No News is Good News? Q&A Episode
All right.
It was a slow news week,
so we are leaning into it.
This week,
we're going to focus on lots of listener
questions and comments,
but we do still have a few interesting
stories about Mozilla, AMD,
and some sketchy smart TVs on This Week
in Privacy number fifty nine.
So stick around.
Welcome back to This Week in Privacy,
our weekly series where we discuss the
latest updates with what we've been
working on within the Privacy Guides
community,
and this week's top stories in data
privacy and cybersecurity.
I'm Jordan,
and with me this week is Nate.
How are you, Nate?
I'm good.
Felt like it was both a fast and
short week.
How have you been?
Yeah,
definitely feels like this week has been a
lot slower than one of the slowest weeks
we've had in a very long time.
Let's just say that.
So yeah,
we can dive right into some listener
questions here.
Why don't you take the first one?
Yeah, sure thing.
So like I said,
we're doing things a little bit
differently this week,
just trying something new.
Let us know what you guys think.
But we're going to start off this week,
since this is kind of a Q&A episode,
with some of our listener questions.
We'll kind of intersperse those as we go.
But first up,
we're going to pull from the forum.
And one of the questions we got this
week was,
are there any privacy advantages to using
a desktop operating system, such as Linux,
Mac, or Windows,
over Graphene OS.
And they said the only thing they can
think of is that the Tor browser seems
to be better at anti-fingerprinting on
desktop,
but I don't have conclusive evidence of
that.
Just a few tests I've run myself.
So yeah, in my opinion,
the way that I always explain these things
to people is that phones are more secure
from what I understand, just in general,
especially Graphene for sure.
But phones are more secure,
whereas computers are a lot more flexible.
I think it was...
I don't know if it was Kerry Parker
or one of his guests one time,
but basically they were talking about cell
phones,
and they said that from a security
perspective,
we kind of took all the mistakes that
we learned from computers and applied them
to phones when we started making
smartphones.
So smartphones have really good
sandboxing.
They're really good.
I think they're technically immutable.
You know, personally,
I've never seen a smartphone update fail
and then like the whole phone bricks.
It just knows how to kind of like
roll back stuff like that.
So phones are really good at that.
The drawback is you don't really have as
much
uh, flexibility in terms of being able to,
um, you know,
things like for the most part, uh,
installing alternate operating systems,
that's kind of something that only a few
Androids can do.
Or like you said, like certain, um,
like I know with, with iOS,
you're stuck using the, uh, like all the,
the,
the browsers are based on WebKit except in
Europe.
So, um,
it's definitely harder to get privacy on a
phone.
And then of course there's,
I forgot to mention,
there's the SIM card tracking you
everywhere, cell towers.
So it's definitely harder to do privacy on
a phone, but they are more secure.
So it's definitely a trade-off there.
Yeah, but privacy advantages specifically,
I think most desktops will have that,
especially with some tweaking,
maybe not Windows.
But yeah,
those are kind of my thoughts on that
one.
Did I miss anything?
Yeah, no, all good thoughts.
I think I agree with everything you said.
But also, I think sometimes it's...
you need to think about the specific
situation for what you need, right?
Like maybe you need, you know,
like the Tor browser, for example,
you did mention that like it does offer
better fingerprinting protection on
desktop, right?
Compared to the Android app,
that is one like small increase, I think.
It depends like, you know,
if you need that level of protection,
then maybe you should be using a desktop
or like Tails OS or something like that.
But I think as well,
we think about like,
Privacy on macOS and Windows is definitely
nowhere near what it is on Graphene OS
because everything is, you know,
there's not any telemetry basically.
So I think you kind of got to
weigh up what you want, right?
Like you can have...
some level of security and privacy with
graphene os whereas you know if you're
using a windows computer or mac os
computer you can have some level of
security but you're not going to have any
privacy like well not any privacy but
you're going to have less privacy than
than using a graphene os phone um
And I think one thing that also kind
of limits you is because Google kind of
has a lot of control over Android.
Like it's hard to get apps outside the
Google Play Store,
which kind of funnels you into using
Google.
It's also becoming like a lot harder to
actually make a Google account without
providing like personally identifiable
information.
So, you know,
you've got to think about it like that
as well.
I think...
Desktop operating systems have that
benefit, right?
Like, they are more decentralized.
Like, with macOS,
you just download a DMG file.
With Windows, you download an EXE.
And then, you know,
Linux is kind of a different situation.
But it's... Yeah,
there's definitely a funnel of...
of things like if you're using Google Play
services on GrapheneOS,
I think you're definitely going to be
taking a hit from a privacy perspective
because you are having to log in.
Well, you don't have to log in,
but you probably are going to want to
if you want to download apps, right?
So, yeah,
that's kind of my thought on it.
It kind of depends on what you want
and what you need.
Like you can't use a Graphene OS phone
to like edit videos or play video games.
So I think you might need to just
tailor your devices to what you actually
need.
Yeah, for sure.
And yeah,
that's a really good point about a desktop
OS,
especially from a telemetry perspective.
There are certain things that desktop can
do better.
We keep talking about the Tor
fingerprinting thing, but to be fair,
that was a really good point.
I left out a lot of telemetry,
for example,
which things like graphene reduce by
default or proxy through the graphene
servers first.
So it really depends specifically what
kind of privacy you're looking for,
for sure.
But yeah.
Yeah.
Hello to our first two people who have
hopped in and welcome to the chat.
But we did actually have a few stories
this week.
Unless you had anything else you wanted to
add to that question,
I think we can jump into our first
story.
Yeah, sounds good.
Let's jump into the first story here.
I guess this is a
Update, I suppose,
because we've talked about Mozilla quite a
bit here.
And to say we are critical might be
an understatement.
But here's kind of like what's going on
at Mozilla at the moment.
Announcing Mozilla.org.
The web is evolving.
So are we.
Earlier this month,
we stood up Mozilla.org,
a new Fiverr one C three nonprofit created
to steward the long term success of the
Mozilla project.
Over the last year or so,
I guess this is from Mark Sermon,
who I think is pretty high up at
Mozilla.
Over the last year or so,
I've said a lot about how AI is
reshaping the web and how we need to
simultaneously stand up for the open
internet Mozilla helped to build and shape
what the internet is becoming in the AI
era.
This is a huge and urgent challenge.
So I think a lot of people here
will be kind of
confused by this i think mozilla's
corporate structure is kind of confusing
like they have the mozilla foundation
which is like a non-profit and then the
mozilla foundation owns um
the Mozilla Corporation,
and it's like all this sort of complicated
stuff.
So I guess we can scroll down here.
We have created Mozilla.org to pull all of
the different pieces of Mozilla together.
It will act like a strategic endowment,
allocating funding, managing our brands,
and shaping long-term strategy to ensure
every part of Mozilla is well set up
to advance the vision outlined in the
Mozilla manifesto.
And if we're successful,
it will help all the pieces of Mozilla
add up to more than the sum of
their parts.
This is an important milestone for
Mozilla.
The challenge of fusing the values of the
Mozilla manifesto into this next era of
the internet is huge.
This updated structure will make it easier
to nimbly direct our resources and
orchestrate our actions to step up to this
challenge.
So this is kind of confusing, right?
So they explain it more here.
All of Mozilla's organization remains
under the umbrella of the five Oh one
C three Mozilla foundation with a new
nonprofit operating the Mozilla portfolio
of organizations on its behalf.
So yeah,
I guess throwing it back to Nate here,
because I don't really feel like I have
a huge amount to add more to this.
This is just like a corporate
restructuring, I guess.
And I'm not really sure.
I think Mozilla has been making weird
decisions recently as well.
So I'm not really sure how I feel
about this, to be honest.
Yeah,
I was really confused by this because
Jonah did a little bit more digging when
we shared this in the group chat.
And it seems like this isn't really...
Because my first thought was like, okay,
they're doing the proton thing, right?
Where there's a foundation that holds the
overall organization.
And that way it's like...
It ensures that the for-profit arm always
has to act ethically within accordance to
the wider mission.
But apparently that is not what's going on
here.
And...
So, yeah,
Mozilla is really weird because there's
like you said,
there's the Mozilla Foundation that
technically owns everything else,
including this Mozilla.org thing.
And then there's the Mozilla Corporation
that is the for profit arm.
And I think they're also the ones that
are in charge of Firefox,
if I'm not mistaken.
But then there's also like what else is
there?
There's a let me see here.
I think there's something else that
controls Thunderbird.
Yeah, let's see here.
There's MZLA, which makes Thunderbird.
There's Mozilla Ventures,
which is probably one of our,
me personally at least,
is one of my biggest targets of criticism.
It's their venture capital arm,
which invests in startups,
which usually invests in things that to a
lot of us seem very counter to Mozilla's
mission,
like an ad company that they claim is
privacy preserving and all kinds of crap.
And then there's Mozilla.ai,
which is what it sounds like.
And of course,
none of us are super crazy about that,
I think.
I don't know.
Yeah, Mozilla.
I need you all to understand I'm very
critical of Mozilla.
And it's because I want them to be
better.
It's one of those things where I don't
take joy in watching Mozilla.
be stupid for lack of a better way
to put it.
It's one of those things where it's like,
I'm mad because I want them to be
better.
I want Firefox to have wider adoption.
Like my first browser,
Um, growing up as a teenager, I was,
I was relatively tech savvy,
but not compared to a lot of people.
And so I think I used internet Explorer
up until high school when of course it
was a girl,
a girl got me using Firefox.
And then I used Firefox for years until
I eventually switched over to Chrome.
And then that's when I got into privacy
and I started using other browsers,
but like,
so I have a soft spot for Firefox.
