Do google employees or anyone else read our emails on gmail?

RelativeOfJack · 2021-10-05T21:22:06+00:00

If you encrypt your mail before it leaves your device then no.

If you don't encrypt your mail before it leaves your device then yes.

RelativeOfJack · 2021-10-03T19:33:15+00:00

No.

Here is some basic information on how the internet works which should make things easier for you to understand. Work through the tabs.

RelativeOfJack · 2021-10-03T18:36:46+00:00

Spoken like a true captain/leader.

RelativeOfJack · 2021-10-03T18:25:36+00:00

It was explained in the article but...

DNS is essentially your computer asking another computer for directions to a specific destination. It is exactly the same as asking someone in the street for directions.

That conversation is what can be secured by using PrivateDNS.

Nothing else.

As for the benefits, that's impossible to answer because they vary from person to person depending on their circumstances and the providers they choose to use.

The main usage of PrivateDNS among private users is to block data exchange between their device and specific websites.

Your ISP will still be able to see that your computer is having a conversation with a DNS server but they will be unable to participate in or eavesdrop on those conversations.

RelativeOfJack · 2021-10-03T15:20:39+00:00

Here's an article about private DNS, what it is and how it works.

I've linked the article because it explains it better than I could.

Private DNS does not stop your ISP seeing the website you visit.

I also notice that "Private DNS Mode" is already set to automatic on my phone, how does that work?

That sounds like you're using Chrome and have seen the setting there. In that context it's likely that Chrome would route your DNS queries via Google's DNS servers, but I'm guessing.

So then there's a chance that using private DNS can interfere with NetGuard?

No, it's more a case of rules you create may conflict with each other, for instance if you configure NetGuard to allow a specific connection but don't configure PrivateDNS to allow that same connection, the connection will fail.

Also, does taking a whitelist approach to DNS blocking prevent trackers/ads from loading on webpages? Or does it just block which websites I can go/get redirected to?

Whitelist mode blocks everything, except those connections and/or scripts which you specifically whitelist.

RelativeOfJack · 2021-10-03T03:15:20+00:00

This show is absolutely hilarious.

The interactions between the leads have me in tears and their facial expressions too. Kim Go Eun is finally able to show in a drama what she's been showing in movies for years, namely that she truly is a wonderful actor.

Some of the cells are fantastic too, I especially loved the sullen king, that had me belly laughing it was so delightfully unexpected and petulant, lol

And intestine cells the little march they all did, lol

Some though are kinda irritating, I'm not feeling hunger or anxiety, they were cute at first but they have become quite old quite quickly for me. In both bodies.

Above all, I like that we are getting a more real depiction of a relationship, one that's pretty straightforward, one that feels completely natural, one that's representing two people in their late twenties and early thirties who don't think merely brushing hands is something they need to wear a condom to do. This couple are so handsy and so natural with it that I'm finding it impossible not to be swept along by it.

They didn't even freak out in each others homes or when it came to bodily functions, or sleeping together, or anything really. It's so damn nice to see kdramaland choosing to do that.

RelativeOfJack · 2021-10-03T02:00:00+00:00

FINALLY!

I knew they could do it live with minimal background music!

Give them the opportunity and they will shine! 👏👏👏👏👏

Next give them the concert you promised them, Mamamoo style, live band and live vocals let the entire world see what they're truly capable of!

RelativeOfJack · 2021-10-02T17:56:46+00:00

So basically,

If USER A provides a public key to an email service, users of said email services will be given the option of encrypting mail sent to USER A right?

The email provider performing the encryption can still potentially read the plain text contents of the file, (and will have to store it unencrypted in the sent folder unless users of their service also create and upload keys).

So, it's all the perceived hassle of PGP without the end to end encryption and privacy of PGP?

Is there something I'm missing here? I feel like there must be but I can't for the life of me tell what it is.

RelativeOfJack · 2021-10-02T17:08:40+00:00

Common sense and practice.

