The client is open source, so it doesn’t matter what the server code is, you can see everything the client sends and therefore tell what possible data is being collected.

It’s run by a non-profit so there’s no shareholders to please.

Your messages and decryption key are not stored on their servers.

It’s been independently audited.

They have publicly posted responses to user information requests where they only provide the account creation date and last access time.

The (admittedly incompetent) US government recommends using Signal (for non-classified information) and top officials have been caught using it (Houthi Working Group).

You can never be 100% sure, but it appears to have excellent security and privacy.

As in a name reporting the issue, or a name from the payment provider?

It’s on the FSFE homepage if you need confirmation of the story: https://fsfe.org/news/2026/news-20260316-01.en.html

they don’t work because you can just uninstall them or turn them off. Unless you give someone else admin access, you’re able to remove the block.

or pick up your phone.

or use a different computer.

or visit the web address instead of using the app.

Set a timer and stick with it.

First they came for my email address, and I did not speak out because I had nothing to hide. Then they came for my phone number, and I did not speak out because I had nothing to hide. Then they came for my precise location at all times, and I did not speak out because I had nothing to hide. Then they came for me and had evidence that I emailed a nearby business a month ago, called a nearby business last week and location data said I was nearby at the time of the crime and there was no data left to speak for me.

A SIM card only gives you cell phone service. The cellular modem on your phone still connect to towers you’re still tracked by your IMEI, you can still make emergency calls, your phone is still pinging towers, you’re just making things inconvenient for yourself

The link may have an identifying code in it, that was custom generated just for you, and would be different in emails sent to other Anker customers. It would not matter from which device or IP address you viewed it from, if the URL has identifying information in the URL parameters.

he really did!

There’s really not much to say. He posted an AI generated video of himself, wearing a crown, dumping shit on protesters from a fighter jet.

https://www.nbcnews.com/politics/donald-trump/trump-posts-ai-video-dumping-no-kings-protesters-rcna238521

Just because the laptop is powered down does not mean that no circuits are getting power. Wake on LAN/WLAN is a thing, and most devices without a physical power switch, (a power bitton is not a switch), mean that there is a miniature power draw listening for that signal. The manufacturer might have other bits that are still active as well, you can’t be sure. If your ultra paranoid about state level actors it might be a good idea. If you’re just worried about somebody swiping your credit card number or something, probably overkill.

if i had an account decades ago (real names only era), and deleted every post (manually) and my account when a .edu wasn’t going to be required anymore, and I currently use noscript + uBlock origin, apple devices with Brave, how much of this stuff do you think the company has?

Do you think my name shows up in other people’s accounts even though I don’t have an account?

Web pages are not allowed to list your extensions. They can indirectly surmise you have certain extensions based on how your requests differ from expectations. For example, if they have advertisements, but your browser never actually makes any requests to load the images, CSS, JS or HTML for the advertisements, they can deduce you have an ad-blocker. That’s a datapoint they now have to ID you: “has an ad-blocker”

Now let’s say they have an ad they know AdBlockPlus allows, but uBlock Origin doesn’t. They see your browser doesn’t load that ad. Another datapoint: “Not using AdBlockPlus”.

Based on what requests go back and forth between your browser and their servers, they map out a unique fingerprint.

Now you visit another site, and lo and behold, all the same quirks are found. Tada, they now say “hm, probably the same browser,” and start personalizing content. Site use an ad network, so it’s the common denominator, not the sites you visit. The ad networks do the between-sites tracking.

also, VPN does diddly squat when you login to some service like google, facebook, xitter, amazon, outlook, reddit, etc. You logged in as you. They don’t give a shit you’re logging in from another IP. And if the sites are working with the same ad network, if you’ve ever logged in from your real IP even once, they they just add another datapoint about you: “Sometimes uses a VPN” and that gets tucked away in your permanent record.

nothing you do online is private. I’m not saying “give up” but it’s pretty bleak and I don’t see it getting better anytime soon.

i fucking love that this exact problem was solved until Reddit unsolved it by charging exorbitant API fees and effectively killed 3rd party apps and forced everyone onto their shitty app.

e n s h i t t i f i c a t i o n

public static void itWasJustADream(Person) 

you dropped this: \

sudo chown user:user -R / will get me to reinstall.

That’s not the way they would track you. If you use the same email address for both accounts, a data broker on the back end will be able to connect them because you used the same email address. It’s not about the IP address. It’s about your identity. And if you’re like oh well I’ll just make a new email for each site, Gmail requires that you use a phone number to sign up. Most email providers do. So then they would just connect you by your phone number because you needed to use those on both email addresses. Privacy is nonexistent on the web. Mind you this happens because LinkedIn shares your data with “third-party partners and service providers”. There’s nothing that you can do to stop this.

only in theory. in reality, only one person would ever buy it then re-release the source code for free-as-in-beer. unless you’re talking about something other than GPL2/3.

Damn. Oh well.

weird way to spell “run DOOM” but okay.

Give it to the dev, and explain the situation. Let them know it seems too big/complex of a PR, but you’re willing to make additional changes, or break up PR to make it more palatable for merging. It’s in the dev’s hands after that.

I don’t think you should release your own fork without at least trying to work with the original project.

Make sure all your commits have detailed commit messages so that the dev can follow what you were doing (upgrading deps, refactor because xyz, etc.) Don’t just record what was changed, explain why it was changed.

anyway that’s what I would do.