It was like my first non-mainstream
browser.
And it was like really cool.
And at the time,
It did things that other browsers couldn't
up until Chrome came along.
And it's just,
it's so frustrating to see them.
They had this amazing project that used to
be trailblazing and now it's like falling
behind everybody.
And it's just, it's so frustrating.
And so, yeah,
it's really confusing that like,
like I said,
Mozilla keeps making all these really
questionable decisions.
Like,
Um, they're, they're, they're, they're,
they're, they're, they're, they're,
they're, they're, they're,
What was it called?
It was an extension called Fake Spotter,
which was supposed to spot fake product
reviews,
which is one of those things that it's
like, okay,
I'm sure this is a good product,
but why is that a Mozilla thing?
Why is this something Mozilla is investing
in?
Whereas at least the advertising thing,
which was horribly handled,
but the overall idea, it's like, okay,
I see why this would be relevant to
Mozilla.
And now they're getting into AI,
but the whole AI thing to me feels
like a day late and a dollar short.
Now that everybody else is so far into
the bubble that they're starting to pop,
it now is when Mozilla decides to jump
on the train.
And they did it... Once again,
the execution was terrible because if you
look into the privacy policy, by default,
Firefox has little chatbots in the
sidebar.
It's just a proxy, quote-unquote proxy,
for the main chatbots.
And the reason I say quote-unquote proxy
is because it's not even a good proxy.
It's like...
you open it and it's like okay you
can start a conversation with chat gpt and
there's no privacy protections at all like
at least with things like duckduckgo and
leo it's like you're still using those
those main models but they host the models
or they're proxying all your requests so
like there's a layer of privacy there
But with Mozilla, it's like, no,
it just mainlines you straight to chat
GPT.
There's no privacy whatsoever.
They signed a deal with Perplexity,
which is like an AI search engine.
And it's the same thing.
Like if you read the announcement,
it's like, oh,
Perplexity's privacy policy applies.
And it's like,
what is the point of you?
Like,
what are you doing that's innovating or
protecting my privacy in any way,
shape or form?
And I'm fairly critical of DuckDuckGo,
but even DuckDuckGo is doing more than you
guys.
And so, sorry,
I know that was kind of a rant,
but yeah,
like this is just another thing where it's
like,
What was the point of this?
And what is the point of, like,
why this whole mission here?
What is it?
It's going to, like,
it will act like a strategic endowment,
allocating funding, managing our brands,
and shaping our long-term strategy.
Then what is the Mozilla Foundation doing?
Like,
isn't that the Mozilla Foundation's job?
Like, okay,
you've offloaded this responsibility to
them.
Now what are you guys doing instead?
Like, it's just...
Yeah, it's really confusing,
and I don't understand where they're
going.
And again,
I hate to criticize because I want them
to do better,
but I feel like Mozilla just...
I feel like they have no idea what
they're doing.
I feel like they're just blindly flailing
around and hoping that they find
something.
And it doesn't feel like they have a
strategy.
It doesn't feel like they have a vision.
It doesn't feel like they actually know
what they're doing or where they're going.
And yeah, I mean, again,
I want to make it very clear.
Pains me to say that.
I want them to do better, but...
they keep doing crap like this.
There was a brief moment.
What was it last year where I was
like, they,
I thought there was actually hope.
Cause I thought they were doing some
really cool things.
Like they added translations to Android.
They added a couple of privacy features.
Like they added some stuff late last year
that I'm like, okay, okay.
We're moving in a good direction.
I like this.
And now we're right back to this crap.
So.
Um, a little bit ranty, but yeah,
this is, this is really, to me,
I don't know, maybe,
maybe somebody at Firefox can,
or Mozilla can like write in and tell
me why I'm wrong.
Cause I'm open to it.
But to me,
this just feels like more like, like,
I don't know what if we changed our
name, you know, that'll fix anything.
So it just feels like a waste of
resources to me.
I think the thing that kind of frustrates
people the most about, like, Mozilla is,
like,
they have the money to actually do
something good.
Like,
they get all this money from Google and,
like, all this money from, you know,
people donating and stuff.
And, like, they spend it on, like,
the most silly stuff,
like you were saying,
like the Mozilla AI stuff.
Like, I think...
it kind of is a bit indicative, right?
Like they added all these AI features and
then they added an AI kill switch.
Like, so what was the point?
Like if you think people aren't going to
want it,
like why are you adding it in the
first place?
Well, to be fair,
they only added the AI kill switch after
everybody vehemently said they don't want
this crap.
And actually that is one of the few
things I'll give them is I feel like
their kill switch was very well done
because there's a single button at the top
to just disable AI everything.
or you can go through and pick very
specific like the ai translations i'm like
okay that i'm down for that i don't
mind because i think that's all done on
device and stuff but then like you can
disable the ai chat bot in the sidebar
that i was talking about so it's like
that's the one thing they've done recently
that i'm like i i like that that
was very well done although i also accept
the argument that the ai probably
shouldn't have been in there in the first
place so
Yeah,
I think – but I think the main
thing that I think, like,
is kind of frustrating with that is, like,
I think Mozilla is trying to be, like,
a big tech company when, like,
they're not – that's, like,
the opposite of – that's why people are
using Firefox.
They're using Firefox because they don't
want to use Google Chrome because they
don't want to use, like,
some other big tech browser, right?
Like, it's like they're so unaware of,
like, the reason people are using them.
Like, it's just –
It's bizarre.
And I think that if they actually did
put money into improving things and
actually making... Well,
maybe it's paying off.
Maybe all this AI stuff that they're
adding is actually paying off for them.
I don't know.
But I personally am not interested in that
at all.
Yeah, I agree.
And to me, it's also the implementation.
At least...
DuckDuckGo and Leo,
they do all these things where it's like
there's a layer of privacy there.
Even if it's not enough,
I'll accept that argument too.
But it's like Firefox's AI implementation
is just like, hey,
here's a shortcut to chat GPT.
And?
So yeah, it's crazy.
I don't know what's going on there,
but I really hope they get it together
because I do like Firefox.
I...
I don't know.
I like it.
I would not be opposed to using it
more often.
I just really need them to figure it
out.
LeVar, the tech guy here, said,
Firefox now has AI tabs or smart tabs
or whatever they're calling it.
Yeah, that's another example.
I don't know.
Maybe it's me.
But they have this feature where you can
group tabs together,
and then the AI will automatically name
the tabs based on whatever they are.
And it's like, why?
Why?
Why?
Do I really need the AI to like,
and also do you really need,
maybe this is one of those things where
it's like marketing is everything's AI
now, even when it's not AI,
but it's like,
do you need AI to do that?
But it's weird, man.
It's weird.
So I don't know.
I think that's all I got on that
story.
Yeah, me too.
Not much to,
not much more to add there.
Alrighty.
Well then in that case,
we'll move on to another story from AMD.
Yeah.
And this one's pretty crazy.
So this one started last week.
And at the time,
we didn't really talk about it because
there wasn't too much to say.
But now that the story has evolved a
little more, it's definitely interesting.
So AMD...
For any audio listeners, it says,
following user outcry,
AMD reinstates memory encryption in
consumer CPUs.
So AMD has this thing called TSME,
which is Transparent Secure Memory
Encryption,
and it encrypts the entire content stored
in memory,
making the data useless to adversaries,
performing cold boot attacks and similar
intrusions requiring physical access.
And I want to come back to that
in a little bit.
But...
So they say this was added about a
decade ago and it was specifically added
to the high end CPUs.
Um,
but over time they kind of started rolling
it out to the lower end of processors
as well,
including the consumer version of the
Ryzen chips.
And, um,
basically I want to say it was last
week or, uh, yeah,
sometime within the last couple of weeks,
um,
people noticed that suddenly this
protection was missing from the chips.
Um, I think there's basically, uh,
like a setting in the BIOS where you
can go turn it on or off or
whatever.
And, uh, you know, to people's credit,
the way that I first heard this story
is like, at first, um,
people didn't jump to conclusions.
Uh, they were, uh,
they were rightfully asking like,
you know, hey, where'd this go?
And they reached out to some AMD employees
on social media and they were like, hmm,
that's a good question.
I'll see if I can find out.
And eventually they kind of clammed up
just like, yeah, I can't really say,
which if I remember correctly,
that's actually what one of them said is
like, I can't say.
So is it like you don't know or
like you're not allowed?
But people, you know,
kind of raised hell and AMD basically was
like, oh, okay, well, we'll bring it back.
Which is great, for the record.
They said it'll roll out in a firmware
update scheduled for July, so that's good.
The interesting things to note here are
there's really no explanation why it went
away in the first place.
I think you could make a very valid
argument for the fact that,
from what I understand,
this was never promised.
to lower-end CPU users.
It was just kind of one of those
things that it's like, oh, here,
you can have it too.
But when you have it for the better
part of a decade,
people kind of come to expect it.
And this Ars Technica article noted that
this has been a real problem with big
tech companies lately.
They say, once upon a time,
big tech and corporations in general were
willing to try to acknowledge service and
product changes to ensure customers had a
predictable experience.
They also showed a willingness to admit
mistakes and say how they plan to do
better.
Now there's only silence.
As the company's power and dominance has
mushroomed,
their sense of accountability has
diminished proportionally.
AMD did not respond to questions sent for
this story, which is really disappointing.
I have a very high opinion of AMD.
And if anybody from AMD is listening,
please do better in the future because I
know you can.
But it's...
The article kind of speculates.
I mean, that's all we can do, right?
They didn't really say why.
They did say that it's possible that this
was just like a...
What's the word I'm looking for?
As their product line continues to grow,
maybe...
