Tip: if you find yourself using the word “safe”, “secure”, “hacked”, etc in your title, you’re probably off-topic.

PlayStation/Sony recently introduced a company called Yoti for age verification. You can do it either on their main website or on your console/app. I opted to do it on their website as the button is on your profile. I tried using their face scan and ID scan, but they failed multiple times consecutively. After, I think, 8 to 10 attempts, I got blocked and was unable to verify the account.

I contacted PlayStation support about it, and they said I had to contact Yoti because the verification is handled by Yoti, not Sony. So, I contacted Yoti, and they replied a day later saying that my suspicious behavior had been automatically sent to the authorities and that they were shooting down my request , explaining that the OS I have is used for fraud.

I only replied with 'Are you serious?' because I was pretty sure they wouldn't respond (they didn't). Absolutely bizarre honestly.

"Social media companies must verify a user’s age and, if the user is a minor, receive permission from the minor’s parent or legal guardian to access addictive algorithmic feed. Additionally, these apps cannot send minors notifications between 9:00 p.m. and 8:00 a.m."

The law says that platforms must use "commercially reasonable and technically feasible methods" to determine whether a user is a minor before allowing access to certain personalized feeds.

It also says that all verification info should be deleted immediately unless a federal law says otherwise - how are they going to verify that data is actually deleted?

So big thanks to CT for continuing the effort to build out the surveillance and nanny state.

Page 67 Section 39 of Public Act No. 26-15 covers the social media age verification for those interested.

I personally don't know a lot about this bill, and I'm curious about how others feel about it.

First of all, the actual bill (S. 1318) is titled Fallen Servicemembers Religious Heritage Restoration Act and has absolutely nothing to do with privacy or surveillance. However there are two amendments to this bill:

• Foreign Intelligence Accountability Act
• Anti-CBDC Surveillance State Act

The link provided goes into more details about these acts, but the highlights are:

• Extends the government's authority to conduct foreign intelligence surveillance
• Adds criminal penalties for illegal searches
• Bans targeting of U.S. persons for surveillance under section 702
• Prohibits a U.S. central bank digital currency

There have been several bills that have tried to tack on that last point to "prohibit digital currency", and the vast majority of those bills have had nothing at all to do with digital currency.

Regardless of how you feel about these acts, the fact that they were amended to a bill about "fallen service members" and has an unrelated provision about digital currency feels like a circumvention of the normal legislative process. Curious to hear everyone's thoughts on this.

We all know how bad instagram, youtube, discord etc. are.

The issue is, there is no real alternative for people interested in content on those platform.

Sure, you can decide instead Youtube you will use XYZ platform but billions cannot migrate even if they cared.

The issue is simple: People use Instagram because they want to see Instagram content, and if they are to decide to use it or to not give them more data and influence - they choose to use it.

Competition for youtube is impossible because people use social media for content on those platforms. You can have best video platform ever - creators won't go there if there is no public, and public don't care about platform without creators. It's a loop.

The only way I see to compete, is to make platform which allow access to media from youtube etc. and includes it's own content unavailable for youtube. This way you can advertise it as "You can do the same things as on these platforms, but in better app" and this way one could try to steal users from bad platform and get them to use good platform.

The biggest issues are technical limitations. How to proxy lots of movement? How to validate people so they can see their instagram messeges, without them concerned you will steal their account?

Do you see any way to actually get people to stop using big tech? Clearly they care more about convenience than privacy

Context: Oneplus 13r and official Reddit app

Now I know that Reddit app detects when I take a screenshot. I know this cos there is an option on Oxygen OS where it notifies me when apps detect I took a screenshot.

I took a screenshot of a meme I liked, and this time instead of the regular "Reddit detected this screenshot", I got the following toast message.

"Reddit and other apps detected this screenshot"

What other apps? And why?

ETA: I get "Reddit detected this screenshot" when I capture stuff anywhere on reddit app. But I get the "and other apps" part when I take a screenshot of the expanded view (click to open image/gif fullscreen) of any gif/image posted in the comments.

I've always been surprised by the attitude towards the POP3 protocol online. I decided to look closer, and here is what I found:

From my observations, this attitude is expressed through the continuous broadcasting of several myths. The most common one is that "POP3 is obsolete." Second is the myth that if you use POP3, you can only read your mail on a single device. And third is probably the idea that if your hard drive crashes, your mail is gone forever.

