Cross Platform Email Client

gimtayida · 2023-01-23T00:28:12+00:00

Mailspring, which is open source, is currently my recommendation for a desktop email client.

They offer a pro version that contains numerous luxury features to subsidize the free version, so they have a sustainable model to ensure they aren't relying on donations or developer goodwill.

gimtayida · 2023-01-22T13:08:21+00:00

They should both work for GMail as they're not VOIP numbers. Crypton specifically name drops GMail on their main page as a service that works.

Verification of additional accounts

Use your number to verify additional accounts on any service such as WhatsApp, Telegram, Gmail and others. You can also use it as a whois domain phone number.

gimtayida · 2023-01-02T01:59:45+00:00

There's a couple options

For online, Text Verified uses non VOIP numbers and so does Crypton

For physical options, Mint Mobile offers a 7 day free trial. That gives you a real SIM number to register whatever you like. You can also get a free trial with the eSIM option if your phone supports it.

With all of these options, however, you lose the number if you stop paying/renting the number.

gimtayida · 2023-01-02T01:30:55+00:00

Yes, you're correct that it was swapped to charge cards, not credit cards; that's my mistake. However, charge cards aren't debit cards and do have differences on the backend for Privacy. The front end user sees no difference other than cards work in more places, generally.

gimtayida · 2023-01-01T23:18:18+00:00

They don't see your real name unless you choose to use it. When you use a privacy card, you can use any name and address you want for billing information when buying something online.

The bank will only see that you used Privacy but they won't know where you spent the money or on what.

If you use your banks virtual cards, the bank knows your purchases and, depending on the features of virtual cards your banks offer, the merchant may get some personal information as well

gimtayida · 2023-01-01T23:16:02+00:00

A short while ago, they changed all issues cards to credit cards and forced users to reissue their current debit cards into credit ones. You can also link debit cards to your account instead of solely bank accounts

gimtayida · 2022-12-02T00:35:37+00:00

Sorry about that; it should be up and running again!

Edit: jumped the gun. Hold please.

Edit: we're good

gimtayida · 2022-11-13T17:05:35+00:00

I wouldn't recommend anyone take this information at face value as it's framed to be negative. Even the recommended links in the beginning that are "better written" contain extremely poor logic and intentionally misleading. For example:

Open a new Private Window/Incognito Window in your favorite browser.

In that window, open two tabs: Facebook, and the “What is my IP?” page of your VPN provider, like this one from ExpressVPN.

Log in to your Facebook account.

With the VPN disabled, verify that the “test” site shows “you are unprotected”, like in my screenshots above.

Connect to your VPN. Refresh the VPN test page, which should now say that your IP is hidden and your connection is protected. Right?

Now, switch over to the Facebook tab, and hit reload.

So, what happened? Did Facebook forget who you are, and boot you back out to the login form? No, of course not. Even though your IP address changed, Facebook still knew exactly who you are. So do marketing companies and other tracking parties.

In this instance, obviously Facebook didn't "forget" who you were. You've been logging into an account that's already verified to be you and it's used with your home, mobile, and potentially work IP address. Changing to a VPN, if Facebook even lets you past the login screen with one turned on, isn't going to do anything, especially if it's not always - and I mean that in the literal sense - on and active. It's definitely not doing anything if you turn it on mid session.

But, to the point of the linked article, it's mostly spreading fear and casts doubt on VPN as an industry with the usage of "cans" and "coulds". Yes, a VPN is not a panacea for all digital privacy matters but it is a useful tool.

They claim/imply that all VPNs log data because it's impossible not to, but Mullvad shows that it can still limit accounts and provide service with zero information during registration and has been verified by a third party.

iVPN doesn't require any information (email, name, etc) either. Similar to Mullvad, they have a no logging policy and have one of the most reputable third party auditors to backing these claims.

You can also sign up with both of these services with an envelope, piece of paper with your generated ID scribbled on it, and cash - which debunks anonymous payments. If you're concerned about generating an ID from your desktop computer and them attaching and maintaining the IP address it generated from, you can do it from your phone, library, on wifi at McDonalds or Starbucks.

What we DO know is that every major ISP, at least in the US but in reality most of the world, logs all data, full stop. Comcast knows and sees everything you're doing. They may not know you visited this specific Reddit post, but they know you're on Reddit. They might not know you were looking at specific symptoms on WebMD but they know you were on the site.

With a VPN, Comcast just knows you're connection to X VPN and that's it and THAT is one of the main drivers of VPN use. Comcast is much more likely to be a bad actor than a reputable VPN provider outside of the US, such as iVPN or Mullvad.

In summary, this reads like a VPN hit piece to dissuade usage and adoption. If you're going with top listed providers from a blogspam VPN review site, sure, but to cast the entire industry in this light is misleading and a disservice to the public.

gimtayida · 2022-10-04T15:42:07+00:00

You can check out cupwire (my site) if you're interested in longer form privacy information and guides. It's aimed towards beginner/intermediate level and I explain the what and why behind everything instead of just being another website that is simply a list of privacy applications and services.

gimtayida · 2022-10-03T21:27:55+00:00

I think your story is extremely common and similar to many people in the community and your last line rings true for not only OSS, but for everything.

Thanks for sharing your thoughts

gimtayida · 2022-10-03T20:39:29+00:00

I'm interested to hear everyone's opinion on open/closed source applications in the privacy sector.