I'm struggling for the right words here.
Um,
like basically maybe it became a hassle to
support so many chips and that's why they
kind of dropped it.
Um, which is entirely possible.
But again, they never said, we don't know.
They also said that, uh, cause I mean,
it's definitely an intentional thing.
It's like,
there was a whole setting in the firmware
menu that disappeared.
So it's not like, Oh,
this toggle stopped working.
It's like, this toggle is gone.
Like somebody went in there and knowingly
removed it.
Um,
They also noted that you can make the
argument that maybe this was like a
performance thing because a lot of gamers
will use,
I think they said like the Ryzen nine
thousand was the one they cited
specifically.
And, you know,
since encrypting and decrypting does
require performance hit,
a lot of people disable it.
But I don't know, in my opinion,
like this is kind of my main thought
that that I have to share.
I mean, just in general,
not like this is like the big thought,
but, you know, it's to me, it's like.
The more tech savvy people,
like the high-end pro gamers,
they know how to tweak their PCs.
They know how to go in.
They know how to change the settings.
They know how to overclock it.
They know how to do all this stuff.
So the fact that you could go in
and disable this, in my opinion, is fine.
Like they know how to do it and
they can do it.
But defaults matter.
You know, a vast number of people
Do not know what this thing is.
Do not know how to go in and
enable it or disable it.
I didn't know this was a thing until
I read this story.
And so they're just going to leave the
defaults.
And for the vast majority of people who,
because, you know,
tech is constantly advancing, right?
Like we're at a point now where I
will probably never buy anything below
like an iNine or a Ryzen nine or,
you know,
nothing below sixteen gigs of RAM,
probably more than that now that I do
video editing.
And so, you know,
but back in the day you used to
get away with eight gigs of Ram and
maybe like an I five or whatever.
And so my point being is like,
it's not hard to see a world where
even just the casual person is buying a
computer that has one of these better
chips in it just because it's on sale
for black Friday or whatever.
And so they do it.
And now the default is like,
this encryption is enabled.
And, um,
the last thing I kind of wanted to
point out is like,
This protects against physical attacks,
which again is one of those things that
it's like, yeah,
I don't think that's a huge threat for
ninety percent of people watching this,
maybe even more than that.
However, comma.
When the barrier to entry is so low,
why wouldn't you?
Right.
So it's one of those things where it's
like,
why wouldn't you give good defaults and
just turn it on and make sure it's
there?
And then if people want to turn it
off, presumably they know what it is.
They know how to do it.
They know why it's causing issues and they
can go in and turn it off.
Like,
I don't see what was wrong with that
system and why they got rid of it.
But
You know,
I'll end by echoing what Ars Technica said
here,
which is despite AMD's continued opacity
about the incident,
the company deserves credit for restoring
TSME.
Customers complained, some bitterly,
and AMD heard and granted their demands.
So yeah, I mean,
good on them for reversing course and
fixing that.
But yeah, I don't know.
I think that kind of sums up all
my thoughts on that one.
Did you have any additional things that
jumped out at you?
I definitely think I disagree with...
giving the company credit for restoring
it.
Like, they're... Okay, so... Fair enough,
fair enough.
They got caught,
they removed a feature that, like,
was offering protection from people,
and then they restored the feature.
It's like...
good job for fixing a fixing a problem
that you created like it's not it's not
i'm not sure if they deserve credit for
that i think it's good that they actually
responded and like and they restored it
right obviously that's that's positive
because like you said it's like this is
like a feature that has been present on
their consumer cpus for quite a while and
it's, you know,
an extra security feature that does offer
some protection to people.
But I think, you know, it's,
it's just like one of those things where
it feels like every company now is trying
to like squeeze as much money out of
you as possible,
remove as many features as they can get
away with.
Like, you know, it's, it's,
It's not great for people.
And especially with the prices of things
at the moment, it's like, really?
AMD,
you're trying to pull a fast one on
people?
You're trying to remove a feature and hope
that nobody would notice?
It does feel a bit sneaky.
And the fact that AMD didn't really come
out and say, you know, this is...
Something that we accidentally did, right?
Or like, you know,
we didn't mean to do this or offer
an explanation.
So it doesn't really seem like there was
any...
public discussion about it uh really
outside of like like them giving an actual
reason for why this happened um and and
like this said in this article by Dan
Gooden AMD did not respond to questions
sent for this story so like I think
number one is it's good that they restored
it but also they didn't really respond and
like explain why they did it in the
first place so uh that's not great um
But you don't really get that many choices
when it comes to consumer hardware.
What are you going to do?
Are you going to go with Intel?
There's not many options, right?
I think we get in these situations where
we basically have almost a monopoly,
right?
It's almost a monopoly.
It's a duopoly, I guess.
It's an extremely hard industry to break
into because
maybe we'll see Nvidia do something,
but then Nvidia has also got the same
problem.
They're like the only company that makes
super powerful, like data center GPUs.
Um, so, you know, it's, it's,
I do think it is kind of a
problem when all these markets get so like
homogenized that, you know,
AMD could just do that and not restore
it.
They could just remove the feature.
Like no one could do anything about it.
So,
Yeah, it's kind of frustrating.
I'm not really sure how important TSME is,
actually.
I've never seen it be a particularly
sought-after security feature,
so I'm not really sure if this would
even be that impactful from a security
perspective.
I think it's more about the principle of
it than the actual security benefits.
No, I agree,
and that's why I pointed out that it
protects against physical attacks like
cold boot, which, I mean,
maybe this is a me thing,
but I'm a real big believer in rubber
hose attacks, which is the...
It's the joking colloquialism for
basically like...
if the cops want me okay maybe not
the local cops i'd stand up to the
local cops but you know the cia the
nsa the fbi if they kidnap me and
they bring me to a dark basement and
they're like what are your passwords i'm
gonna start listing them off immediately
because i don't have a very high pain
tolerance and like it's just gonna take
them slapping me around a few times more
or less before i'm just like nope i'm
out i'm done i don't have anything that
sensitive so it's it's one of those things
where it's like you know if it was
a remote exploitable thing it'd be like
okay this is probably more important
But it's I feel like that's just in
general,
like a really important thing with a lot
of especially when I was on surveillance
support, you know,
we had a whole section dedicated to like
research and like people would always come
up with these crazy proofs of concept,
like, oh,
they can use your phone as a speaker
or as a microphone to capture like the
sound of your hard drive disk spinning.
And they can use that to like decrypt
your encryption keys.
And it's like, OK,
but step one in this research was put
malware on the phone.
And it's like, well, yeah, at that point,
and sometimes it was even like,
and this required them to have your phone
for like three hours uninterrupted.
And it's like, well, yeah, of course,
at that point, like all bets are off,
man.
So it's,
it's just really important to like keep
that kind of perspective with this stuff.
So yeah, I don't, I don't,
I can't imagine this was like a huge
security feature that saved a lot of
people's data and like protected
journalists in foreign countries,
but yeah.
I still think, like you said,
it's the principle of the matter.
If it was already there and there's
already a way to turn it off if
you don't want it,
I don't really see what good it would
have done to have gotten rid of it
personally.
But yeah,
you make a really good point about they
probably shouldn't have gotten rid of it
in the first place.
That was probably not a great look.
Yeah.
Yeah, maybe check it out.
If you've got a Ryzen CPU,
maybe check it out and see if it's
enabled or not for you.
Maybe it's a feature that you might want
to enable.
I don't really know.
It does say here it's a feature that's
OS dependent,
so I do wonder if this is not
something that works with Linux,
but I could be surprised that it's not.
I thought it said it was OS independent.
Did I misread that?
Yeah.
Here it is.
Unlike secure memory encryption,
TSME is OS independent,
a condition that makes it much easier to
enable.
Oh, OS independent.
Okay.
I thought it said OS dependent.
Okay.
My bad.
Unless you're reading a different section,
in which case that's just really confusing
now and I don't know who's right.
No,
I think you read the part that I
was thinking.
Yeah, no, that is good to hear then.
Maybe go enable that if you haven't got
it enabled.
Yeah, I mean,
hopefully it's enabled by default, right?
But I think I have a Ryzen in
my other computer.
I'll have to take a look at that.
One can hope.
I guess we can dive into some site
updates here.
But we do have some more stories we
want to talk about later today.
We want to dive into some interesting
stuff about smart TVs and botnets.
But first,
I guess we'll give a little bit of
an update of what we've been working on
this week.
Well,
I guess what's been going on at Privacy
Guides.
So basically last week,
if you didn't see it,
we launched a video for members only.
Members first, sorry.
And it's now out this week.
So on Wednesday, Wednesday?
Tuesday.
Yeah, on Tuesday,
sometimes times those can be tricky.
On Tuesday,
we released the Plex Media Server video,
which basically,
if you haven't heard already,
basically there were...
charging seven hundred and fifty dollars
for a lifetime license in july so you
only have a bit of time left if
you did want to get the lifetime license
for i think it was two hundred and
fifty dollars um so if you do want
that you should probably buy it soon
because
Yeah,
it's going to be it's going to be
seven hundred and fifty dollars,
but we kind of offered a separate solution
to that.
You don't need to pay money.
You can use Jellyfin instead.
So it's kind of like a tutorial on
how to get that set up.
It's not really that different to Plex,
to be honest.
Like the whole setup process is pretty
similar.
And they kind of went through and
explained a lot of the basics,
I would say.
It's definitely, it's definitely,
we got some interesting comments on that
video.
We got some feedback saying, you know,
we should have included stuff about remote
access, stuff like that.
And that was,
that was good to hear feedback from the
community.
But I think at the end of the
day,
the video was getting kind of long and
complex.
