All of us have made privacy mistakes at some point in our privacy journeys. In an effort to help those earlier on in that journey, please share some of the mistakes you’ve made, and how you could have prevented it.

  • Avincentor@lemmy.ml
    61·
    20 days ago

    Advice my parents to use outlook. They were using an ISP email service which we had to get rid of. I wasn’t sure if tutanota was ready for them yet and they already were a bit familiar with outlook. It was a bit of a trade off back then.

  • LemmyHead@lemmy.ml
    1·
    10 days ago

    Having an Iranian close friend. They’re culturally in no way aware of why privacy is useful and important. So I have a complete profile on his phone with all my private data that’s synced to every service that syncs contact details. My pics and videos are uploaded to big tech and used to train AI because of the functions they provide to improve quality or made other modifications.

    • The 8232 Project@lemmy.mlOP
      16·
      21 days ago

      I knew Instagram was privacy invasive long before I ever started using it. Still decided to use it for some reason. Anyways, glad to have my dopamine receptors back.

  • TimeSquirrel@kbin.melroy.org
    29·
    20 days ago

    Using a VPN for torrents and forgetting to set it up to kill the network connection when VPN is lost. Got a couple “love letters” from my ISP that way.

    • satans_methpipe@lemmy.world
      1·
      20 days ago

      I taped my latest DMCA letter to the wall to remind myself of this. I also wrote a small script to kill torrent processes and eventually break the software adapter if needed if certain gateways are reachable.

      • LemmyHead@lemmy.ml
        2·
        10 days ago

        Looks like a hacky and far from perfect approach here. In the gap where you lose your VPN connection and the script triggers, there’s a timeframe that your torrent software will leak a lot of data. A better approach here is to enforce only VPN connections via your firewall. Whitelist outgoing connections to your VPN destination, blacklist the rest. On Linux make the torrent systemd unit also have a dependency on the VPN connection, that it: your torrent service won’t start if the VPN service isn’t active. So in case your VPN disables at some point,the firewall will still do its work.

        • satans_methpipe@lemmy.world
          1·
          5 days ago

          Thank you for the feedback. It’s very hacky and prone to failure. I’m in the process of migrating to all GNU operating systems. I know your suggestion will be easier to achieve on that path

    • CouncilOfFriends@slrpnk.netEnglish
      2·
      20 days ago

      After getting those nastygrams myself then having to troubleshoot some other issues, I’ve ended up using solely a private tracker (iptorrents because I couldn’t get an invite elsewhere) for torrents which I only use for manual search in radar/sonarr to minimize seeding space. Automatic downloads go through Usenet if I add something to my watchlist. I did have torrenting bound to PIA as a VPN in the past, but with Usenet and a private tracker I never felt the need to renew it.

  • monovergent 🛠️@lemmy.ml
    51·
    20 days ago

    It’s been quite a journey:

    • Posting accurate personal info to my Google+ account when I first signed up
    • Signing in to Google on my phone and browser
    • Using an Android phone from eBay of dubious origin
    • Sending confidential info via email
    • Using the same gmail address for everything
    • Signing up for things with my real info when it wasn’t necessary
    • Handing out my phone number to loyalty programs
    • Running hacked game APKs without checking for malware
    • Using the User Agent Switcher extension on MS Edge, which was subsequently updated to include an infostealer
    • Using browser extensions of unknown provenance

    How to avoid:

    • Ironically, Windows 10 started me on my privacy journey. Microsoft was in my face enough with privacy offenses that I began moving to Linux and investing time into my privacy.
    • Don’t post unnecessary info to social media.
    • Never email confidential info.
    • Use a password manager, or at least some organized text file if you have an encrypted disk.
    • FOSS software is more available and user-friendly than ever, always look for a FOSS alternative.
  • DeuxChevaux@lemmy.world
    12·
    20 days ago

    I changed the user-agent of my browser to “Error: No browser installed”. Can’t be more unique than that, I guess. That was 30 years ago, though, I don’t think it will hurt me today 😆

  • Sanctus@lemmy.worldEnglish
    4·
    21 days ago

    I still have digiaids from Limewire back in the day. I also regularly type “magic” between a certain you and a tube and I have no idea who operates that site.

  • Alwaysnownevernotme@lemmy.world
    2·
    20 days ago

    Recently I got conned into giving a couple websites my email address for an alleged discount thinking, well I’m going to give it to them with the purchase anyway. Only for them to then request my phone number.

    Couple lost sales for them.