I created an account while in the store with an email of fuckyou@thisisstupid.com and a basic password and surprisingly didn’t have to verify the email. Then turned on a VPN to my house.

I plan on just creating a new account every time I go in just to fill up their database with nonsense.

Coming from a company the preaches about privacy and rates privacy respecting businesses, while collecting telemetry and accepting 500M/ year to from google to promote their search engine… I’ll take this as the puff up piece that is is.

Its more so the principle. Many people that download Firefox are doing so to escape google, and if they are not born as cyber security experts they may download Firefox and continue with no real improvement to their privacy.

Secondly, the main thing you should look for is where a company gets its funding. If Mozilla gets almost 100% of its funding through google… How much do you really expect them to push back against the data collection of their userbase?

I rank Mozilla with the likes of ExpressVPN, NordVPN, etc. They preach privacy and security against surveillance… But its just theatre to make money in specific demographics.

I personally think is disingenuous to recommend something to casual users who are used to solving problems with money.

But the issue here is it is usually Firefox advertising themselves to customers so that they can have a subset of those customers actually use google.

They market themselves as a “download and be private” which interests the casual user who hears about how invasive Facebook and google is online and is looking for a nontechnical fix. This small subset of users on Firefox are what funds Mozilla to use googles money to fund their hobbies.

Yes, people should educate themselves, but I personally think it’s unethical for Mozilla to fund for-profit businesses that they control by exploiting this small, uninformed subset of their userbase and it makes it hard for me to trust them based on how they justify their means to an end.

And no, fuck brave, I’m for educating people on how the internet works and to educate themselves if they want privacy or security instead of trusting massive corporations.

Yea, it does seem weird… But money doesn’t lie. Its very easy to search online how Mozilla has enough money to lay for all their weird projects.

They even cost cut their nonprofit products like Firefox and Thunderbird so they have more money to burn on other hobbies.

They’re like a giant corporate MLM where users are encouraged to sell “privacy” to their friends and the profits syphon up to Mozilla where they cash out to google.

That doesn’t make any sense… If the URLs are server side that means there is no e2ee at any time because the server has to know when to shown the preview…

If that’s true disabling preview generation doesn’t really matter because the vulnerability would be elsewhere

I never used matrix, but do clients own the keys or are they stored on the server?

Have you posted a suggestion on github? I feel like this was a proof on concept during development and maybe it was forgotten about further along the life cycle.

E2ee doesn’t have to be 2 devices. It can be for any amount of endpoints as long as they have the key to decrypt the data.

For example my nextcloud instance has e2ee for my phone, computer, and tablet.

This is straight from their privacy policy:

We do not sell your personal information in a way that most people would think of as a sale. However, we do participate in online targeted advertising and use analytics which allows tech companies, in exchange for our use of their services, to use user information collected from our App to improve their own products and to improve the services they provide to others. Under some laws, this is considered our “sale” of your user data to third parties. You can opt-out of this as provided in the “How to Submit a Request” section below.

Checking the router is probably the only way to see if someone is active on your network.

Can anybody hack your computer? No. Most people only know how to run scripts that are known and patched in most operating systems.

There are skilled people who may be able to create an exploit or find a vulnerability in your computer, but they will mostly target businesses or people they know will be worth it to hack, so most likely they won’t bother you.

Generally if your on your own WiFi, having a WPA-2+ personal password is enough, but the more paranoid may have an IDS/IPS on their home network.

If your out and about, I’d personally use a VPN. I don’t like public ones and like to recommend setting one up on your home WiFi instead.

If you think you’ve been hacked… change your passwords and run virus scans. If you still don’t feel safe, backup your data and reinstall your operating system.