Like I already had to cut sections that
were in there already.
And it wasn't really super necessary.
I think a lot of people will be
using this, you know,
in their own home to stream to their
television and stuff like that.
We did mention like boarding if you want
access outside your home as well.
So definitely give that a watch if that
sounds interesting to you.
But yeah,
definitely was an interesting video to
work on.
Not really much more going on this week.
As we said at the start,
this week has been extremely quiet.
Like we've had almost no news stories and
like we were like struggling at the last
minute to try and find a story to
put as the headline for this week.
So yeah, kind of the vibe this week.
Yeah.
I'll just add, um,
Jellyfin is by far the easiest thing I've
ever self-hosted.
So, uh,
even if you're new to self-hosting and
you're like,
I just want to kind of dip my
toes in it.
I would say spin up a server, uh,
just as practice,
like even if you never use it,
because like it literally, in my opinion,
does not get any easier than that.
Um,
so it would make for a great Guinea
pig, but yeah,
I've been using Jellyfin for years.
I'm super happy with it.
And, um, uh, yeah,
just to what you were saying about some
of the feedback to kind of give you
guys a tiny little peek behind the
curtain.
We, uh,
I try to keep videos under ten minutes
if I can, just because I've kind of,
watching the analytics,
I've noticed that people kind of stop
watching after about ten minutes.
So yeah, that video was already,
I think it said,
I've already closed the tab,
but I think it was like,
eleven minutes and forty-five seconds or
something,
so it was already kind of getting long,
and you know, if we talked about, like,
now here's how you open it up to
the internet,
then we have to talk about there's
different ways to open it up.
You can use something like Tailscale,
or you can just go straight to the
internet if you're insane.
You know,
but then there's also these concerns that,
like, it was just, you know,
that's definitely,
I think we mentioned a couple times,
we do want to do a general tutorial
for, like,
general self-hosting tips that would
probably include that kind of stuff,
but
Um, this one was specifically like, yeah,
when I,
when I saw the news about like,
they're doing this price hike and it's
like an insane price hike.
I'm like, Ooh,
people are going to be looking on how
to switch.
This would be a good time to like,
try to push people towards something else.
So,
Yeah,
that's kind of what went into that video,
but it was a lot of fun.
On that note,
just to let you guys know,
I did wrap up a script yesterday for
another video that I think Jordan is
leaving some notes on,
and I will check those out this weekend,
but I'm excited for you guys to see
that because that's going to be a history
video going over some important privacy
history and cybersecurity history,
and I'm excited.
I think it's going to come out really
good, but...
Um, yeah,
the only other kind of thing was just
our news briefs.
Uh,
don't forget we have privacyguides.org
slash news, um,
which is also available on, uh,
activity pubs.
So like Mastodon, uh, pixel fed,
whatever your thing of choice is, uh,
at privacy news at mastodon.plus.
There's also an RSS feed, but yeah,
there's the weekly data breach roundup.
I think, no,
we did not cover the story,
but there's a, you know, Meta's,
Meta's little internal AI training key
logger backfired.
Kansas city is pushing for facial
recognition on public transit.
So yeah,
some good stories there from Fria this
week, but I think, yeah, like,
like Jordan said is a,
is a really slow week,
which is kind of why we're leaning into
it and doing this more
relaxed episode.
But that's,
that's all we had going on this week.
But all this is made possible as well
as upcoming stuff that we're working on is
made possible by supporters.
So if you want,
you can sign up for a membership or
donate at privacy guides.org.
You can go to privacyguides.org slash
donate, and it'll take you right there.
You can also pick up some swag at
shop.privacyguides.org.
And Privacy Guides is a nonprofit which
researches and shares privacy-related
information and facilitates a community on
our forum and matrix where people can ask
questions and get advice about staying
private online and preserving their
digital rights.
And on that note,
I think we're going to hop over to
the forum and take another question.
Yeah,
so I got this other question here from
Anonymous.
How are things tracking regarding Keep
Android Open?
So I guess kind of a recap in
case anyone hasn't seen this.
I feel like everyone in our community
might have seen this at this point, but...
Let me just kind of read what the
website says.
Your phone is about to stop being yours.
Ninety six days until lockdown beginning
September twenty twenty six and a silent
update non-consensually pushed by Google
will block every Android app whose
developer hasn't registered with Google,
sign their contract,
paid up and handed over their government
ID.
So this has kind of been an ongoing
thing.
I feel like we talked about this
originally when it came out,
like probably around a year ago,
I would say.
It's kind of been brewing since then.
There hasn't really been too much of an
update as far as I'm aware,
which is kind of frustrating actually,
because I feel like a lot of people
have been opposing this, which is good,
right?
We're suddenly in support of Keep Android
Open.
I believe we might even be listed on
this website, possibly.
I think we are.
I think we signed the open letter.
I'll look for it.
Yeah,
so we definitely are in support of this
whole measure here.
I think it's super important to stop this
sort of stuff.
This kind of ties back a little bit
to what I was saying before about
companies having too much control.
When there's an organization like
Google that basically controls AI.
I mean, sorry, controls Android.
I don't know why I said AI.
I think you've got AI on the mind
a little bit.
So Android, yeah,
they basically can do these sort of
shifts, right?
They can basically create an ecosystem
where only the apps that Google wants to
be allowed access, right?
So this is kind of a problem because
individual developers and small teams
won't be able to publish apps because it
costs money.
There's also financial restrictions
because some people sometimes forget that
like,
the U S dollar is actually quite a
strong currency.
Like if you go to other countries in
the global South, you know, that,
that money might not be worth the same
amount.
It might be like two,
two years of pay.
Like it could be a ridiculous amount of
money for some people.
Um,
and also just like restricting people's
access to,
to using whatever app they want on their
device.
And as far as I know,
there hasn't really been too much of an
update on this unless you've got anything
to add on it.
No, I was going to say that I,
I haven't really heard anything either.
I know.
Yeah.
Some websites like my website,
the new oil,
I've got the little banner up top just
real quick, not to like self promo,
but just real quick,
I'll show you guys what it looks like.
But,
Um, yeah,
I've got this little banner up top that
says Android will be coming with lock
platform and there's a countdown.
So, um, you know,
just trying to do my best part to
spread the word as best I can.
But yeah,
I weirdly have not heard much either,
which is weird.
Cause this is one of those things that
is just like wildly, wildly unpopular.
Um,
I don't know a single person other than
Google who's been like, you know,
this is pretty.
And the closest I've heard is me saying
that, um,
Side loading is a serious problem in some
parts of the world,
specifically like Southeast Asia,
I know is a really big problem where
like that's how a lot of scammers will
like, oh,
go download this like side loaded.
And for the record, yes,
I know we shouldn't be using the term
side loaded.
You know, it should be installing,
but like go download this third party APK
and install this this Bitcoin wallet or
whatever and.
Or it's like, oh,
this is like a premium version of
WhatsApp.
I don't know.
There's a bunch of different ways they do
it.
But my point being is like,
I know that it is a problem in
some parts of the world,
but even then it's like, man,
this is a really heavy handed way to
deal with this.
That it's almost like,
I don't want to say they are being
malicious because we've definitely seen
companies do dumber things and not realize
they were being dumb.
But it's one of those things where it's
like,
how can you not realize what a slippery
slope this is and how much of a
detrimental impact this will have?
And it's such a shame because Android
is...
like notorious for being an open
ecosystem, right?
Like that's what drew a lot of people
to Android is like,
you can tinker with it.
You can put different launchers on it.
It's easier to be a developer.
Like I, back in the day,
like these days, it's really weird.
It's kind of flipped.
Like these days,
there are some apps that are like iPhone
only, but they're not on Android.
They're either like iPhone only or they're
both.
Usually, not always.
But back in the early days of smartphones,
it was the exact opposite.
Like everybody was on Android because it
was like free and open and it was
easier to code for Android.
And the iPhone restrictions were so high
that it's like, yeah,
it's not worth iPhone,
but I guess the market share is switched
so much.
But my point being is like, you know,
Android was always this like super open,
super tinker friendly, developer friendly.
And I've even seen some people like,
I don't know how serious they are,
but I've seen some comments.
It's like, man, if this goes through,
I'm just like, I'm switching to iPhone.
Cause what's the point?
Like the only thing I liked about Android
was that it was open.
And if they're just going to turn into
iPhone, why would I not go with iPhone?
So yeah.
Um, yeah, I mean, I don't,
I don't necessarily agree with that,
but it's just, it's definitely, it's like,
what are they doing?
Like, this is such a weird,
I don't know.
Yeah.
But I haven't heard any updates.
Yeah, I think people are saying like, oh,
it's just what Apple does.
Like, we can just, you know, it's fine.
This is what Apple does.
We can just let it happen.
It's like,
they even like talk about this on the
website.
It says like,
Apple has been a walled garden from day
one.
People choose Android because it's
different.
Apple does it too,
is a race to the bottom.
Like, you know, we don't want...
if we can have one platform that's usable,
it's better than having no platform that's
usable.
Yeah, it's interesting.
I kind of wonder how this is going
to play with the EU's Digital Markets Act
because Apple is kind of being forced in
the EU to allow for installing apps from
third-party app stores and open a lot of
stuff up.
It seems like the pressure hasn't been
quite enough, though,
to force this in the entire world.
It's just kind of only applying to the
EU,
which I guess kind of makes sense because
Apple is like a trillion-dollar company.
They can afford to
screw around with like making multiple
versions of their operating system.
But yeah, so it's, it's, it's not great.
We're definitely opposed to this whole
situation, but it's unfortunate.
We haven't really heard too much of an
update on this from Google,
at least silence from Google.