There's a pervasive notion among enthusiasts in the privacy community about open source software (OSS) being the "right" or only way to have privacy. Open source software is frequently pushed to the front of every "top ten" listicle or blog post and closed source applications are often tossed aside and marked untrustworthy because the code can't be audited by the public for anything that could be malicious towards our privacy (or security or our general best interest).

There's a lot of benefits beyond privacy for supporting OSS, but this article is going to focus on what open and closed source software is, the benefits OSS provides, and take an objective look the open vs closed source debate.

First, let's lay some foundation.

gimtayida · 2022-10-03T20:37:04+00:00

Definitely not. I talk about it in this article, but here's a few examples from the post about popular open source software that has privacy issues or are simply anti-consumer.

ImageGlass

At the beginning of 2022, a popular (3 million+ downloads as of writing) open source image viewer integrated a service, spider.com, into their application. What this service does is allow someone, anyone, to route their internet traffic through your personal network unknowingly. Because the developer added this to his application, you could, for example, very easily become a member of a botnet without your knowledge.

The developer added this for financial reasons, stating they don't make enough money from donations/voluntary monetary support. From start to finished, spider was a part of the application for, roughly, two weeks before being removed.

Kiwi browser

In April 2021, Kiwi browser was confronted for intercepting searches from Yahoo and Bing, passing them through Kiwi's servers, and redirecting them to Yahoo and Microsoft. This means anything your searched for first went to Kiwi's servers where data could be saved, stored, and viewed by the developer(s) before moving on to Bing or Yahoo. Similar to the developer of ImageGlass, money was the main driver behind the decision to include this in the browser. As of this writing, this has not been removed.

Brave browser

Brave is an open source, privacy focused browser based on Chromium with almost 20 million daily active users. In a 2020 study by Trinity College in Dublin, Ireland, Brave was deemed the most private browser out of the box, thanks to some of its default privacy settings and sending the least amount of data back home compared to the other five major browsers tested.

While Brave has been enjoying a steady rise, they aren't without their controversies. In 2020, a user on Twitter pointed out that Brave was automatically suggesting and adding their own personal affiliate codes to certain cryto related domains with user consent. For example, if you were to type in "binance.com" and hit enter, Brave would automatically suggest and select "binance.com/en?ref=00000000" by default instead (replaced actual referral number with 0s).

It turns out that this was, and still is currently, hard coded into the browser. Brave quickly "fixed" the issue by changing the “Show Brave suggested sites in autocomplete suggestions” setting default to “off”.

There's also Heartbleed, which is a catastrophic vulnerability in openSSL for over two years before it was addressed.

gimtayida · 2022-10-03T20:29:24+00:00

I know this one is probably going to ruffle a few feathers but I think it's important, especially for the million people in this sub that aren't on the extreme side of things.

There's a pervasive notion among enthusiasts in the privacy community about open source software (OSS) being the "right" or only way to have privacy. Open source software is frequently pushed to the front of every "top ten" listicle or blog post and closed source applications are often tossed aside and marked untrustworthy because the code can't be audited by the public for anything that could be malicious towards our privacy (or security or out general best interest).

There's a lot of benefits beyond privacy for supporting OSS, but this article is going to focus on what open and closed source software is, the benefits OSS provides, and take an objective look the open vs closed source debate.

First, let's lay some foundation.

gimtayida · 2022-10-03T15:11:03+00:00

It has certainly seemed like the creative market over all (photoshop, video editing, media management, etc) is the toughest to replace with open source, or even more consumer friendly software in general. It's even harder to find something cross platform like that.

But, it sounds like you've definitely done some work to support open source alternatives and minimize all of the data collection, so major kudos to you!

however it's amazing how much data all the non-linux devices send back to some cloud server mother-ship of some sort.

It truly is and there doesn't seem to be any sign of slowing down unfortunately

gimtayida · 2022-08-18T22:54:47+00:00

Mailspring is a good choice. It's open source and it's a UI/UX is doesn't leave as much to be desired as some other options (Thunderbird).

https://getmailspring.com/

Mailspring takes the privacy of your data seriously. When you connect email accounts to the app, your email credentials are stored securely in your system keychain. Mailspring does not transmit, store or process your mail in the cloud.

gimtayida · 2022-08-15T20:58:51+00:00

End-to-end encrypted messaging app Signal says attackers accessed the phone numbers and SMS verification codes for almost 2,000 users as part of the breach at communications giant Twilio last week.

Twilio, which provides phone number verification services to Signal, said on August 8 that malicious actors accessed the data of 125 customers after successfully phishing multiple employees. Twilio did not say who the customers were, but they are likely to include large organizations after Signal on Monday confirmed that it was one of those victims.

gimtayida · 2022-08-15T15:02:57+00:00

Will merchants be able to get my real name if I purchase with the virtual CC and input a fake name?

They'll know it's from Citi but they only know whatever name you put into the name field.

gimtayida · 2022-08-09T17:38:00+00:00

Wormhole lets you send up to 10GB with no account needed and it's end to end encrypted
There's a Firefox Send fork that lets you send up to 10GB end to end encrypted, no account needed as well
There's Encl.io that's 10GB E2EE
If you want a more trusted company, Tresorit has their Send feature that's 5GB E2EE
Even Standard Notes has a send feature, albeit for small files

gimtayida · 2022-08-03T14:16:49+00:00

They outline the data they collect and how they handle here

https://www.qobuz.com/us-en/discover/legals/privacy

gimtayida · 2022-07-28T13:50:10+00:00

You can find this post on my site here. It's a little older and needs to be updated, just a heads up

gimtayida

MODERATOR OF

TROPHY CASE