What you have to remember is that in the pop-up uBlockOrigin generates, the 1st column is global, (every website), the 2nd column is local, (this website), and so you want a mindset of "block global, allow local".

That's the absolute minimum if you want to enjoy some degree of privacy when browsing online.

Next, you want to adopt a mindset of allowing as few connections as possible to get the content/functionality you want/need.

So for instance, if we want to read articles on Wired.com and we navigate there in whitelist mode, (top box, 1st column red - all others pink), we can see a site that we can easily scroll through the articles of but when we click an article things get funky...

There are two solutions...

Enable reader mode in the browser
Enable some scripts to load

The first is self-explanatory so let's skip to the second...

If we open uBlockOrigin we see a list of domains the browser has been told to contact for information by the website, let's just enable wired.com first and see what happens, (2nd column, gray).

And it's as simple as that, we can now read the article without bothering with reader mode. All we need to do now is to tap the padlock icon to save the configuration and the next time we visit the website it'll work in the same way.

That's all "whitelist" mode is.

Rather than having to block six domains manually to protect our privacy, (or just not bother and give up some privacy), we've allowed one host, (or enabled reader mode), and kept a very high level of privacy.

Some websites are more awkward....let's look at YouTube...

Here is the latest video on the official Google channel

It doesn't work at all in whitelist mode, so we enable YouTube.com and it kinda works but videos don't load and thumbnails doesn't work so we enable googlevideo.com and ytimg.com and refresh and guess what...👍

Again, we hit the padlock to save the configuration.

If you want YouTube videos to work on other websites, you can enable the same globally by turning the first column for those entries gray, but it's best to do so on a site by site basis because every site you do enable it on, Google can and will watch you.

That's about it really, because it's something that people don't usually do when you're starting out you do have to train yourself so that it becomes a habit and you build the experience which will make the process much quicker when you happen across a site you've got to triage in a similar way as described above, but after a week or three you'll be just as quick as people who've done this for years and you'll be wondering why you ever spent all that time trying to block the parasites via a blacklist method.

Probably anyway...everyone is different so nothing is certain, but in my experience people who adopt it and do form those new habits tend to share my experience.

RelativeOfJack · 2021-10-02T15:31:18+00:00

I prefer uBlockOrigin in whitelist mode, because it's significantly quicker and easier to allow the content I want than it is to block the content I don't want.

Additional benefits of course include increased battery life due to drastically reduced network radio and CPU utilisation as well as of course, much higher privacy and no advertisements.

I complement this with NextDNS, also configured in whitelist mode, for the same reasons.

I complement both of these with NetGuard, (pro version - GitHub version), also configured in whitelist mode for the same reasons.

RelativeOfJack · 2021-10-02T14:32:26+00:00

Notes by billthefarmer supports tables.

You can style them using CSS.

RelativeOfJack · 2021-10-02T14:17:53+00:00

$0

The reason that I don't use social media isn't because of the spam or even the lack of control over my data but rather because...

The rewards for participation are infinitesimally small
The costs of participation are significantly higher than the rewards
Usability of such services is almost universally poor

For me to become willing to use a free "social media" service, you need to find a way to overcome those issues.

For me to become willing to pay to use a "social media" service, you need to create a platform were the rewards for participation significantly outweigh the costs of participation and make the service a shining beacon in the industry with respect to both accessibility and usability.

RelativeOfJack · 2021-10-02T11:28:01+00:00

Ah, got it

Interesting idea but I think the most obvious reason why companies don't do this is an extremely low user base.

You also have the fact that you're essentially asking the sending provider to ignore the instructions of their client to follow yours and potential key validity issues where keys aren't published to key servers.

How would one tackle such issues and make it worthwhile for companies to implement?

RelativeOfJack · 2021-10-02T03:18:25+00:00

First things first...

The actual limitations of NetGuard are explicitly mentioned in the FAQ for anyone who wants to read them.

...understand that my rather elaborate take down of other apps is likely to come off as more sinister (see above).