I was going to say, and it's like,
I don't,
I don't want to make this political,
but I feel like it's almost,
cause you mentioned like, you know,
with all the stuff going on in Europe
about being forced to open up their
system.
But like,
I feel like a lot of this has
to do with the fact that at least
here in the U S we have a
very pro business administration right
now.
And companies are really getting away with
a lot of stuff.
Like there's investigations that were open
before Trump came into office that have
been shut down now.
And like, it's,
I almost feel like it's them being like,
yeah, we can get away with it now.
Like,
you know, if,
if the administration was being a little
bit harsher on businesses and forcing
that, cause I mean,
didn't they just lose like an anti
monopoly lawsuit or something like that?
So it's just, yeah, it's,
it's like they see an opportunity and
they're going for it,
which is unfortunate to the detriment of
everybody.
Yeah,
I do think like the EU has got
like, they have their own interests,
right?
Like they're not doing this EU digital
markets thing just because like they want
it to be a better experience for
everybody.
It's like, no, no,
you're doing this to like, you know,
weaken American tech companies influence
in your region, right?
Like, which is good, right?
Like I think countries should have like
sovereignty.
They shouldn't be relying on
tech products from a single country which
is like as much as people don't want
to admit it like literally like ninety
percent of the internet is just from
America so like you know like everyone's
on Google everyone's on um Facebook
everyone's on Snapchat like all these
platforms are like American tech
corporations um so it kind of makes sense
but yeah it can have goofy consequences
like you know making things not as secure
as they could be but
I think it's definitely an interesting
balancing act.
I definitely have seen that things are
definitely loosening up a bit in the US
at the moment.
And also the actual backbone of the
internet,
I'm on the Wikipedia page right now,
and like,
fifty percent of the tier one ISPs,
which are like,
the top level ISPs that literally provide
the cables that go between continents,
like, I swear,
about fifty percent of them are US.
So, and that's not...
What's this fiber out?
Oh,
that's not even counting how much actual
cable they control.
That's just like how many different
companies there are.
So yay.
Lumen technologies.
Hey, when is a,
when is the next season of severance
coming out?
Anyways.
Yeah.
Yeah.
I think also people are,
people are definitely wary of.
changes and like you know I think the
I think people are starting to realize
that yeah the the the US government is
a little bit unpredictable at the moment
so they don't really want to rely on
them too much which you know it kind
of makes sense so I don't know uh
it's good to acknowledge though that these
things probably need to change at some
point but it definitely seems like at
least right now everything is basically
still run through the United States which
I
can be a problem,
but hasn't been so far,
but it could be a problem in the
future.
For sure.
Um,
before we move on into the next story,
uh,
somebody on YouTube and maybe Bob's your
uncle, maybe just maybe, um, you know,
you, you mentioned the Canadian news.
We did cover this last week, but yeah,
there's bill C-二, which, um, just,
I think has passed like part of your
government,
but not has fully has not fully passed
yet.
But, uh,
Yeah, the government in a classic,
they've tried to paint tinfoil hat privacy
fears
um, you know, for valuing your privacy,
you're crazy.
So yeah, um, we did,
we did cover that I think last week
or the week before,
but that is something definitely to keep
on your radar, especially for Canadians.
Um, please contact your politicians.
This is literally an encryption backdoor.
Like there's already a bunch of services
like signal duck, duck, go Nord VPN,
which we don't recommend,
but just to kind of show you,
like they've all said that they're, uh,
either going to limit services or leave
Canada entirely if this passes.
And, um,
It's a backdoor,
which I know I say this every time,
but we have proof thanks to Salt Typhoon
or maybe it's Volt Typhoon.
I think it's Salt Typhoon.
I should look that up and refresh myself
one of these days.
But that was when China hacked the US's
telecoms infrastructure using a backdoor
that only the good guys are supposed to
use.
And so we know that these things do
not work and they are not only for
the good guys.
We have actual it happened proof.
And for some reason,
politicians keep pushing that lie.
And yeah, this is a classic.
It's called a thought terminating cliche
where like we make you look bad.
That's why they do the whole protect the
children thing,
because then if you protest this,
it's so easy to be like, wow,
what do you hate children?
So, yeah,
definitely keep an eye out for that if
you're Canadian and please try to.
I mean,
do your like I can't do anything.
I'm not Canadian,
but you know what I mean?
Like it's a let's I hope that doesn't
pass because that's not good.
I think another thing that's obviously
this person, being a Canadian,
you probably already know this,
but the Canadian Parliament just went on
summer break.
So, like, this is the perfect time to,
like, you know,
get out there and actually make some noise
about this.
As far as I know,
it still needs to go through the Canadian
Parliament, I believe.
Like, it's been approved, but it's not,
like...
passed actually yet um so uh the house
of commons passed it now it needs to
go to the senate and then presumably the
prime minister or whoever's in charge
there yeah so it still needs to go
through more process so you know
everyone's on break now so you know
Get out there.
I think that'll be, you know,
I do want to say, like,
the previous bills that have,
I think it's C-II,
Bill C-II was another one that was going
through Canada and it was also a similar
type of thing.
It was accessing,
I think it was to do with strengthening
borders, but it had a whole bunch of,
like,
really terrible privacy concessions in
there as well.
And that got sent back.
So I think, you know, get out there.
If you're from Canada and you actually...
Um,
are able to get out there and do
some, there's definitely,
there might be some,
someone organizing protests and stuff.
I'm not sure, but, uh,
definitely send some messages to your
representatives as well.
That can help.
Um,
and hopefully it doesn't actually get put
into effect because yeah, like,
like Nate was saying,
it's like all these massive privacy
companies are saying like,
they're going to leave the country if it
passes.
So, um,
That's kind of a good indication that
something is a really bad idea.
Yeah, that was C-II, so yeah.
All right, well,
on the topic of governments and bad ideas,
I think we'll move into the next story,
which is about the White House app,
which auto-downloads to government phones
and can't be uninstalled.
So this story interests me in particular
because I think there's always a really...
I think it's a really valid debate and
a struggle that I think a lot of
us have as privacy-interested people where
there's a certain amount of privacy that
you give up with an employer, right?
There's a certain level of privacy that
they have to,
at least here in the US,
they have to report your earnings for
taxes and they have to verify your
employment,
like are you eligible to work and
citizenship status and stuff like that.
and um you know i think that's kind
of unavoidable uh for most people like a
handful of people are very lucky and you
can like start your own freelancing
business or something but as a former
freelancer i can tell you that is not
always easy and not right for everyone so
um there's always kind of like a bit
of a struggle between like okay it's your
employer's computer and they have a right
to do whatever they want to their computer
versus like you have a right to privacy
and um
I think this article talks a lot about
how this app is really unpopular for a
lot of political reasons.
I'm not trying to be political,
but just to give you some examples.
There's a button within the app that
allows users to text quote,
text President Trump,
which auto-fills a text bubble reading
greatest president ever,
which is definitely not something that is
very insecure to do.
Yeah.
And somebody said it's shooting pure
unadulterated propaganda into our veins.
So, I mean, there's that.
But I mean, from a privacy perspective,
like this app,
we've known for a while that this app
has a lot of concerns.
Like here, further down,
it gets into April, back in April.
Shortly after the app launched,
cybersecurity experts flagged several
concerns,
including the fact that the app initially
shared users' locations and IP addresses
with third parties.
And if I remember correctly,
it was like pinging them like every thirty
seconds with your location, which is...
Completely insane.
Like that is basically real time
surveillance.
They said that it goes through or it
was developed by this Ohio based company
called Forty Five Press,
which is obviously has a certain political
leaning there.
They say that they specialize in expert
WordPress developments,
expert WordPress development design,
hosting e-commerce and so much more.
Uh, I'll be honest.
I don't know if this matters.
They say that the founder also runs an
X account described as a website directory
of historical and paranormal locations.
Yeah.
And like,
I'm actually going to take their side on
this one.
Like I,
I like to watch a good trashy ghost
story.
Like who cares?
That doesn't mean I don't know how to
do my job.
Um,
Although not to be political,
I will say we have seen a lot
of these alt-right tech companies like
Parler and whatnot and Gab have a lot
of data breaches.
So I would argue that maybe they're not
always great with security, but I digress.
They said that the app incorporates a
widget created by a Russian-based company
called Elfsight, which...
They said there was a vulnerability found.
Oh yes.
Expose the personal information of white
house officials.
They also,
this was one where I kind of had
to put two and two together,
but they pointed out that like,
when you remove this app,
it just comes back.
And this happens to state department
phones as well, which the,
this is where I had to put two
and two together.
The state department is usually the one
handling spies in foreign countries.
So we're forcing this app onto phones and
potentially including of spies, our spies,
in foreign countries.
And I'm trying so very hard not to
be political right now.
But they asked the State Department
whether these concerns,
if they had concerns about the security of
devices of foreign diplomats abroad,
the spokesperson said the agency takes
cybersecurity and protection of department
related issue, blah, blah, blah,
is a PR response.
I'm not even gonna bother reading it.
It was a garbage PR response that didn't
actually say anything.
And again,
I'm not trying to be super political,
but this administration has shown they're
not always on the ball when it comes
to
thinking ahead about cybersecurity and
privacy issues.
So, I mean, this is,
I know it's like I'm not doing a
very good job of not being political,
but I this this is not just like,
well,
it's government phones and they have a
right to do that.
It's like I'm really worried about like
who is getting access to this data.
Why is it pinging this data so much?
Is it sharing this data with third
parties,
potentially hostile countries like Trump
has?
It seems we could be wrong.
We'll see what happens tomorrow.
Trump seems to have come around and maybe
he's not quite as close as with Putin
as he used to be.