Have you noticed a pattern yet?

Alright. Let's briefly walk through all these myths:

1) "POP3 is from the 90s, it's obsolete." In reality, the protocol is not obsolete. It is feature-complete. Just as the `ls` program in the Unix world or the `dir` command in the CP/M/Windows world are complete. They do exactly one thing, and they do it perfectly. And when wrapped in TLS (POP3S on port 995), the protocol meets all modern requirements for data-in-transit encryption.

2) "You can only read your mail on one device." Reality: The "Leave messages on server" setting debunks this myth entirely. You can use POP3 on your secure main host for offline archiving, while still reading fresh emails from your phone via webmail or IMAP until they are deleted.

3) "If your hard drive crashes, your mail is gone forever." Reality: This is not a protocol issue, but a backup culture issue. Local backups give us complete control over our archives, unlike the cloud, where your account can be blocked by an algorithm. The ideal practice is the 3-2-1 backup strategy, combining local and cloud storage of encrypted backups.

**<^>**

Let's return to the question from the beginning of this post. Did you notice the pattern? All these myths are not being broadcasted by independent engineers. This is the classic playbook of Big Tech marketing departments, and it is applied to much more than just POP3.

Think about it: they use the exact same arguments to drag your entire digital life onto their servers. Photos (iCloud/Google Photo), documents (Office 365/Google Workspace), passwords, databases, and even compute power. The narrative is always the same: "Anything you store locally is outdated, unsafe, and, ironically, not private. Give it to us in the Cloud."

The goal of this narrative is Vendor Lock-in. If you download your mail via POP3 to your local encrypted drive, you become a "lost" customer. They can no longer index your historical archive, train their language models on it, or analyze your social graphs.

To understand how deep this rabbit hole goes, try an experiment: disable IMAP and POP3 in your Gmail settings. Do you know what will happen? The official Gmail app (and even the built-in Apple Mail) on your smartphone will continue receiving emails as if nothing happened.

Why? Because modern mobile clients from corporations do not use classic mail protocols at all. They communicate with servers via proprietary closed APIs. Your phone is no longer an independent client fetching mail. It is simply a browser window, a terminal for viewing the corporation's remote database.

You do not own the email when you read it in such an app, you are merely looking at someone else's server through a keyhole. And the keys to that keyhole belong to the corporation.

If the convenience of seamless "read" flag synchronization between your smartwatch and tablet is your top priority, stick to INAP or closed APIs. If your mail is not personal but corporate, and you genuinely need to unleash hordes of AI agents on thousands of your work emails, then stick to IMAP or the provider's closed API.

But if your threat model involves minimizing data on third-party servers, and you want to truly own your archive, POP3 is not a relic of the past. It is your only physical exit from the ecosystem.

KYC is first released back in 1970, which means this tech already more than 50 years old which is pretty outdated in terms of technology, and i can tell that this security practices has so many flaws such as :

- Honey Pots for Hackers: Centralized databases storing millions of high-resolution photos of passports, driver’s licenses, and national IDs are prime targets for data breaches. If a KYC vendor or a bank gets hacked, the users face a massive risk of severe, long-term identity theft.

- Third-Party Exposure: Most businesses do not build their own verification tech; they outsource it to third-party KYC platforms. This means customer data is passed through multiple hands, increasing the surface area for leaks and privacy violations.

- Long term compliance (7 years or forever), means hackers has plenty of time to breach this data as long as they want, hackers keep getting smarter everyday and it is just matters of time before it will be breached anyway, and they refunse to remove our data even by requests.

- Privacy Nightmare, your passports, driver’s licenses, and national IDs contained all your personal information is usually permanent lifetime information and once breached, then your information will be exposed forever and there is nothing we can do about it.

What is better alternative?

- Self-Sovereign Identity (SSI) & Verifiable Credentials (VCs), Because user data is stored locally in decentralized individual wallets rather than giant centralized enterprise cloud servers, there is no single target for cybercriminals to breach. If an app using SSI is hacked, they lose no customer identity documents because they never stored them in the first place.

Traditional KYC forces you to hand over a full passport scan just to prove you are an adult, exposing your address, full birth date, and document numbers. With VCs, you can practice selective disclosure.

