Hacker News with Generative AI: Privacy

2.8B Twitter IDs Leaked (forbes.com)
Elon Musk’s social media platform, X, is no stranger to the news. What with the reported purchase of X by xAI for $33 billion, attackers claiming responsibility for platform outages, and X password scams targeting users. Now, another shock awaits the users of what used to be Twitter: a self-proclaimed data enthusiast has just given away what is claimed to be a database containing details of some 200 million X user records. Here’s what we know so far.
DEDA – Tracking Dots Extraction, Decoding and Anonymisation Toolkit (github.com/dfd-tud)
Document Colour Tracking Dots, or yellow dots, are small systematic dots which encode information about the printer and/or the printout itself. This process is integrated in almost every commercial colour laser printer. This means that almost every printout contains coded information about the source device, such as the serial number.
FTC: 23andMe buyer must honor firm's privacy promises for genetic data (arstechnica.com)
Federal Trade Commission Chairman Andrew Ferguson said he's keeping an eye on 23andMe's bankruptcy proceeding and the company's planned sale because of privacy concerns related to genetic testing data.
Breach of X allegedly leaks over 200M users' email addresses (mashable.com)
An alleged X data breach has leaked the email addresses of more than 200 million users.
Discover European alternatives to popular SaaS (xwiki.com)
Let’s face it: Big Tech companies will always put their interests first. If Europe truly wants digital sovereignty, we need to stop handing over our infrastructure to Silicon Valley giants. Yet, despite all the talk, many businesses and governments still sign contracts with Microsoft, Google, and Atlassian, locking themselves into foreign control. We can’t afford to keep making the same mistake.
New in Gmail: Making E2E encrypted emails easy to use for all organizations (workspace.google.com)
At Google, we believe that secure, confidential communication should be available for organizations of all sizes. However, end-to-end encrypted (E2EE) email was historically a privilege reserved for organizations with significant IT resources, due to the complexity of S/MIME and proprietary solutions.
Over 200M Records Allegedly Belonging to X Leaked Online (safetydetectives.com)
Self-Hosting like it's 2025 (kiranet.org)
In recent years, self-hosting has emerged as a popular alternative to data-collecting, big-brother services.
Kagi for Kids (kagi.com)
The Kagi Family Plan is perfect for families wanting to search smarter, emphasizing learning over consumption while respecting your family's privacy.
Honey has now lost 4M Chrome users after shady tactics were revealed (9to5google.com)
Late last year the popular Chrome extension Honey (owned by PayPal) was revealed for employing a few shady tactics, and the extension has since lost around 4 million users on Google’s browser alone.
France fines Apple €150M for “excessive” pop-ups that let users reject tracking (arstechnica.com)
France's competition regulator fined Apple €150 million, saying the iPhone maker went overboard in its implementation of pop-up messages that let users consent to or reject tracking that third-party applications use for targeted advertising.
Privacy died last century, the only way to go is off-grid (theregister.com)
From smartphones to surveillance cameras to security snafus, there's no escape
ToS;DR (tosdr.org)
"I have read and agree to the Terms" is the biggest lie on the web. Together, we can fix that.
Cover Your Tracks (coveryourtracks.eff.org)
Test your browser to see how well you are protected from tracking and fingerprinting:
Moving 18 years of comments out of Disqus and into my 11ty static site (sachachua.com)
I've been thinking of getting rid of the Disqus blog commenting system for a while. I used to use it in the hopes that it would handle spam filtering and the "someone has replied to your comment" notification for me. Getting rid of Disqus means one less thing that needs Javascript, one less thing that tracks people in ways we don't want, one less thing that shows ads and wants to sell our attention.
Pixelfed leaks private posts from other Fediverse instances (fokus.cool)
Due to an implementation mistake, Pixelfed ignores this and allows anyone to follow even private accounts on other servers. When a legitimate user from a Pixelfed instance follows you on your locked fediverse account, anyone on that Pixelfed instance can read your private posts. You don’t need to be a Pixelfed user to be affected.
FBI raids home of prominent computer scientist who has gone incommunicado (arstechnica.com)
A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer Indiana University, and had his homes raided by the FBI. No one knows why.
Samsung Galaxy AI features can be set to on-device-only processing (tomsguide.com)
What no one is saying about the first city-wide facial recognition zone [video] (youtube.com)
Kink and LGBT dating apps exposed 1.5M private user images online (bbc.com)
Researchers have discovered nearly 1.5 million pictures from specialist dating apps – many of which are explicit – being stored online without password protection, leaving them vulnerable to hackers and extortionists.
Everyone knows all the apps on your phone (peabee.substack.com)
Until a few years ago, any app you installed on an Android device could see all other apps on your phone without your permission.
'Audible enclaves' could enable private listening without headphones (techxplore.com)
It may someday be possible to listen to a favorite podcast or song without disturbing the people around you, even without wearing headphones.
The Candid Naivety of Geeks (ploum.net)
Amazon recently announced that, from now on, everything you say to Alexa will be sent to their server.
When the physicists need burner phones, that's when you know America's changed (theguardian.com)
At international academic conferences recently, one sees an interesting trend. Some American participants are travelling with “burner” phones or have minimalist laptops running browsers and not much else. In other words, they are equipped with the same kind of kit that security-conscious people used to bring 15 years ago when travelling to China.
Today Google bricked my Chromebook by force-installing a hidden extension (cloudisland.nz)
Madison Square Garden Bans Fan After Surveillance System IDs Him as CEO Critic (gizmodo.com)
Madison Square Garden is home to the New York Knicks, one of the most storied performance venues in the country, and a surveillance state dystopia.
Windows 11 is closing a loophole that let you skip making a Microsoft account (theverge.com)
Microsoft is no longer playing around when it comes to requiring every Windows 11 device be set up with an internet-connected account.
I won't connect my dishwasher to your stupid cloud [video] (youtube.com)
Google tells Fitbit owners to move to Google or else (ycombinator.com)
You are receiving this email because there is an important upcoming change to your Fitbit account and action is required.
TV is watching you – Companies inventing new ways to make money off your data (vox.com)
Roku, Amazon, and practically every company in the streaming business are inventing new ways to make money off your data.