Which, you know, on the one hand,
you could argue is a good thing depending
on your political views.
But also, again,
there was that that one like one of
the people who makes this app is Russian.
So it's like, where is this data going?
It's just I don't know, man.
This is this is really unfortunate.
I think it's it's it's pretty crazy.
I don't know.
I think I think I've said plenty there.
Did I miss anything or did anything about
this jump out at you that was worth
discussing?
I think this is funny.
This is pretty funny.
I think it is kind of like one
of those things where it's like,
Why exactly?
Why does this need to be installed on
every device?
I don't know.
I feel like Trump has a little bit
of an ego.
I don't know.
Maybe he thinks that every government
employee needs to have a direct line of
information to their phone, I guess.
But this is like you said.
It's kind of a security risk as well
because this random app that we don't even
know anything about that has a Russian...
like links, like Russian assets in it.
And it's installed on every government
employee's phone.
Like does that, that's, I think, you know,
obviously this would be a lot worse if
it was like forcing it to be installed
on people's personal devices, but like,
yeah, this is a,
this is a government issued device.
Right.
So it's not like it's,
that bad in that respect I think you
kind of unfortunately you kind of give up
any privacy when you're doing something
for work right like your your if your
work I mean it should be that your
work supplies you with devices to do your
work right that should be how it is
but I know that's not the case in
every country I'm not sure if that's the
case in the US maybe it isn't so
but obviously if you're working for the
government then that's a whole other thing
right so it's
Yeah, I don't know.
This is just kind of bizarre, actually.
It's just kind of bizarre.
Like,
I'm not really sure why they thought that
this would need to be installed on every
person's device.
Like, I could understand if it was, like,
every government employee needs to have
Trump Messenger on their phone.
I'd be like, okay, well, you know,
it's like, I can understand that, like,
because they need to communicate, right?
But this is just, like,
an app that has, like, some...
Like you said,
there's unadulterated propaganda or
whatever.
There's just a whole bunch of not really
that relevant stuff in the app that
doesn't really seem that useful.
It's just increasing the security risk for
no reason.
It doesn't really compute to me.
I'm not really sure what the purpose of
this is exactly.
Is it to make government employees...
be up to date on information about the
government.
Maybe I would say maybe, but.
So, yeah, it's, um, first of all, to,
to comment on something you said.
So legally in the U S a company
cannot force you to download an app or
something on your personal device.
Um, but generally speaking,
especially smaller companies,
they don't have the money to give you
your own device.
And especially for like lower ranking
jobs, like, you know,
if you're not to malign anybody flipping
burgers at McDonald's,
but if you're flipping burgers at
McDonald's,
the company's not going to give you an
iPhone just to like clock in or whatever.
Um,
And it kind of becomes one of those,
again, not to be too political,
but it becomes like a class struggle thing
where it's like, okay,
you desperately need a job.
This is the first interview you've had in
months,
which is a potentially true story here in
the US based on some of the stories
I've heard from fellow job seekers.
I don't know why I said fellow,
but job seekers.
And it's like, okay, we're hiring you,
but you have to download this app.
Are you really in a position to say
no?
You don't really have a lot of meaningful
choice there, in my opinion.
But legally, technically,
you can say no or they have to
provide you with a phone.
But the government, I think,
usually does provide a phone,
especially at the federal level.
They tend to have a lot of money.
I remember when I joined the military,
my recruiter had a government phone.
I did not, but he was, you know,
recruiter was a special job where they did
get a government phone.
So they probably do have them.
They probably wouldn't be forced to
download this onto their personal device.
But yeah, it's like you said,
it's so like...
They said this seems to be the same
version as the one that's available to the
public.
So this is not like a special version
of the White House app.
And it says that it promises a mixture
of, quote, real-time updates, live events,
and direct access to the presidency.
The article says that under the social
section of the app,
users can see posts from the White House
Twitter account,
Trump's own true social posts,
and videos shared on an official TikTok
and Instagram account,
among other platforms.
The new section of the app includes White
House press releases, briefings,
and fact sheets,
as well as selected articles from Fox,
Breitbart, Reuters, the New York Post,
and other outlets,
all of which paint a positive picture of
the administration's policies or attack
Democrats.
So, I mean, again,
struggling as best I can to put personal
opinions and political commentary aside,
you're absolutely right.
Like, what purpose does this serve?
Especially because based on my limited
time working in government –
Anything important is an email.
Like,
I cannot imagine that you're going to get
a ping from this app's notifications
that's like, by the way,
you're getting a raise or like, you know,
like they've changed the menu in the
cafeteria today.
Like,
I just cannot imagine what this app could
possibly tell you that you couldn't figure
out either A,
by just reading the news yourself from
your outlet of choice or B,
that you won't get an email from your
boss.
So yeah, it's...
It's a very strange,
as far as I know,
I could be wrong,
but I don't think any other administration
has ever like done this.
And I know relatively speaking,
we haven't had a whole lot of digital
presidencies.
I think Obama was like the first really
digital president, so to speak.
But yeah, this is definitely,
it's a choice.
We'll say that.
Yeah,
I think the easy way to get through
to people about this, you know,
depending on,
I know there's people out there who,
you know,
probably don't agree with us on our
political views, but like, you know,
I think we can all agree that like
a crappy,
poorly coded like app that has like
malware in it is probably not a good
idea to have on government employee
devices, you know,
especially like you said,
people in other countries, like,
You know, spies, government employees,
all sorts of stuff.
Like it sounds like a national security
risk to me.
That's what it sounds like.
That's what jumped out at me is like
I guarantee you from that garbage PR
response that the White House gave Wired
or Ars Technica here,
it's like if it wasn't on foreign devices,
I feel like they would say that.
It's something to that effect.
But this whole like we take cybersecurity
and protection of department-issued
devices, not personnel by the way,
just devices,
any applications made available on the
blah, blah, blah, blah, blah, blah, blah.
It's like so yes.
So right now,
there is somebody operating in China that
keeps getting this crap pushed to his
phone every freaking night when he removes
it, and you're putting his life at risk.
And I need to stop there.
Yeah,
I don't really think I have too much
more to add here.
I think this is for people outside the
US.
This is kind of funny.
But like for people in the US,
you know,
this is kind of a this is kind
of a national security concern, I think.
So I mean, I'm with you.
Like for as somebody who's not working in
government,
it's like it's easy for me to just
put my head in my hands like, oh,
but it's like, dude,
like you're getting you're putting people
at risk.
It's
Yeah, exactly.
I think also,
I guess we can dive into the next
story here.
We kind of talked about that for a
while, unless you have any more to add,
Nate?
No, I'm good.
Cool.
All right, so this next story,
fifty percent of LG and Samsung smart TVs
embed residential proxies.
So thousands of smart TV applications
available on LG and Samsung platforms
contain software that turns devices into
residential proxy nodes.
Researchers at Spur Intelligence
identified proxy SDKs in two thousand of
six thousand WebOS and Tizen apps they
analyzed.
So I guess if you don't know what
a residential proxy is,
it's basically like a VPN node,
but it's in a residential IP.
So basically, you know,
turning someone's smart TV into a VPN
node.
And the reason why this is actually useful
to, you know,
threat actors is because they
a lot of times these residential IP
addresses aren't actually,
they have good reputation.
They actually don't have restrictions
because a lot of these, you know,
VPN IP addresses,
a lot of times they're abused by,
you know, people doing nefarious stuff.
So, you know,
when you have a residential proxy IP
address,
you're actually bypassing a lot of the
issues that VPNs have.
And a lot of times these residential
proxies are even used in botnets and DDoS
attacks.
You know,
having all these thousands of Tizen and LG
TVs just like all DDoSing somebody.
So, you know,
that is another thing they can do.
I guess also kind of, you know,
Reading more from the article here,
researchers found that Bright Data,
Bright Data LTD and Bright SDK were
associated through three hundred and sixty
seven proxy enabled apps,
while Honeygrain UAB,
an Oxylab subsidiary,
appeared as the publisher of sixteen
applications.
And most of those apps were identified as
simple games, screensavers,
clocks and utility tools.
And basically,
the way these apps would work is they
would obtain consent basically through a
one-time prompt during the setup process.
And it would basically say like, oh,
do you want to allow network access or
whatever?
And yeah,
the report sites examples in which users
are given a choice between viewing
advertisements and allowing the app to
monetize the internet connection via a
proxy network.
And I guess this is also kind of
a massive security risk, right?
You're basically allowing some random
company to have access to your internet
connection to make connections to other
people outside the network.
So, yeah,
you don't want like random traffic
associated with your IP address, right?
Like it could be people doing stuff that's
illegal.
It could be people DDoSing.
You know,
you don't want your residential IP address
associated with that activity.
So...
Yeah,
the article also says it can raise privacy
concerns because proxy-enabled TV apps
could create security risks because they
operate on the same network as routers,
printers, cameras, NAS devices,
and computers.
And if a proxy provider's safeguards fail
or are bypassed,
attackers could potentially gain a
foothold inside some home networks.
so i kind of shared this a little
bit um with people in my life because
unfortunately i know people that are using
lg and samsung televisions and honestly i
wouldn't be surprised if some of them
actually had these residential proxy apps
installed so it's kind of concerning that
this is so popular and it actually exists
on so many apps on these tvs um
do you have anything you wanted to add
as well nate
No, I think there's a couple of things.
Like you said, it's very,
like I'll admit on one of our TVs,
I did kind of poke around the app
stores a little bit and I did look
at like, oh, here's a really cute,
it's the Roku TV, I'll say that.
And I'll say why I said that in
a minute.