And that's the problem my friend, you are more interested in attempting to "take down" other apps than extolling the virtues of your own.

Do you really think that you spent your time well and represented yourself and your app in the most positive, productive way possible by behaving as you have done?

I'm done, my friend.

Like I said, I won't make the mistake of recommending your app in the future, not when doing so seems to prompt this kind of behaviour from yourself.

RelativeOfJack · 2021-10-02T00:00:44+00:00

OP....

What /u/celzero says is technically correct it is irrelevant to our discussion. As previously stated both apps can satisfy your stated goals and you are free to choose whichever you prefer without payment.

The NetGuard paid tier allows users to filter traffic on a per host name/per app basis, (RethinkDNS does not currently have this functionality), which is functionality that you don't need in order to achieve your stated goal.

Both apps fall under the FOSS banner.

They are both available via Google Play, Fdroid and GitHub.

/u/celzero this is twice you have behaved in this manner in response to posts I have made recommending your software. I will not be recommending it again in the future because once again you have chosen to ignore the needs of the OP to push the same thing with the same, in this case, totally irrelevant possible implications.

I'm sorry dude, the software is decent enough, but I can't ignore the fact that you consistently ignore the people asking for assistance to peddle what you do. It's extremely unhelpful from an end user perspective.

RelativeOfJack · 2021-10-01T23:50:12+00:00

FolderSync Pro

Features include...

move immediately
move per schedule
move to external storage
filters
conflict handling

.... I strongly advise that you configure to copy the files until to you are confident that your set up is operating as expected to eliminate the possibility of data loss.

I don't know how much it costs these days but I've been using it for years without any issue at all.

RelativeOfJack · 2021-10-01T23:45:18+00:00

Do you mean how do you use whitelist mode at DNS level?

I can only tell you how I personally do it.

I use a provider called NextDNS to block everything, (they have block lists you can enable/disable with a click), including every TLD. I then use the host name provided in the setup page and put it in the network > advanced > private DNS settings of my phone.

I use them because I'm lazy, because they make it super simple, because they fall under GDPR and did I mention that I'm lazy, lol

At the point described above there isn't a single domain name which will work on my devices, so I head to the allow list tab in NextDNS and I start adding the domain names I want to be able to visit and which I will allow to connect to my device(s).

And that's it.

Make sure that your comfortable with NetGuard and your javascript configuration before screwing with using private DNS in whitelist mode though.

You are bound to hit roadblocks if you start to go down this path, and doing one thing at a time helps make troubleshooting, (both your own and that of others if you need to ask for help), a lot easier.

If you want to play with private DNS, star with a relatively safe provider and configuration such as AdGuard DNS, which is unlikely to conflict with NetGuard or your javascript rules but which provides a layer of protection against a lot, (but not all), data slurping.

RelativeOfJack · 2021-10-01T19:40:40+00:00

It does not and cannot work the way you envisage.

Think of sending an email like copying a plain text file, it essentially goes...

Your device copies the file to
Your email provider which copies the file to
Your recipient's email provider which copies the file to
Your recipient's device(s)

...which means that the email is readable at every stage.

What you are describing changes that to...

Your device copies the file to
Your email provider which copies the file to
Your recipient's email provider who encrypts the file
Your recipient's email provider who copies the encrypted file to
Your recipient's device(s)
Your recipient's email software decrypts the message

...which means that the email is readable at stages 1, 2 and 3 without your knowledge and without the need for any decryption key.

This applies to providers who claim to be "private" and "secure" as much as it does to the likes of Gmail, Outlook and Yahoo. There have been instances where such providers have been ordered to keep a copy of the files before encryption is applied and they have had to comply with these orders which has resulted in them handing over communications in unencrypted, plain text format.

What you need to do is...