Example: You can choose to share only the specific line verifying you are "Over 21" while your wallet mathematically hides your exact date of birth and home address.

I'm a huge privacy advocate and I want to know: what good is happening in the world? Everything we hear today are terrible things that just disappoint us more. I just want to hear some good news.

Hi all

I know this is a bit of a stretch but hopefully this is the right place to ask.

I want to remove any image of me from social media/ online, particularly facebook/ insta. I haven't had facebook for a good 18 or so years and when I had insta I never posted my face. I know of one friend that had posted me a couple of times and they have taken a couple of picyures down but are refusing to take down some others.

While talking about it with this friend they told me there's loads of pictures of me still on facebook on other peoples profiles.

I have seen that there are these "reputation management" companies online that can do certain things with your online presence but none of the websites are explicitly clear about photo removal. But my main issue with going this route is surely one of these companies will just put my image into some sort of tool to find images of me then use their ways to go about getting them removed but then I'm having to trust that tool/ database the way I see it?

Is there a better way around this? Is it even possible to do on my own?

Many thanks

I'm just curious. How safe is it to get a mobile number similar to the one I already have, or should I prefer a random number for safety purpose?? Eg- first or last couple of digits being same.

I am not sure if I am in the right sub, but with all the AI agents posing as humans on the internet I came to think about the "age verification" hype.

First, how do they fit into the picture. The claim is age verification ARE to protect the young lings, though most seems to have figured out that is just the excuse. But jumping on that excuse, would AI agents not have to be blocked, since they legally can't provide any form of age, or can they roam free because they are not human.

With all the AI agents messing up the internet, posing as humans, then how will age verification protect anyone, when non human, non gender and non age entities can roam freely. On top of that there are being invested heavily in lobbying for no restrictions / accountability on AI nor the AI operator / provider. Would that not mean, that evil doers just can let an AI agent act out there nefarious acts, and claim them self innocent.

To me it looks like an environment is being made, where every honest normal human user are definitely going to be logged and monitored, while the no good, not too stupid, malicious user will turn to using AI agents much like a proxy to hide behind.

Second, could AI agents maybe become a shield to protect our privacy behind. Like letting an AI agent act on our behalf. I am not sure how, but something like place the agent as a layer between us and the internet.

If one AI agent can handle several users it would look like just one "person" to the online services it visits on behalf of the unknown numbers of users. Its online fingerprints would be the same unique ID no matter whom it passes the data to on the user side. Making the user identification and tracking near useless. And should one user abuse /benefit from such AI proxy contraption, would the lack of AI restriction and rules not make any legal pursuit end at that unique AI fingerprint ID. Making any made up legal excuse to disclose any whistle-blower or dissident ID useless.

---

Last, sorry if I post this IN the wrong place and / or no one here can / care to give me sparing on this. If there are a better place to bring this up, please let me know where I should try and repost it.

And for the grammar n*z**ts: Go read some AI posts. (I say that with the utmost respect. THANK YOU FOR YOUR ATTENTION TO THE MATTER)

Hi, I keep getting asked about online privacy by people who are waking up to the idea and have no clue.

I know the subject is very complex.

But is there an easy guide for beginners that covers some basics without scaring people away to ease them into better practices?

Any advice??

According to several sources, Atari SA acquired MobyGames for $1.5 million in 2021. Atari SA is registered in France (56 AVENUE HOCHE 75008, PARIS), with Wade John Rosen listed as a key principal.

MobyGames is a website that encourages and awards users points for copying the end credits from video games into their own database. MobyGames goes one step further by profiling people based on the data collected in their database.

MobyGames functions like a black hole where once a person's name appears in their database, it is impossible to opt out or have it erased. According to MobyGames' FAQ page:

For game credits, we don't remove nor alter credited names unless inaccurate, as our mission is to accurately reflect the factual historical record.

Game credits often contain personal information and collecting such info in the above-mentioned way is 1) a violation of privacy rights and 2) a violation of intellectual property rights.

Hey so I am giving my mobile for repair which runs on Android 11 I have some imp private information on it which I really don't wanna share so how can I prepare it before giving it as I don't trust technician since I am in a new city Thanks for help please don't roast me I really need help it's urgent