You know,
I poke around and I look at like,
oh,
there's a really cute like a like it's
a screensaver of foxes or whatever.
It's super cute.
But then eventually I just decided like,
yeah,
but I like the standard Roku one where
it just shows the city and there's like,
you know,
you get to spot all the movie references
and stuff in the background.
So but my point being is like, yeah,
you know,
I feel like a lot of the time,
especially with Android, I am.
We talk about like, oh, you know,
there was this malicious app that was
removed and it's been downloaded like five
hundred thousand times.
And it's like it's actually like thirteen
different apps that all have the same
malware in it.
And when you look at the list of
apps, in my personal opinion,
it's some of the dumbest crap I've ever
seen.
It's like, oh, it's like a flashlight app.
And it's like your phone already has a
flashlight.
What are you doing?
Or, you know, it's like...
like an AI powered PDF scanner or like
just all these weird things that I'm like,
why are people even downloading this?
But, you know,
things like I don't know who's playing
games on their TV, but like screensavers,
clocks, utilities.
I'm like, OK,
I could see why people download that kind
of stuff.
So it really sucks.
And.
Yeah, it's just a reminder that,
especially with these IoT devices,
at the top of the show,
we talked about desktop versus mobile
device and privacy and security.
And with these IoT devices,
you get neither.
There's so little meaningful stuff you can
do to them.
in terms of hardening them or adding
privacy protections.
There's the classic joke that the S in
IoT stands for security.
And if you're confused,
just think about it for a second,
because I didn't get it the first time
either.
And so it's one of those things where
less is definitely more with these kind of
devices.
Just stick to the official apps that you
really need to use.
And I mean, I'll note, you know, like,
yeah, in a perfect world, like, you know,
spin up a Jellyfin server, right?
And just like try to keep it in-house
and then it doesn't even need to hit
the WAN.
But, you know, basic things,
changing the default passwords, you know,
trying to put,
maybe put like a DNS on your router
that's known to block malware.
That's not a hundred percent safe,
but it's, I mean, it's, you know,
it's all these things add up and,
I think, um,
the last thing I want to say, uh,
just because I can never resist a chance
to take a shot at Samsung.
The article does point out that, um,
cause in, in these,
I think these particular ones,
they focus it on like bright data,
massive and oxy labs.
I think these are actual like advertising
companies that technically aren't doing
anything illegal.
They're just being really shady and not
super transparent,
but they're not malware by the technical
definition.
Um,
But they do know that...
Where did it go?
They say one of the reasons that this
is popular,
especially with LG and Samsung,
Amazon's developer rules prohibit apps
that facilitate third-party proxy
services,
while Roku has reportedly blocked
applications that use the Bright SDK and
similar technologies.
Spur found no equivalent public
restrictions from LG or Samsung.
So...
Yeah,
basically the LG and Samsung are letting
this happen, which is super unfortunate.
But yeah, it's – oh,
there was one other thing I wanted to
say.
You're absolutely right about – a lot of
the time when we talk about compromised
IoT devices like routers, for example,
we try to point out –
Partially as like, here's how you,
one way that you can find out if
this has happened to you,
but also like just to kind of,
I think I do it to kind of
motivate people.
If your router, for example,
has been hijacked by a crypto miner,
you'll notice a slowed network.
So that's not only one way you'll know,
maybe not know, but you might suspect,
but also to kind of motivate people like,
yeah,
you should care about this because your
internet's going to slow down and that
sucks.
Yeah.
But yeah,
Jordan noted that this could even come
back to you.
There was a story that I could try
to go find if anybody cares,
but there was a story about a British
couple that the police showed up at their
door and basically accused them of
downloading CSAM,
like child sexual abuse material.
And it turned out that somebody,
I think it might've even been their
neighbor,
like hijacking their wifi or something,
but somebody somehow had gotten access to
their router and done illegal things from
their router.
So it all pointed back to them.
And thank God the family was cleared.
Like the cops spoke to them and the
cops were like, okay,
clearly this was not you.
I think they found the malware.
They got it all cleared away,
but still it's like, those are, um,
A very good book,
not to ramble too much,
but what's it called?
Tracers in the Dark by Andy Greenberg,
who is a fantastic tech journalist for
Wired, I believe.
this book takes place in four parts and
it's basically talking about a cyber
crime.
The last part of the book specifically
focused on like CSAM sites.
And they talked about the first person
that the cops, like not the first ever,
but the cops he spoke to,
they started this new operation to take
down a site.
And the first person that they like
arrested.
So they arrested him,
they booked him and they're like,
you're charged with this.
Okay.
Like go home.
And cause you know, if you don't know,
you know,
Um, when they let him go,
he jumped out of his high rise apartment
building, um,
to put it in a way that YouTube
will let us get away with.
And, uh,
that was the moment that all the cops
realized it's like, we need to,
and I'm pretty sure he was guilty,
but they realized like,
we need to make a hundred percent sure
that we're guilty if we arrest people,
because this destroys people's lives.
Like this dude was basically like,
my life is over.
I can't go back to work.
And again, he was guilty, but you know,
it's, it's like, that's my point is like,
even though this family was cleared, um,
those are the kinds of things that like
stay with you.
And it doesn't matter how many times you
say like, Oh,
but the cops said we were good.
It's like, people are like, uh-huh.
Did they really sure?
Like, yeah.
So I don't know.
I'm not trying to scare people, but it's,
it's,
this stuff does have serious consequences
and it's scary stuff.
So be careful what you put on your
devices and what devices you let into your
home and which ones you let on the
internet in general.
Thank you for coming to my Ted talk.
Tip your servers.
I would say, yeah, I kind of,
I don't know, maybe this is bad advice,
but I would say probably try not to
use the integrated operating system
included on your smart TV.
I feel like a lot of times it's
got a lot of issues.
Like it'll be, you know, not secure.
It'll allow installation of malware like
that.
It's usually not getting security updates
as well.
And, you know, it depends.
Maybe you're logging into a bunch of stuff
on your smart TV and all those accounts
could get compromised.
Or like we saw in this story,
like a bunch of apps have just got
like a residential proxy included,
which I think most people would say they
don't want on their
on their TV.
Um, and you know,
there's options outside of using the
operating system included on your
television, or, you know, you could do,
you could do something really wild.
You could like not use a television.
I mean, but that is,
maybe that's too far.
Um, but I think, you know, there's,
there's definitely,
there's definitely issues with
this sort of stuff.
We've,
we haven't really looked too much into
like what the options are like at privacy
guides.
Like we don't have any formal
recommendations, I guess, but I mean,
I think you'd probably be a lot better
off if you went with something from like
a major manufacturer,
like Google or Apple,
like as much as I dislike Google and
Apple,
like
you know,
you're not going to have an issue with
an app being a residential proxy or, like,
getting software updates.
So, yeah,
I think it's definitely something that you
should try and think about.
A lot of people kind of forget when
it comes to IoT devices, like,
is this device getting updates?
Is this whole process of installing apps,
is it, like, you know,
are these apps vetted?
Is this an official app, you know?
I think it's a good thing to think
about if you haven't really thought about
using, you know,
securing your that area of your life I
guess so I mean I don't really have
more to add to this but I think
it's definitely worth checking and you
know the the the worst the best I
think process here would just be using as
little apps as possible just like install
absolutely the bare minimum that you need
you know don't install screen savers don't
install like
random apps that you don't know what they
do.
So just be careful out there.
Yeah,
don't really have too much more to add.
Yeah, I mean, me personally,
I'm the kind of person, like,
if the screensaver comes on,
that probably means I need to turn the
TV off because I'm doing other stuff.
But yeah, I'm with you.
Like,
the only things we have installed on our
TVs are Jellyfin, Crunchyroll,
because my wife does actually watch a lot
of anime, and Apple Music,
because I'm the one who will be like,
oh, okay, I'm sitting out here.
Or it's more like if company comes over,
like, we're not really watching TV,
but we just want some background noise on,
so I'll just put on, like, some music.
But yeah, it's definitely...
The only other thing I wanted to add
is I think if you're reasonably tech
savvy,
which I think most of our viewers are,
maybe one of those DNS options that lets
you see what network connections are
happening, like Next DNS, Piehole.
I know IVPN's got their mod DNS or
whatever now, something like that.
I don't know.
Some of them I think don't really give
you a lot of control over it,
but I know like mod DNS and pie
hole, for example, you'll be able to see,
you know,
where it's connecting and block it,
which I mean,
really the important thing is to know
like, Oh, this is making connections.
Like what the hell is this random Russian
IP address that it's connecting to?
And I mean,
that alone will let you know what's going
on, but yeah, I think,
I don't know if I want to,
I don't know if I want to say
too much.
Somebody well-known in our privacy chat
was actually asking about this very
specific article earlier.
And we were kind of talking about what
sort of defenses,
like how can you detect it and stuff
like that.
So hopefully they will dig up some stuff
in the research and maybe we can share
it with you guys about how to detect
this stuff and defend against it.
But I don't want to say who and
too much more because I don't want to
commit them to something if they don't
turn anything up.
But yeah.
That's all I got.
So, yeah.
I mean, again,
it's been kind of a more relaxed episode.
And we've been taking viewer questions.
But we'll definitely shift over to the
official Q&A segment in a little bit.
So if you've been holding on to any
questions or you've just been kind of
listening in the background and anything
popped into your head,
go ahead and leave your questions either
in the chat or we do have a
forum that I've been keeping open in
another window and keeping an eye on.
Forum post, I mean.
But in the meantime,
we're going to hop over to the community
forum.
Um, there's always a lot of activity and,
uh,
there were definitely a lot of posts this
week.