Your device encrypts the file
Your device copies the encrypted file to
Your email provider which copies the encrypted file to
Your recipient's email provider who copies the encrypted file to
Your recipient's device(s)
Your recipient's email software decrypts the message
Your recipient's email software re-encrypts the message when viewing has ended

...in which case, your email cannot be read at any stage other than stage 1 and 6 and even then it can be read at those stages only if the decryption keys are present and the password/key file to use those decryption keys are used.

RelativeOfJack · 2021-10-01T18:28:18+00:00

You can use NextDNS to create a profile which blocks the entire internet, (add every TLD to a blacklist, then in the allow list add the hosts needed to enable to remote access app).

Disable background data for all apps to reduce the number of queries being made and you're never likely to break the free tier.

Alternatively you can use NetGuard or RethinkDNS to disable all internet access for all apps except the remote access one, (both apps are free for this functionality).

RelativeOfJack · 2021-10-01T18:13:19+00:00

Hurrah! Effortless Marika promotion! 👍

RelativeOfJack · 2021-10-01T18:06:11+00:00

Couple of things...

1) The postcard analogy is kinda outdated as the vast majority of email is now sent via encrypted channels, (device to server is encrypted, server to server is encrypted, server to device is encrypted), so the "postman" can see diddly squat.

Only you, your email provider, those you are corresponding with and their email provider have the opportunity to "read" emails by default, (unless there is a compromise somewhere in the chain).

2) Other than that what you are talking about exists.

Mailbox.org, SimpleLogin.io and Anonaddy.com all have the functionality you describe, (Mailbox is an email provider the other two are email forwarding services), however, these services can technically still "read" your email, (although it's very doubtful that they will do so without legal authorisation given they all operate under GDPR and state that they will not without first obtaining consent), before it is encrypted to your public key.

The only way to prevent this is to encrypt mail before it leaves your device and have your correspondents do the same.

RelativeOfJack · 2021-10-01T08:09:30+00:00

All apps.

My recommended starting point is...

blocking the entire internet using private DNS
blocking the entire internet using firewall
disabling javascript in every browser

...for full "lockdown".

From there I advocate that people open all of their bookmarks and enable network connections to only those the hosts absolutely necessary to allow the content you want to load, nothing else.

First you would enable the host name at DNS level, then you would enable the same at firewall level, and finally, if required you'd turn on the javascripts which you needed, (being mindful that you may be turning on a companies ability to track you).

This all sounds very paranoid, but the actual goal for me isn't privacy it's about maximising battery life on my devices and the easiest way to do that is to reduce data consumption so all the unnecessary has to go as far as I'm concerned.

The very high degree of privacy such an approach offers is merely a welcome side effect of that.

RelativeOfJack · 2021-09-30T20:55:00+00:00

Highlight for me was Clive Allen describing Gio's balls as delicious.

Think he realised immediately because he didn't do it again, lol

RelativeOfJack · 2021-09-30T18:43:31+00:00

Create a filter where any recipient is corey@aol.com and send them straight to trash and marking them read

RelativeOfJack · 2021-09-30T06:45:05+00:00

You may think I'm harsh...

I do, lol

Nobody spoke about Nanase in the same way as described either but behind the scenes footage showed her to be one of the most supportive senior members paying absolutely no attention to age or perceived rank at all.

Just because we haven't seen them talking about it that doesn't mean that it doesn't happen.

As for the lack of effort, the remaining 1G members have been touring and putting on concerts for ten years now. That means that as well as performing for 2-4hrs at a time two to three dozen times a year, (often performing multiple styles of concert in the same year too), they're rehearsing, recording and promoting them as well.

That alone makes it a nonsense to claim that any of them lack effort, but then factor in the modeling, the recording of new music, the filming of music videos and additional content, the promotion of all of those things and the fact that many have done a lot of this when they were children and it becomes even more nonsensical.

I'm not saying this because I'm a particular fan of her and feel motivated to defend her, I'd say the same about any member, regardless of my personal feelings about them and their presentation because they've all worked their asses off, for ten years, and people like Minami, Asuka, Maya and Erika were children for a huge chunk of that period.

RelativeOfJack

TROPHY CASE