The thing that pisses me off the most is that they are disingenuous almost to the point of lying in interpreting that survey’s results. They say that 75% of users are interested in GenAI, when actually what they asked is whether people have used any GenAI at all in the recent past. And that still doesn’t mean they want GenAI in Proton. That’s a pretty significant sleight of hand. The more relevant question would have been the first one on what service people want the most. In that case only 29% asked for a writing assistant, which is still not the same thing as a full LLM. The most likely answer to “how many Proton customers want an LLM in Proton Mail” seems to be “few”.
Thank you for the links, I had found a few of these but some are new. The basic idea is there, I’ll see if any of these can work for us. I’m growing more convinced though that hosting a whole app for this super simple use case might not be worth it, I think we might pivot to just hosting a really basic static page for it.
This is way too overkill for what we need. I’m sorry, I’ve been intentionally vague about the context for this but I guess it’s too unclear. We’re an activist group planning a protest. We might have to get this set up literally tomorrow and every penny comes out of (mostly my) pocket. We’re also all paranoid about opsec and anonymity, which is why the requirement about avoiding corporate services is there. Perhaps I should have posted this in a privacy focused comm instead, I apologize.
It’s pretty overkill for what we need, and it would still fall under “corporate” for us. At that point I could just go for the static Notion page which I can get live in 5m for free.
We can set up all of those but again, that’s kinda expensive for us rn. What’s the benefit of using a CMS like Joomla versus wishthis, or even a basic Caddy/Nginx webserver with a static page?
Oh yeah, you’re right on that. If I’m looking for privacy from the subscription manager signing up with a service like this is a terrible choice, because it is fully a financial institution.
I wish they were all on the same day of the month…
Dates aren’t a big concern though. What I was hoping for is something that would update automatically to some extent if (say) some amounts change, or a payment is missed. But I guess indeed that’s basically impossible without access to my payment data.
Given that I have to update it manually though, I would at least like it to be synced remotely. So that I can, say, check it from my laptop on a webpage or desktop app without redoing all the manual data input.
For my use case yes, that would defeat the purpose, but for what it’s trying to do it kinda makes sense… At least, they have to do it to comply with payment regulations. And you’re still only exposing your identity to one service with a decent reputation, rather than plenty of possibly shadier ones. It seems like a fair tradeoff if what you’re looking for is privacy from services you want to pay for.
I’m not American, it seems to be available in the US only…
I guess you’re right, yeah. I was hoping someone had figured out a different solution, perhaps integrating directly with the individual subscription providers. But I guess that’s way too broad of a scope, integrating with countless individual services.
At least a cross-platform, cloud backed “spreadsheet” would be nice to have though.
[…] I set up a cloud service where my VPN service would be located on Amazon’s web services, a reputable and widely trusted cloud provider. […] After about an hour, I set up a VPN that worked flawlessly. The best part? Not only is it free to use […]
Sorry, what? Last time I checked AWS VPSs were very much NOT free to use, and I’m pretty sure the lowest tier is still more expensive than your average VPN.
Also, this article seems to be arguing against its own points: “you probably don’t need a VPN, but I have one anyway”…
God I hope this is a bit
Are these from a video game or Terry Pratchett’s Night Watch books?
Me when I start seeing sickoposting in my default Lemmy comms
Interesting demo! Does this use the user agent string for identifying clients?
Oh I mean, sure, but I don’t think IP logging is the main privacy concern with spy pixels.
I’m assuming this trick uses the user agent string and other request metadata to identify clients. Even if it didn’t recognize Jerboa as a client, it did guess that I was on mobile. That’s not possible just by tracking IPs, unless they’re cross-referencing it with other datasets. Also, I was on VPN anyway, so the IP would have been useless.
It should be possible for clients to obfuscate/fake the metadata of image requests to make tracking with spy pixels less effective.
Can countermeasures be implemented in the clients to mitigate privacy risks, while not having to proxy images?
Or just https://pluralistic.net/2023/07/24/rent-to-pwn/
He has a mirror of his blog on his own website without paywall. Not sure why he still publishes on Medium too, visibility I guess…
Awesome work folks, thanks!
Wild ass comment.
Who doesn’t??? What do you do, copy 20-char randomly generated passwords manually all the time? That’s the whole point of password managers…
Browsers are NOT a secure storage for sensitive data, if you want a local password manager at least please use KeePassXC.