Um, but this week specifically,
I think the, uh,
the one I wanted to share the most,
um, came from one of our,
our regulars and the title of this post
says deflock groups may be organizing near
you.
And I think I, um,
I wanted to share this just kind of
as a shout out and like a call
to action for anybody who doesn't know.
So you guys probably know about Flock,
the license plate reader,
very wildly unpopular company with a,
I live in America,
I'm going to say a completely insane CEO
and has a lot of hot takes about
how all privacy people just like want
crime and lawlessness to win.
Clearly I love crime.
It's my favorite.
Um,
that's why I've never publicly endorsed
piracy because I love crime so much
anyways.
Um, so yeah, one of our members has,
uh, posted this,
this forum post that is a deflock groups
may be organizing near you.
And basically they say,
if you're living in the U S and
you're concerned about flock cameras, uh,
there's a good possibility that there's
local groups at either the state or the
city level.
And, um,
they may also care about additional rights
besides just flock.
And they basically just left a list of
local groups that they're aware of.
And, um,
I am so sorry,
but I am going to read off the
list of states here very quickly.
So if you think you heard yours,
go ahead and check the newsletter in the
show notes and see if it's in there.
But Alabama, Arizona, California,
Colorado, Connecticut, Washington, D.C.,
Florida, Georgia, Iowa, Illinois, Indiana,
Kansas, Louisiana, Minnesota, Missouri,
North Carolina, Nevada, Ohio,
South Carolina, Tennessee, Texas,
Virginia, Washington State, and Wisconsin.
And of course,
you can always start your own.
So, yeah,
I guess I just wanted to share that
because I know we do have a –
we're trying to encourage people to get
involved and speak up wherever possible,
and that may be a good starting point.
If you're, like,
not really sure where to go and you
live in one of those areas,
definitely check this link that they left
here and see if you can get connected
with a local group.
I –
I'll go ahead and say, um,
I'm on the board of EFF Austin.
I know I mentioned that before we have
done some work with, uh,
the no ALPRs chapter in Texas.
Um, super awesome people.
And that is how I ended up on
the board was I was just like, I,
I don't really have a lot of money
to donate, but I want to get involved.
And I found like a local digital rights
group and I just started showing up and
attending meetings and volunteering my
time.
And, um,
we've been able to do some really cool
stuff.
Um,
Mostly thanks to other board members,
not really so much myself,
but I help keep us organized, I guess.
So yeah, it's definitely, in my opinion,
I mean, I'm biased,
but I think it's worth it to get
involved in these kind of groups.
So yeah,
I think that's all I got on that
one.
Do you have anything you wanted to add
about that, Jordan?
I think it is kind of important to
get involved locally.
A lot of people, I think,
they kind of think that this is a
privacy thing, like, oh,
I'll just install uBlock Origin and run
Linux and Graphene OS and not do anything.
But it's like there's all these issues
that are going on in the real world,
too, that are super important.
There's not that many default groups right
now.
You've got, what, fifty states?
And there's not even twenty, maybe?
I was going to say,
is that maybe just under half,
give or take?
Okay.
Definitely a lot of room for improvement.
Yeah, definitely a bit of room to improve.
And, you know, even some,
it looks like some states have got,
you know, like five or six.
So get out there.
You know,
maybe if there's no group in your local
area, you know, get on it.
Start a chapter or something.
And I just want to say smaller States
too.
Like obviously you would look at a state
like California, that's just massive.
And you would expect to see multiple
groups,
but I mean like Arizona has to Colorado
has to Florida has like five, which, okay.
I guess Florida is a little bit bigger
of a state,
but Illinois has got like five.
Virginia's got four.
Ohio's got five.
Did I say Virginia?
Virginia's got like seven.
Holy crap.
Virginia is not that big of a state.
So yeah, I mean,
Yeah, there's room for everybody for sure.
It also does seem like some of these
groups are groups for other stuff,
but they also are against this stuff.
So if you're involved in a local...
political group maybe you can get them on
board with this sort of stuff it looks
like i did see there was one in
virginia dsa so maybe see if you've if
you're a part of a local like political
group you can get involved with that or
you know start your own thing yeah and
i mean just to put it out there
we have the privacyguides.org activism
talks about like how to organize how to
uh
how to, you know, it's,
it's not like a step-by-step maybe,
I don't know that I don't want to
commit.
That might be a little too much,
but maybe we should look into seeing if
we can put out a guide about how
to actually start a group.
Cause I mean, it's honestly,
in my experience,
granted limited experience,
but it's not that hard.
It's just,
it's a patience game because you have to
like,
Okay.
You have to go find a venue,
which is usually not too hard.
You can usually find someplace that's
willing to like, yeah,
you guys can have like, you know,
you can go to a restaurant and it's
like,
you guys can have the back room like
once a month or something.
And then, but then from there,
like the real challenge is just getting
the word out and getting people to show
up, I think.
So it's, it's, it's not complicated.
That's what it is.
It's not hard or it is hard,
but it's not complicated, but you know,
it's, I mean, I don't know.
I think we should, uh,
maybe look into that.
I'm not making any promises,
but I'll look into that and see if
we can offer any advice there.
Yeah.
There's public spaces, you know,
libraries, all sorts of places there.
They don't care about that sort of stuff.
They'll let you, if you have a group,
they'll let you, you know,
set up shop a little bit.
So I think it's definitely very positive
stuff.
I think, you know, we should try and
make sure this gets more popular because
the more that this stuff gets more
popular, the more normalized it is.
You know, I feel like some people,
they hear the word like activist and they
immediately recoil,
which is a bit of a problem, right?
Because, you know,
like this stuff isn't going to change if
nobody does anything.
So like,
When we see all these flock cameras being
put up and then nothing happens,
it's like, well,
you've got to do something.
You've got to actually get out there and
make some noise because...
That's kind of how you get your rights,
right?
You have to fight for them.
You don't just get them automatically.
So yeah, definitely important.
Definitely check out privacyguides.org
forward slash activism if you're
interested in learning more about that.
But yeah,
we're definitely not opposed to expanding
the activism section.
It's something we've been talking about.
you know,
possibly doing more improvements to that.
But we kind of just, yeah,
see how we go with that.
I don't really have anything more to add
on this.
Was there anything else you wanted to
cover on the forum this week?
No, it was a really busy week,
but a lot of it... And personally,
this actually makes me happy.
A lot of it was questions,
especially from newbies.
I feel like I saw a lot of
questions from new people this week,
which makes me so happy, personally,
that there's new people getting into
privacy.
I am a...
I am a firm believer that there are
no stupid questions that are asked in good
faith.
So, um, I mean,
definitely use the search function.
Cause I mean,
the forum has been around for a long
time and there's a good chance that
somebody else has asked your question,
but, uh, it's still like,
if you do a search and it's not
there, like, you know, it's, it's,
it's cool to see people like getting into
privacy and learning is kind of what I'm
getting at.
But,
Um, yeah, that was,
that was kind of all I saw in
the forum.
So I think we're good to open the
floor if anybody's been holding on to any
questions.
Definitely.
Um, I guess, yeah,
I didn't really see any other stories in
the forum this week either.
Definitely been, oh, we keep saying it,
but like, yeah, it's been,
it's been a kind of slow week and
yeah.
you know, it's very rare.
I feel like it is so rare.
Like we've been kind of working pretty
hard since and, you know,
we rarely get a week where we're like,
oh, there's nothing we can talk about.
There's not really any big story.
So it's nice to, you know,
sometimes have a little bit of a more
chill time and, you know,
talk about some more positive stuff as
well.
So that is good.
Yeah,
I think one time when I was at
Surveillance Reporter, when I was there,
our episodes averaged about thirty to
forty five minutes, depending on the week.
And I think there was one time we
literally had like an eleven minute
episode because there was just no news at
all that week.
It was it was really weird.
But, you know,
in the like five years I was there,
that only happened once.
So.
So it does happen.
Definitely.
I mean,
not really seeing any other questions,
unless there's anything you really wanted
to talk about this week.
Trying to think.
Yeah.
Like we've covered most things.
I'm not really seeing any,
any other comments anywhere else either.
So maybe we do wrap it up early
this week.
I guess so.
Yeah.
I mean,
I don't know why I want to talk
about sci-fi, but what else is new?
I always want to do that.
That's all I got.
Yeah.
Okay.
So yeah,
we'll wrap it up a little bit early
this week.
Again, for the ten millionth time,
lighter week.
But all the updates from this week in
privacy will be shared on the blog every
week.
So sign up for the newsletter or subscribe
with your favorite RSS reader if you want
to stay tuned.
Friendly reminder,
I schedule that to go out as we
go live.
So that is also a good reminder to
get a notification.
if you want that.
And for people who prefer audio,
we offer a podcast available on all
podcast platforms and again through RSS.
And this video will be synced to PeerTube.
Privacy Guides is an impartial nonprofit
organization that is focused on building a
strong privacy advocacy community and
delivering the best digital privacy and
consumer technology rights advice on the
internet.
If you want to support our mission,
you can make a donation on our website
at privacyguides.org slash donate.
Alternately, to make a donation,
you can go to privacyguides.org,
click the red heart icon located in the
top right corner of the page,
should be on every page.
You can contribute using standard fiat
currency like debit or credit card,
or you can donate anonymously using Monero
or your favorite cryptocurrency.
Becoming a paid member unlocks exclusive
perks like early access to video content,
priority access during the live stream Q&A
on normal weeks.
You'll also get early access to the show
notes and a cool badge on your profile
page.
in the Privacy Guides forum and the warm,
fuzzy feeling of supporting independent
media.
So thank you all so much for watching,
and we'll be back next week with more
news.
