All of us have made privacy mistakes at some point in our privacy journeys. In an effort to help those earlier on in that journey, please share some of the mistakes you’ve made, and how you could have prevented it.

  • Alwaysnownevernotme@lemmy.world
    0·
    6 months ago

    Recently I got conned into giving a couple websites my email address for an alleged discount thinking, well I’m going to give it to them with the purchase anyway. Only for them to then request my phone number.

    Couple lost sales for them.

  • Ulrich@feddit.orgEnglish
    0·
    6 months ago

    True story:

    When I was a kid I wrote a review for Dexter’s Laboratory on the internet. I wrote “I think the show fuckin sucks!”. I don’t know why. Again, I was like 10. AOL ratted me out to my parents somehow and I got banned from the dial-up for a week.

    • The 8232 Project@lemmy.mlOP
      0·
      6 months ago

      I knew Instagram was privacy invasive long before I ever started using it. Still decided to use it for some reason. Anyways, glad to have my dopamine receptors back.

  • yonder@sh.itjust.works
    0·
    6 months ago

    I use Discord, though only in a web browser and only for semi-public chats. I might be using Discord less if I had gotten some friend groups onto something like Matrix.

    • Grey Cat@lemmy.worldEnglish
      0·
      6 months ago

      Same, I can recommend vesktop to at least have a dedicated window for it, + some customization. I used discord-sandboxed before, but that stopped working.

  • monovergent 🛠️@lemmy.ml
    0·
    6 months ago

    It’s been quite a journey:

    • Posting accurate personal info to my Google+ account when I first signed up
    • Signing in to Google on my phone and browser
    • Using an Android phone from eBay of dubious origin
    • Sending confidential info via email
    • Using the same gmail address for everything
    • Signing up for things with my real info when it wasn’t necessary
    • Handing out my phone number to loyalty programs
    • Running hacked game APKs without checking for malware
    • Using the User Agent Switcher extension on MS Edge, which was subsequently updated to include an infostealer
    • Using browser extensions of unknown provenance

    How to avoid:

    • Ironically, Windows 10 started me on my privacy journey. Microsoft was in my face enough with privacy offenses that I began moving to Linux and investing time into my privacy.
    • Don’t post unnecessary info to social media.
    • Never email confidential info.
    • Use a password manager, or at least some organized text file if you have an encrypted disk.
    • FOSS software is more available and user-friendly than ever, always look for a FOSS alternative.
  • yourFanatic@sh.itjust.worksEnglish
    0·
    5 months ago

    If you decide to use Google Messages on an Android custom OS, set up Contacts Scopes (if you can) or else it it will have access to all of them around the time you first open the app.

  • Sanctus@lemmy.worldEnglish
    0·
    6 months ago

    I still have digiaids from Limewire back in the day. I also regularly type “magic” between a certain you and a tube and I have no idea who operates that site.

  • TimeSquirrel@kbin.melroy.org
    0·
    6 months ago

    Using a VPN for torrents and forgetting to set it up to kill the network connection when VPN is lost. Got a couple “love letters” from my ISP that way.

    • CouncilOfFriends@slrpnk.netEnglish
      0·
      6 months ago

      After getting those nastygrams myself then having to troubleshoot some other issues, I’ve ended up using solely a private tracker (iptorrents because I couldn’t get an invite elsewhere) for torrents which I only use for manual search in radar/sonarr to minimize seeding space. Automatic downloads go through Usenet if I add something to my watchlist. I did have it set up using PIA as a VPN in the past, but with Usenet and a private tracker I never felt the need to renew it.

    • satans_methpipe@lemmy.world
      0·
      6 months ago

      I taped my latest DMCA letter to the wall to remind myself of this. I also wrote a small script to kill torrent processes and eventually break the software adapter if needed if certain gateways are reachable.

      • LemmyHead@lemmy.ml
        0·
        5 months ago

        Looks like a hacky and far from perfect approach here. In the gap where you lose your VPN connection and the script triggers, there’s a timeframe that your torrent software will leak a lot of data. A better approach here is to enforce only VPN connections via your firewall. Whitelist outgoing connections to your VPN destination, blacklist the rest. On Linux make the torrent systemd unit also have a dependency on the VPN connection, that it: your torrent service won’t start if the VPN service isn’t active. So in case your VPN disables at some point,the firewall will still do its work.

  • bitwolf@sh.itjust.worksEnglish
    0·
    6 months ago

    Before really learning about the implications, I had used the same alias on dozens of sites. I had hoped for serendipitous interactions.

    Its taken forever to track down and clean up all of those old accounts.

  • Avincentor@lemmy.ml
    0·
    6 months ago

    Advice my parents to use outlook. They were using an ISP email service which we had to get rid of. I wasn’t sure if tutanota was ready for them yet and they already were a bit familiar with outlook. It was a bit of a trade off back then.