future.

[-] Loucypher@lemmy.ml 2 points 10 months ago
[-] delirious_owl@discuss.online 2 points 10 months ago

Change banks that take security seriously

[-] suppenloeffel@feddit.de 2 points 10 months ago

As long as you don't use some shady, unofficial ROM on a phone, most phones are actually vastly more secure than your typical Linux/Windows OS.

[-] delirious_owl@discuss.online 1 points 10 months ago

How long is your passphrase on your phone compared to your Linux/windows OS?

A phone is designed for quick usability, which is the enemy of security.

Sure, if you have a 20 char password on your phone and never install any sketchy apps, then it might be ok. But the whole phone ecosystem is just less secure because its designed for convince, not security.

[-] EpicVision@monero.town 1 points 10 months ago

A phone is more secure than most desktop computers. https://youtu.be/Wd4Pa03LvLk

GrapheneOS even significantly improves Android's already pretty good security model.

[-] PipedLinkBot@feddit.rocks 2 points 10 months ago

Here is an alternative Piped link(s):

https://piped.video/Wd4Pa03LvLk

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[-] delirious_owl@discuss.online -1 points 10 months ago

Riiight, someone's phone with a 4 digit pin that they tap out 100x per day in public in plain view of others (that I can easily pick out of your pocket) is more secure than a laptop with a 20 character passphrase that never leaves my house.

Do you even think about what you're saying?

[-] EpicVision@monero.town 2 points 10 months ago

I'm talking about the security model of the platform, not the way you use your devices. If you do your online banking in a browser on your computer and your system gets infected with malware, that malware can access all the files on your computer. Including application data of your browser. It can access your cookies, which your bank's website uses to store your login information. Such an attack is impossible on a mobile device, since apps can only access their own data, and inter-process communication is heavily restricted. Additionally, mobile operating systems like Android have complex permission systems, as well as kernel-based mandatory access control like SELinux/SE for Android. Your typical desktop OS has none of that. Android also has a strong implementation of Verified Boot, which makes sure that malware can't persist on your system partition, even after your device gets infected. I recommend this video if you want to learn more about mobile device security: https://youtu.be/yTeAFoQnQPo

[-] PipedLinkBot@feddit.rocks 1 points 10 months ago

Here is an alternative Piped link(s):

https://piped.video/yTeAFoQnQPo

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[-] delirious_owl@discuss.online -1 points 10 months ago

QubesOS and TAILS solve this issue. If people dont use those, then I recommend a distinct computer for finances only. Thats more secure than using an Android app for banking.

[-] EpicVision@monero.town 2 points 10 months ago

No, Tails doesn't solve this issue at all. It's built for maximum anonymity, not security. It also uses Tor for all connections, which will get your bank account locked immediately. Qubes is a good option for security, but it's way too complicated for most users. Stop making up some random shit and accept that mobile devices running modern operating systems are reasonably secure and definitely more secure than your ordinary desktop.

[-] delirious_owl@discuss.online 1 points 10 months ago* (last edited 10 months ago)

You can't get persistent malware if all browser history and installed apps disappear every time you reboot. Yes, TAILS was designed for security. Yes, TAILS was also designed for privacy. Obviously its no longer anonymous if you log into your bank.

Tor Browser is by far the most hardened & secure web browser. If a bank is blocking Tor, that bank probably doesn't understand security and its a red flag. Choose another bank. Or, better, use monero. Its way more secure than banks.

Disclaimer: I used to work in info security for a bank in Europe.

[-] EpicVision@monero.town 0 points 10 months ago

Basically every bank blocks Tor and many even block VPNs. Also, Tor Browser is not particularly secure. It's been designed for fingerprinting resistance and network anonymity through the Tor network. The Tor Browser is based on Firefox, which lacks many important security features like site isolation, Control Flow Integrity or any meaningful sandboxing. I absolutely hate Google and their monopolistic business practices, but Chromium is by far the most secure browser. Especially when it's running on a secure mobile operating system. GrapheneOS goes even further than Android and deploys a hardened memory allocator (which was actually ported from OpenBSD), which significantly reduces the risk for memory coruption. On the newest generation of mobile SOCs (ARMv9), GrapheneOS enables memory tagging by default. Again, find me a desktop platform with MTE. This once again proves my point that mobile devices are simply more secure. Every single piece of hardware and software in your phone has been built with a strong focus of security.

Or, better, use monero.

I absolutely agree on this one. Look at the Lemmy instance I'm on. I'm a big fan of Monero, but unfortunately there aren't many places that accept XMR.

this post was submitted on 19 Feb 2024
532 points (96.8% liked)

Privacy

32471 readers
322 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS