¶ Start of podcast
Welcome back to This Week in Privacy, our weekly series where we discuss the latest updates with what we're working on within the Privacy Guides community and this week's top stories in the data privacy and cybersecurity space, including Meta's AI glasses are getting creepier somehow, vulnerabilities in popular cloud-based password managers, reminders about the privacy concerns of AI, and more. I'm Nate, and with me this week is Jordan. Hello, Jordan. How are you? I'm good, thanks.
Ready to dive into this week's top stories in data privacy and cybersecurity. All righty. Before we do that, for those of you just joining us, Privacy Guides is a nonprofit which researches and shares privacy-related information and facilitates a community on our forum and matrix where people can ask questions and get advice about staying private online and preserving their digital rights. One more quick piece of business before we jump in.
We want to thank misanthropic forty two on YouTube for becoming a member. If you become a member on YouTube, you get videos a week early. It gets you a little badge in the chat. And if you want to support us and you don't use YouTube, we will talk about how to do that a little bit later. But first, we're going to jump into our story about Meta's facial recognition glasses. Jordan, why don't you go ahead and take it away?
¶ Meta Plans to Add Facial Recognition Technology to Its Smart Glasses
Yes, so for anyone who's sort of out of the loop, Meta has been creating a new smart glasses brand for the last couple of years now. And now they've announced their plans to add facial recognition to its smart glasses. Basically how these glasses worked before was that they had a camera built in and they allowed you to record and do sorts of you know, smart activities on them. But now they're planning to add facial recognition.
So quoting from this article by The New York Times here, five years ago, Facebook shut down the facial recognition system for tagging people in photos on its social network, saying it wanted to find the right balance for a technology that raises privacy and legal concerns. Now it wants to bring facial recognition back. Meta, Facebook's parent company, plans to add the feature to its smart glasses, which it makes with the owner of Ray-Ban and Oakley.
As soon as this year, according to four people involved with plans who are not authorized to speak publicly about confidential discussions, the feature, internally called NameTag, would let wearers of smart glasses identify people and get information about them via Meta's artificial intelligence assistant. Meta's plans could change.
The Silicon Valley company has been conferring since early last year about how to release a feature that carries safety and privacy risks, according to an internal document viewed by the New York Times. The document from May described plans to first release name tag to attendees of a conference for the blind, which the company did not do last year before making it available to the general public.
Meta's internal memo said the political tumult in the United States was good timing for the feature's release. Really? Really? I don't know about that. We will launch during the dynamic political environment where many civil society groups that would expect to attack us would have their resources focused on other concerns, according to the document from Meta Reality Labs, which works on hardware, including smart glasses.
So I guess this is sort of, we should say from a privacy perspective, having glasses that you can just basically walk around and record people. It does have, you know, protections against recording people, obviously. Like there are... a single light on one side of the glasses, which is meant to alert somebody if they're being recorded. But it's extremely common for people to basically do a DIY hack to disable the light so they can record people without their consent.
And I think this would also be quite a huge problem if we are using facial recognition on glasses because, again, you would be able to use the glasses to identify people without their consent and they wouldn't know that they're being recorded or being identified. I think it goes without saying, though, this is definitely meta glasses were already creepy and this is just a move to make them even more creepy and invade people's privacy.
So there was, I don't know if people remembered, but there was a a video floating around a couple of years ago, and just quoting from the New York Times article here, MetaSmart glasses have been used to identify people before. In twenty twenty four, two Harvard students used Ray-Ban Metas with a commercial facial recognition tool called PMIs to identify strangers on the subway in Boston, and then they released a viral video about it.
At the time, Meta pointed to the importance of a small white LED light on the top right corner of the frames that indicates to people that the user is recording. So I think this is an extremely flimsy response, especially because of how easy it is to disable and cover. I think That's a little bit ridiculous that that's the only protection that the company is sort of pointing to. So yeah, basically this is what they're saying, the AI assistant.
So metasmart glasses require a wearer to activate them to ask the AI assistant a question or to take a photo or video. The company is also working on glasses internally called super sensing that would continually run cameras and sensors to keep a record of someone's day, similar to how AI note takers summarize a video call meetings, three people involved with the plan said. And they're saying that the facial recognition would be a key feature for super sensing glasses.
So they could, for example, remind wearers of tasks when they saw a colleague. Mark Zuckerberg has questioned if the glasses should keep their LED light on to show people that they are using the super sensing feature or if they should use another signal. One person involved with the plan said, I think this is Obviously there needs to be more protections, but I think this sort of tool shouldn't actually be allowed, right?
Because I feel like a lot of the laws we have around like photography and recording in public spaces is it's based on very old things, right? Like back, fifty years ago when people were journalists. The only people that had cameras were journalists taking photos for, you know, newspapers and stuff like that.
That obviously makes sense, but basically recording every single person you interact with and then using facial recognition on them is clearly an invasion of not only that person's privacy, but everyone you're interacting with, so... I can't believe that uh they would actually consider putting this out it kind of makes sense because you know like they said they're trying to push it out at a time when people aren't as fully engaged on this stuff and I'm sure this is
what a lot of companies do when they're pushing out a lot of these um awful stuff so yeah that's sort of what I was those were my primary thoughts on this but um Nate do you have any thoughts um after having a look at this article I have several as usual, um, where to begin, uh, I guess just to add a little bit more, um, a little bit more of the facts to the context of this, actually, no, let me start with this. This is a solution in search of a problem.
And the reason I say that, uh, for people who disagree with me for some reason, um, the reason I say that is because. Meta this article details basically that this plan is super early in development. And meta is really trying to figure out what this is going to look like. And basically what's happening is open AI has announced that they're going to release their own glasses for some reason. Um, cause they keep like any great company, they keep adding things.
Nobody asked for it to a product that everybody was perfectly happy with. And then I think snap has been wanting to release glasses for years as well. And, um, who I think there's someone else, but basically the space is starting to have competitors. And so they realize like, well, we need something that makes us stand out. And so now they've literally thrown around the facial recognition, I think is the leading idea, but I want to say there were other ideas they were tossing around too.
And so, yeah, there's a lot of different like there's a lot of different discussions that they're still having internally. Like what is this facial recognition gonna look like? Like, for example, they say here in the article, possible options include recognizing people a user knows because they are connected on a meta platform.
So like, for example, if you're friends with somebody on Instagram and you're out shopping and they walk past you in the grocery store, your glasses will ping and be like, Oh, Hey, that's that person. Which to me is ridiculous because like, I don't necessarily need to know every time one of my friends walks past me. And also like, what if you're really not that close? Like there's just, there's so many problems with this. And, um, I've actually had this happen to me.
Not obviously not with this, but, uh, years and years and years ago, I befriended somebody on Tumblr and yes, I used to use Tumblr once upon a time. And then I think we ended up like texting or something. And then they showed up on my people you may know on Facebook. And this was years before I ever cared about privacy. I think this was even before Snowden. And even back then I was like, that feels really creepy. And that feels like too much. And I'm really uncomfortable with that.
And just, I don't know, like, and that's, again, these are people, you know, these are people, quote unquote, these are people you're somehow connected to. And how long before Meta just starts rolling this out in general, where it goes into like, it's not just, you know, you're connected on Facebook. It's because that's how it started, right? Like Facebook was your feed of people you follow. And then it became, you know, somebody you tangentially know, like a friend of a friend.
And now you're seeing posts that people liked that you don't even follow that page. And how long before this turns into that? where people are showing up in your little glasses HUD, your heads up display, just because you're tangentially connected somehow. So yeah, I just wanna point that out first. I also, I need to point out, I wanna point this out every single time. They invented or discovered, I don't know.
I don't know if they invented it, but they workshopped facial recognition years ago, years and years and years ago. And they shelved it because it was too creepy, even for them. And then once clear view AI came along, suddenly they were cool with it. And so I just need to point that out that like meta has no moral compass, which that quote was probably indicative. I'll get to the quote again in a second.
Meta has no moral compass and they basically just wait for something to become socially acceptable enough that it's okay. Okay. Like meta would probably popularize the Hunger Games if they thought they could get away with it. They don't care. They just want a dollar, which is shown in just to state it again, that quote, I actually laughed when you read that, Jordan, in your response. You're like, really? Are you sure about that?
Because like, oh, we're going to launch during a dynamic political environment where many civil liberty groups that we would expect to attack us would have the resources. Like they literally said the quiet part out loud. Like, hey, now's the perfect time to do this because we know that nobody's going to like this and they're going to be busy paying attention to everything else that is wrong in the world. And we can do our evil thing.
It's like cartoon villains are less cartoonishly evil than that. I just, I don't know how else to put it. But the last thing I want to touch on is you mentioned that story that was originally covered by four Oh four, where when metal launched their Ray-Ban glasses, they didn't have facial recognition hooked, hooked into them originally. And some researchers hooked it up to PIM eyes and, and started identifying random people on the subway.
And Meta got super pissed about this coverage because they told four oh four, they're like, well, that's not us. The researchers did that. We have this quote unquote safety feature built in, which is a little light. That's apparently super easy to bypass it. To be fair, it's a little bit more advanced than like just put a piece of tape over it. Apparently you can tell when you do that, but it's not hard to do. There's tutorials online everywhere.
And, you know, we've got safety features and we don't do that. And, you know, there's always going to be bad people who do things with technology. Like they were so defensive and like, how dare you accuse us of doing something so nefarious? And now they're doing the exact same thing. And how long before somebody finds a way to jailbreak this? And now it doesn't just show people you know.
Now it does exactly what those researchers did, except you just made it a thousand times easier because the capability is already there. They just have to jailbreak it. And I mean, I hope we don't have to say the obvious here, but like this will be used for stalkers. This will be used for, you know, I mean, mainly I think that's the big one. I'm sure it'll be used for all kinds of other things.
And it's, I don't know, this is just so like, don't even know what to say this this just to me seems like such an obviously bad idea and an overstep and again just that quote the fact that they just said the quiet part out loud i don't even know where to go from there it's like they they've shown their true colors as being downright evil um real quick they they actually let me share this real quick eff did notice despite despite meta's best efforts eff noticed and uh they wrote this
blog post called seven billion reasons for facebook to abandon space recognition plans And what did they say at the, I think it was at the end here. Yeah. Meta's conclusion that it can avoid scrutiny by releasing a privacy invasive product during a time of political crisis is craven and morally bankrupt. And that was like such a good way to put it. Like there is absolutely no way anyone at Meta can pretend to have a shred of ethics right now because nobody with a moral compass would do this.
It's just, yeah, I think those are all my thoughts. That's just so crazy.
yeah it is kind of surprising especially because like i know there's a lot of stuff people already concerned about um ice agents wearing meta smart glasses and then it's like now they're planning on adding facial recognition i don't know it just seems very like dystopian very creepy um i think people need to be a little bit more loud about this because there's people that are I don't know if we're reading the, I was reading through information about these meta smart glasses,
like in preparation for this episode. And it seems like they're actually selling more than ever. Like they sold triple the amount that they did in twenty three, twenty three and twenty, twenty four and twenty, twenty five. So it's kind of concerning how popular these things are getting, because I think the worst possible outcome here is these products are like become a very popular like thing that a lot of people have and that would basically almost create like a dragnet surveillance.
Like we talked about this last week with Amazon's, uh, pet searching, uh, Amazon rings, uh, pet searching system, search party, search party. Yes. Um, so I think it's, you know, it's a similar thing. It's like Nate said, it's going to always be used for like the most nefarious purposes, like stalking people or, you know, just, I think the fact that if someone could identify your name and other information about you without your consent is kind of going against the whole idea of privacy, right?
Because you should be able to control who knows that information. And it kind of blurs the line. Yes, I think it's great that the EFF has come out with a like, I guess, statement against this. And we're really big fans of the EFF. So I hope they keep up the great work on that. And yeah, I mean, I hope that this doesn't become a reality because like we said, it was part of a plan.
So I mean, it's still not... actually implemented so we can only hope that people like Meta will get the idea once a lot of this stuff is leaked that this is a really bad idea and people really don't want it but I'm kind of afraid that some people just don't seem to see the issue with a lot of this stuff like just how popular these smart glasses are already is kind of indicative of the climate of people's like I guess people caring about their privacy so it's kind of a little bit unfortunate
um but I guess with that being said we should move on to the next article
¶ Popular password managers fall short of “zero-knowledge” claims
here Nate Alrighty. Yeah. Let's go ahead and head over to our next article, which I believe is about password managers. Yes, it is. Let me get this pulled up here. Alrighty. So several popular, well, three specifically, three popular password managers fall short of quote unquote zero knowledge claims. So this came from researchers at ETH Zurich, which we have seen them do quite a bit of good research in the past on cryptography and cybersecurity.
And they did audits with permission of Bitwarden, LastPass, and Dashlane. And so they basically had a â I thought I saw it in here somewhere. They had a â Yeah, in controlled tests, the team was able to recover passwords and tamper with vault data, challenging longstanding zero-knowledge encryption claims made by vendors. And then the findings were published in a technical paper and disclosed to vendors under a coordinated nine-day process.
So usually the way these audits work is the vendor will set up basically like a parallel environment, but it won't actually have any user data. So that way, if they do find any problems, it's like nobody's actually exposed, but now we know these problems exist. So they probably did something similar here where they set up like a test server and ETH Zurich found some pretty troubling stuff. So unfortunately, Bitwarden did the worst.
They had twelve attacks against Bitwarden, seven against LastPass and six against Dashlane. And real quick, why those three is because apparently those three are the most popular password managers out there currently. And they account for more than sixty million users and about twenty three percent of the market. So those three account for about a quarter of all password manager users. Um, yeah, if you're watching, you can see here, there's like a list of the type of attacks they found.
And you can kind of tell the BW is Bitwarden. The LP is LastPass. The DL is Dashlane. Um, Bitwarden, I should say Bitwarden and Dashlane have fixed most of these, I believe. Uh, LastPass is working on fixing them. The fact that LastPass is still in the top three at this point makes me sad.
But anyways, um, Yeah, so it's, well, real quick, let me just say, so Bitwarden, I personally found their blog post to be the best because they did actually give a full explanation of all twelve vulnerabilities. I believe that they said all of them were medium or low impact, required an attacker to already have full server control, which is worth noting, but at the same time, it's, in theory, we would hope that these are designed in such a way where it doesn't matter.
Like, that's kind of why they did this research is, Products like Bitwarden, Signal, I'm trying to think of some others, Proton, in theory. In theory, the way these products are designed is that it doesn't matter if the server is malicious because everything happens on device, everything is really secure, and the server being malicious is more kind of like a bummer than an actual problem. And that was not the case here.
So again, getting back to the vendor response, Bitwarden did fix... I think nine of them and three of them, they, uh, I guess the term is they accepted it. They basically said like, we hear you, we acknowledge it. And here's why we're not fixing it. Um, they did the reasons they gave made sense in my opinion. Like one of them was, uh, they basically said like, we need this functionality for shared vaults to work.
Like if you share with another user or a family member, which I hear, but at the same time, all three of them that they didn't fix, they also said like, We'd be open to looking into this in the future, which I appreciate the humility. But at the same time, it's like, why not just fix it now? I don't know. I just I don't like that they left stuff open, even though I understood their answers. It's like, but can you fix it anyways? There's got to be a way to do it.
Dashlane was a lot less open on their blog post. They said that they did fix some stuff, but they didn't really give that same detailed breakdown that Bitwarden did, which makes sense because Dashlane and LastPass are not open source. So they're just not as transparent, I guess. And LastPass, like I said, I think they fixed one of the issues. And I think they've got a couple others that they've got the fixes ready for, but they haven't rolled out yet.
And then they've got a few more that are still in progress. Um, although again, personal biased opinion, I would not use last pass if you paid me after their last big data breach. So yeah. And I, I think this is really disappointing because again, the, the idea of an attack like this is we want to make sure that your, your vaults are protected no matter what, like that is the whole point of a password manager is that you can trust this.
And again, It's very frustrating when that is not the case and that does not turn out to be true. I really don't have an excuse for that. It's very frustrating. But at the same time, I think, because I know already there's probably some of our more hardcore veteran listeners or viewers, they're thinking like, oh, well, this is why I use KeePass. This is why I use offline password managers, which is great. If you have the kind of organizational skill to do that, that's fantastic.
And I'm totally in favor of it. We do recommend KeePass on KeePass XC specifically, I think, on privacy guides. But for a lot of people, offline password managers are too much work. And the problem with security is security requires you to trade convenience, but everybody has a different threshold of convenience. And for a lot of people, when for everybody, once something becomes too inconvenient, they're going to stop doing it because it's just too much work and it's not worth it.
And everybody has a different level. You know, some people don't mind key pass. Some people do. So that's kind of the concern or the unfortunate side of key passes, because yes, in a perfect world, that would be great. But for a lot of people that requires you to manually sync up across multiple devices and that requires you to manually keep really good backups. And the nice thing about cloud-based password managers is it's just easy. Bitwarden syncs across every device. It looks really clean.
I don't have to worry about keeping it updated. Well, I mean, I have to keep the app updated, but you know what I mean? It's just such a seamless, easy user experience. So it is really unfortunate to see when these kind of things happen. And I'm really glad that Bitwarden especially took this to heart and they took the criticism and they fixed it.
I hope that they will fix the remaining vulnerabilities if possible, because I feel like it's one thing when there's a vulnerability and you say like, okay, we hear you, but the odds of that are pretty low. It's kind of out of scope. It's very unlikely. But this is, again, this is like the whole thing the product is supposed to do is keep your vault safe, even if the server is compromised. So I feel like this one's a pretty big deal.
And the last thing I want to throw in there real quick is Uh, one password was not audited, but they went ahead and released a blog post and basically said like, this wouldn't impact us because they have that. Like, I, I still don't fully understand one password structure, even though I've read about it like a million times, but they basically have some kind of, um, like a two-password system where you sign up and it's not quite your recovery key, but it kind of is. I don't know.
Either way, the way that they have their setup, they said that this would not have affected them. So if you are a one-password user, go ahead and pat yourself on the back. And as usual, one-password continues to have great security. And ProtonPass, I don't think, has released a blog post, surprisingly, and they were not part of this audit, so I don't know how they fare, but... I think those are my thoughts. Did you have any additional takeaways from that, Jordan?
Yes. So I did end up putting together a post on our social media channels and I did a little bit more research into this article and sort of like the timelines of things. And one interesting thing that I did find was LastPass was sort of downplaying some of the severity risks of these vulnerabilities that were found by ETH Zurich. So they said, our own assessment of these risks may not fully align with the severity ratings assigned by ETH Zurich team.
And I think the interesting thing to think about here is I don't think we should be trusting LastPass, especially because in twenty twenty two, they basically had a breach which impacted one point six million of their users because they didn't adequately secure their infrastructure.
And it also showed that a lot of the fields in LastPass weren't actually encrypted and was stored in plain text, which basically allowed for, you know, there was a breach of the server like we're talking about in this circumstance if something is zero knowledge then you know you should expect that every single piece of data is actually protected right so Zero knowledge needs to cover every single data field. It needs to cover metadata. It needs to cover everything, right?
Otherwise there's information that the provider has and it's no longer zero knowledge. I think there's definitely been an interesting debate that we've been having.
on the team about, you know, it's becoming zero knowledge, zero access, all these buzzwords that a lot of companies like to throw around is, you know, they're becoming the military grade encryption sort of, you know, thing that we always kind of make fun of because it doesn't really mean anything unless the implementation is actually correct. So I think one thing as a takeaway from this is If you're still using LastPass, please stop.
There's so many great options now, especially because, you know, you've got all sorts of options that you can pick. Like Nate was saying, if you're not sort of, if you don't need that high level of security of a local password manager, like KeePass, then you can also use a bunch of these reputable cloud-based ones. And I think the way that Bitwarden handled this was incredibly professional.
It showed that they have a good understanding of how to disclose fixes, how to actually show and be transparent about fixing things. So I think they had a great response and, you know, one password wasn't affected and Dashlane also had a good response, but I think we should try and center this back on some of the recommendations that we have on the site. So we do recommend ProtonPass, which Nate talked about a little bit.
They weren't included in this, so we're not sure if that affects them or not, but It's another password manager that we recommend. They've been audited. They've passed rigorous checks from our community members and our staff members to be recommended on privacy guides. And we also recommend Bitwarden because they're open source. They're transparent. They offer a high level of security.
There's a couple of other ones that we do recommend such as one password, which is like Nate said it does have great security but does come with the unfortunate side effect of being proprietary and there's also the Sono password manager, which is a German password manager. It's definitely more of a niche recommendation because It's less popular in Bitwarden, OnePassword and ProtonPass, but it still meets all of our criteria as well.
And of course, when we move on to the local password managers, there's KeePassXC, which is basically the gold standard of KeePass clients, and it's available on all desktop platforms, which is Great. And there's also KeePass DX, which is available on Android, which allows you to access your KeePass databases on your Android device. And we also recommend KeePassium, which is available on iOS and macOS to access your KeePass databases there.
So I think this is a great opportunity to push people towards safer tools that respect, like they follow proper security protocols, right? I think that's all we can kind of take away from this. I think every service is gonna have people that find issues. The best thing we can hope for is how quickly these companies respond, how well they respond and how transparently they respond. So I think the gold standard there was Bitwarden. They took it very seriously.
They actually, implemented all the changes. Most of the changes, actually, I should say, there's a couple that they weren't able to fix. But I think that is what we should be looking for when these things happen, because every tool is going to have an issue, it's always going to have vulnerabilities, it's going to always have issues. It's just the way the company treats these vulnerabilities. That is the most important thing.
So I think this is, I guess, a great a great time to kind of segue into our next story here. Unless, Nate, you have anything else you want to add? I just wanted to say I'm really glad you mentioned that about LastPass. I didn't really notice that their response contradicted. I just skimmed it real quick to see if they were like, here's what we found, here's what we fixed, here's what kind of like Bitwarden did. So yeah, they are not the most trustworthy.
Yeah, that's crazy for them to be like, oh, this isn't as bad. And it's like, yeah, let's take your word for it.
¶ iOS 26.3 adds unique new privacy feature, and it’s Apple at its best
Yeah. So I guess with that being said, we can move into some exciting iOS based news here. And after that, we'll talk a little bit about Microsoft co-pilot sending confidential files, but first let's dive into the iOS. news here. So iOS twenty six point three adds a unique new privacy feature and it's Apple at its best. This is an article from nine to five Mac.
And basically this is an update that allows people to have additional privacy against their cellular provider, which is like, you know, the company you pay for your mobile plan. And basically it's because of this new C one X modem in Apple's new products.
So basically before they were using like Qualcomm modems instead of having their own custom Silicon, but now Apple's developed their own custom modem, which I guess may means that they decoupled from a third party company and they're keeping more things inside. Um, So I think that's it's definitely an interesting move from Apple. And I think this sort of feature is basically I can quote from the article here.
Cellular networks can determine your location based on which cell towers your device connects to. The limit precise location setting enhances your location privacy by reducing the precision of location data available to cellular networks. With this setting turned on, some information made available to cellular networks is limited.
As a result, they might be able to determine only a less precise location, for example, the neighborhood where your device is located, rather than a more precise location such as a street address. The setting doesn't impact signal quality or user experience. So not entirely sure how this feature works, I guess. I guess it's not super clear, especially because this is basically a brand new feature like I was only just came out last week.
Um, so it's basically it's, it's important to remember though, with this feature is that it's only available on very specific devices, which have the C one X modem. So that would be the iPhone air, the iPhone, and the iPad Pro with cellular connection. And of course, it's only supported by very specific carriers. So in Germany, Telecom is supported. In the United Kingdom, EE and BT are supported. In the United States, Boost Mobile is supported. And in Thailand, AIS and True are supported.
So It's basically an additional privacy setting that Apple has added to their devices. I think this is definitely a positive, especially because now with five G connections, it enables much closer tracking of your location. Especially because the towers have to be closer together. It's much easier to identify your location based on your cellular signals.
So I think this is definitely a step in the right direction that I think we should see other companies also following suit because this is sort of an issue that some people deal with. And reducing the amount of data points that your carrier has is definitely a benefit. What are you thinking about this one, Nate? No, I agree. I think this is really, really cool. To me, this reminds me a lot of how in modern smartphone OSs, Android, iOS, you can... Maybe not Android, but I know iOS for sure.
You can tell an app if you want it to have precise location or coarse location. C-O-A-R-S-E, coarse, like rough location. And I think that's amazing because... I mean, first of all, I think a lot of apps shouldn't require you to have location anyways. Like a lot of, you know, rewards apps for fast food. They're like, oh, what's your precise location? Just to function. And it's like, no, I don't want to find the nearest store. I know what store I'm going to.
And so it's really cool to see them roll out this feature. The one thing I didn't find that I'm a little curious about is if it if it will be bypassed for emergency services, like if you call here in the U S nine one one, I know it's something else in other countries, but if you call emergency services, will that bypass it and give precise location or will it continue to only give, um, rough location?
I have to assume it's, it'll, it'll bypass it, but yeah, I, I'm also, I guess I'm curious to see what exactly this defends against. My money says probably things like geo fence warrants and stuff like that. Um, But yeah, I don't know. Overall, I think this is a really cool feature. And the thing I'm excited about is that in my experience, phones are always an arms race, right? We've seen that a lot, especially with the privacy stuff.
Like Apple rolled out, I think it was Apple that first rolled out granular app permissions. And then Android came in later. And then Apple rolled out the privacy dashboard and then in screen time, and then Android rolled out the same thing. And I think Android actually beat Apple to one of them. I can't remember which one, but even Graphene OS, you know, Graphene OS rolled out storage scopes and contact scopes.
And then it took a couple of years, but Apple rolled out contact scopes now ever, or not cause storage scopes. I think contact is still coming, but you know, and now everybody gets to benefit from that. So this is to me, this is one of those things where a rising tide lifts all ships. And so it's, We obviously would prefer for people to use like Graphene OS or something, but we've covered this many times. There's a lot of countries where pixels are not available.
Pixels are expensive, whatever the case. Maybe you just bought a brand new phone and this is when you decided to get into privacy. And I totally don't blame you for throwing away a brand new phone and running out to buy another one. So privacy is for everybody, regardless of what phone OS they're using. Some make it easier than others. And it's really cool when we see features like this roll out that help everybody.
And my hope is that now Android will be forced to copy this and we'll get something similar on the Android side as well. So I think that's my main thought with that one. Yeah, I mean, it's definitely interesting. I think with Android, they don't have the same level of control that Apple does because they are doing this through their new Conex modem. I think a lot of Android devices, they're all reliant on these massive silicon companies like Qualcomm, Broadcom, et cetera, et cetera.
So I think the chances of seeing it are definitely lower because, you know, Apple is in this position of control here where they have the ability to basically, I think this is one of the benefits of Apple really, because they have such control over everything. They can make these bespoke solutions that other companies just wouldn't be able to do. So it's definitely, it's good that they're using this new chip for additional privacy protection. But yeah,
¶ Everything New in iOS 26.4 Beta 1
I feel like that's that story out. Do you want to talk a little bit more about some more upcoming iOS features here, Nate? Sure. Let's talk about, this will be pretty quick, but the iOS twenty six point four beta, the first version has already been released. And like I said, we'll keep this quick because there's really just a couple of things that we have talked about in the past. The first one we'll go ahead and talk about is end to end encryption for RCS.
So I want to say Jonah and I talked about this a few episodes ago. RCS is. the new standard that's supposed to be replacing SMS, and it brings a lot of really fun little features. All the same stuff you enjoy with iMessage, really bigger attachment sizes. You can emoji react to messages, like you can give a thumbs up reaction. I think give support, but don't quote me on that. It's just all around a better user experience.
But one of the cool things it brings with it is the ability to have end-to-end encrypted messages. However, comma, people need to enable that. So originally, Apple said that they were not going to... to support end-to-end encryption with Android. And I'm told, uh, I didn't look into that too closely admittedly, but I'm told from multiple people that's because Google was trying to force like their proprietary version of it. And Apple was like, no, this is an open standard.
We're not going to play ball with you. And eventually Google backed down and they went with the open standard again. That's just what I'm told. But either way, uh, Apple has since changed course and said, yes, we will support end-to-end encrypted RCS. And I believe the code for this originally showed up in this last beta that just came out, the twenty six point three. But even at the time, whoever I was hosting, I'm pretty sure it was Joan I was hosting with.
They pointed out it's like this isn't a guarantee. It's just, you know, it's coming. It may be this one. It may be the next one. And now it's looking like it's going to be the next one. Twenty six point four. We are seeing actual code for encrypted RCS, which is fantastic. The drawback is that. This still has to be enabled by the carrier as well, from what I've been told.
So just like with this location thing we were just talking about for cell phones, the capability will be there, at least a lot more widely than the cell phone thing. The capability will be there, but the carriers will have to choose to support it. And unfortunately, I don't know if there's enough incentive for them to. I don't know how much they're going to care. I hope they will, but no guarantees. Fingers crossed. And then the other thing that's really cool is Apple.
Again, Apple and Google, arms race. They're always copying each other. Apple has this thing called stolen device protection, which is supposed to protect your phone if it gets stolen, if it gets snatched out of your hand or something. And it basically does a lot of like... I think, uh, like you requires additional authentication to access like Apple pay or your iCloud account, things like that. If it detects that it's not in a familiar location, things of that nature.
So it's, it's a pretty neat little feature if you're an iPhone user. I think it requires iCloud, but don't quote me. But anyways, up until now, that has been an opt-in feature. You have to go enable it, and now it will be enabled by default. It will become opt-out, which normally we are not fans when things are opt-out, but I think this is kind of one of the good times where something should be that way by default.
And there's some other stuff in that article as well, if you guys are interested, but this is a podcast about privacy. So that's kind of what we focused on. Do you have anything you want to add to those, Jordan? Yeah, I think this is the I especially want to talk about the stolen device protection, because what we were seeing with that is some people would basically look over people's shoulders and see them entering their pin.
And basically that would allow them to take full control of someone's device. Right. Because there was no restrictions on accessing a device. It would basically It would allow if you had the pin, you could change iCloud settings, you could drain someone's bank account using the Apple Pay. It was a little bit ridiculous. But someone in the chat, Lucas Truman, said it exists on Samsung. So the stolen device protection on Google devices is different to Apple's implementation.
The stolen device protection on Android devices actually uses like proximity sensors and stuff like that to basically identify if someone is running away with your phone and then it will lock the phone automatically.
Whereas Apple's implementation is actually more that it just requires a security delay if you start to try and make sensitive changes on your device, like Nate was saying, like changing your iCloud password, disabling Find My, these sort of sensitive things, it adds a security delay.
I think this is really important to be enabled by default because this is the sort of thing that is basically destroying Because if they have this extra barrier that they now have to worry about to basically break into someone's device to steal their money, they're going to be much more like they're much less likely to actually steal devices.
And I think that's why it's so important that these features are enabled by default, because It's a great way to basically stop thieves from deciding to do this and steal people's phones. I don't understand why people do that. It's like a literal tracking device. I'm not really sure why people are still doing this, but I guess you can drain people's bank accounts, but I guess after iOS twenty six point four, it's going to be a lot more difficult to do these things.
I would also just mention that this isn't a silver bullet. Obviously, it gives you thirty minutes after you're in a not familiar location. I would set this to always just in case. So it always activates. I would I would not leave it on always from familiar locations. it makes it a little bit more annoying to change things. It's fine. I don't think it's a problem. Most people, I think, you know, if you're, you're probably not making sensitive changes on your phone very often.
And I think it's better to have that protection because, you know, if someone did steal your device, they could just follow you home and then unlock your device and steal all your money. It doesn't really make that much sense, but it could be, and I would stop them from getting quicker access to your device. So yeah, I think this is why this is quite an important feature. I don't really have anything more to add on the RCS front. I think Nate did a pretty good job of covering that.
But I think this stolen device protection thing is pretty important.
¶ Site updates
Cool. Okay. Well, before we jump into our next story, which I think is about AI, we're actually going to take a quick pause and a detour. And we're going to talk about some updates here behind the scenes at Privacy Guides. We have been chugging along a lot behind the scenes lately. And we have a bunch of new videos for one to share with you guys. So if you are not subscribed to us on YouTube, a lot of you are already watching.
Actually, whatever platform you're on, whatever platform you're watching on, except maybe Twitch. But go ahead and subscribe and follow us because we do post about new releases, news, and stuff like this. So definitely. But on YouTube, on PeerTube, we now have our private browsing video out. Actually, I think the private browsing one is still syncing to PeerTube. But that one should be up on PeerTube any day now. But that is out to the public now. And it's all about private browsing.
Again, I want to reiterate for a lot of the veterans in the crowd, you already know this stuff. But believe it or not, there are people who still think that incognito mode is actually private.
So this is a great video to share with people and explain to them like why it's not and in addition to that we go through a lot of the other popular browsers Vivaldi Opera Safari we talk about how they measure up and then of course our top recommendations which I think you guys probably know but I'm going to go ahead and pretend it's a secret not spoil it so And then our smartphone privacy and security course is still going strong. The intermediate level just published to everybody as well.
It is now public. And that is iOS and Android. So again, whichever phone you're on, go ahead and check that out. That's all about how to replace the stock apps with much more privacy respecting versions. So like calendars, email, browsers. And if you're on Android, how to get those apps in a much more private fashion. Unfortunately, that same option does not currently exist on iOS, at least outside of Europe. But yeah.
And then one more thing before I turn it over to Jordan is we did make some updates to the website. We removed Yachty, which is a YouTube front end for iOS because it appears that it's no longer being maintained. According to the comments and the issue that was opened, it doesn't work very well. It's even been removed from the app store. Which is a shame. We have removed Dataveria from a list of people search websites. We have updated about uBlock Origin Lite's capabilities.
So definitely check that out. And the BitLocker command line workaround no longer works in Windows Home. So we have updated our instructions on that. as well as some stuff about Firefox. And then I think the rest of it is kind of like code behind the scenes stuff. But that is all in the show notes. And actually, that was a last minute edition. So it's not in the newsletter yet, but I will make sure to add it after this episode. Jordan, did you have anything to add to this section?
yes thank you uh so basically we also there was some people asking whether the ios um and android advanced sections for our smartphone security guide are coming out and i can say that the ios advanced video is pretty much done it's in like the pre pre-production stage right now it just needs some more small edits to make sure it's ready to go up and then the android one is also at a similar um draft level i guess it still needs some changes before it goes up so i'm hoping to
work on that a bit today and also tomorrow and then we can also get that out for everybody to our members next week um that's the plan on that um but I think there's also a, we had some more news articles going out. So Freya was working on posting those on Ghost and that gets shared to our forum and stuff. So if you haven't been catching those, there was one that they wrote about Project Toscana, which is basically an upgraded Google Face Unlock.
They're basically planning to upgrade the Face Unlock system on Google Pixel devices. They also had another one about iOS, twenty six point four beta RCS. So if you're interested in reading more about that, definitely check out those articles from Freya. And there's also another one going up soon, which is about AI. So definitely check that out. Make sure you follow our news feed because we do keep Priyas managing that as well as Nate.
Nate does some great posts there like data breach roundups and all sorts of stuff like that. So if you're interested in keeping up to date on the latest news, definitely check out the Privacy Guys news page. But yeah, that's sort of everything we're working on. We're hoping to work on some more less course-related stuff and move into some more, you know, I think we had a private email video planned. So we're looking at that.
And yeah, we're sort of finishing out all the projects that we had going so far. So that's sort of where we are at on the video front. Awesome. Do you want to take this next story or would you like me to jump into that one?
¶ Microsoft says bug causes Copilot to summarize confidential emails
Yes. This next story, like we were talking about before, we hinted on it. Microsoft says, bug causes co-pilot to summarize confidential e-mails. Microsoft says, a Microsoft three sixty-five co-pilot bug has been causing the AI assistant to summarize confidential e-mails, since late January, bypassing data loss prevention policies that organizations rely on to protect sensitive information. According to a service alert seen by Bleeping Computer, this bug tracked under CW.
One, two, two, six, three, two, four. That's a mouthful. And first detected on January twenty first affects the copilot work tab chat feature. which incorrectly reads and summarizes emails stored in users' sent items and draft folders, including messages that carry confidentiality labels explicitly designed to restrict access by automated tools.
Copilot Chat, or short for Microsoft Office, is the company's AI-powered content-aware chat that lets users interact with AI agents, Microsoft began rolling out co-pilot chat to Word, Excel, PowerPoint, Outlook, and OneNote for paying Microsoft three sixty five business customers in September twenty twenty five. So the problem was that the user's email messages with a confidential label applied were being incorrectly processed by Microsoft three sixty five co-pilot chat.
Microsoft said when it confirmed this issue. So this is obviously a major problem. And I think this is sort of the issue with integrating AI into so many of these things, right? If you don't implement these things correctly, you're basically just sharing confidential or private stuff with an AI chat company, which, you know, their policies around what they're using to train their models, their policies around the chats that you're sending are somewhat vague.
So This is like a breach of confidentiality agreements. A lot of companies utilize these confidentiality labels to make sure that people aren't sending these emails outside the company. And the fact that Microsoft Copilot was just scanning and summarizing this is just... absolutely ridiculous.
I'm sure that a lot of companies who had specifically super sensitive stuff they were discussing are probably really mad at Microsoft right now because, you know, they now have technically they've sent all of their confidential information to copilot chat. So it's just a kind of fail by Microsoft. This should have been caught. I think the fact that we've got all these AI chat bots that are like summarizing people's entire inboxes is kind of bad.
Like it's, this is sort of inevitable when you basically grant entire access to inboxes. I think we should try and avoid these sort of tools because this is sort of an outcome of, you know, unless someone sets it up perfectly or it ends up sending things to an AI server that it wasn't supposed to, I think there's not really a good way to implement these sort of tools. What do you think, Nate?
I think my favorite part of that that I somehow missed when I was reading that article is the part where it summarizes the scent and the drafts. So not only was it doing something that it explicitly was not supposed to, it wasn't even being useful in the process. Like, I don't need you to summarize my sent and draft emails when I'm the one writing them. Or, I don't know, I guess maybe a lot of people are using Copilot to write their emails nowadays. So, like, it's Copilot reading Copilot.
But to me, that was the moment where I was just like, oh, my God, are you serious? Like, again, not only are you putting users' data at risk, you're not even doing a good job while you're at it. That's just... Oh, classic. What are the kids calling it these days? Microslop. So yeah, that cracked me up. But yeah, there it is. Lucas at Microslop. Yep. Ten out of ten. No, it's just, yeah.
And that's, I don't understand how, like you said, yeah, that should have been something you would catch in testing. And it's just so... I don't know. Cause I, I, I, I want to be, I want to be fair and I want to acknowledge that like, okay, there's always going to be bugs. There's always going to be mistakes, but there's certain bugs and mistakes that it's just like, how did it get that far through the life cycle? And no one caught it.
Like we see that with all kinds of like product names and ads and slogans. We see that all the time where it's like, how did this get all the way from the boardroom to the TV and not one person spoke up? which I'm sure usually somebody did, but they were told to shut up and do your job. And maybe that's what happened here. So yeah, that's just crazy. But yeah, I mean, the privacy aspect of this is very obvious. What if you're sending sensitive medical data, sensitive national secrets?
The government uses Microsoft for reasons that are completely beyond me at this point. But the government uses Microsoft Windows and Outlook and Azure and all kinds of stuff. And so like... It's bad enough we've got our own government officials adding journalists to signal chats. Now we've got Microsoft itself is training on sensitive war plans. It's just â it's crazy. This is so not good for anybody.
So â Yeah. I think it also goes, it's like the double whammy, you know, we're like burning down forests and building like power plants to fund all of this. And like, it's like an endless money pit of like AI data centers. And then it's just being used for like the most unnecessary stuff, like summarizing people's scent and draft folders. Like what? It's just so ridiculous. I think this timeline is, It's very scuffed. I mean, yeah, I don't really have too much more to add on it.
Like, I feel like we've kind of talked about this for quite a bit, but I think, you know, obviously no one here, please don't use Microsoft products. I think it goes without saying. It would probably be interesting to see if you, a lot of companies use these at their businesses. So, you know, if you work for a company that uses these tools, I'd probably look at, Maybe letting them know that there might be a confidentiality breach because this is probably pretty common, right?
A lot of companies are using Microsoft tools. It's extremely common. So, yeah, there might be some massive breaches in the future from someone accidentally sending their war plans to Microsoft Copilot or something. I don't know. We'll see. I just want to add real quick, you reminded me of, I don't know if you've seen that meme going around.
It's like a cartoon, like the kind they draw in newspapers, where the guy is like, oh, we've invented this machine that answers questions, but you have to feed it twelve giraffes per day. And the other guy is like, wow, that's a lot of giraffes, but you said it answers questions, right? And it's like, oh, no. No, no, no, no, no, no, no, no, no. And that's just, yeah, that's what came to mind when you talked about burning forests and stuff. Yeah, the cost is insane.
And it doesn't even do the thing it's supposed to do well. Anyways. Yeah, it is kind of frustrating. And that's kind of the atmosphere at the moment.
¶ Grok Exposed a Porn Performer’s Legal Name and Birthdate—Without Even Being Asked
All righty. And then we had one more AI story. I guess I'll go ahead and take this one. Yeah. So this, this kind of tying in with, uh, AI and remembering the AI is a privacy invasion. So the headline, this comes from four or four media. It says Grok explores exposed a porn performers, legal name and birth date without even being asked.
And I think, um, sorry guys, I didn't sign in before, before we recorded, but I remember this one, I was going to show you the screenshot, but literally, so somebody, um, I guess somebody posted a picture of this girl online and she is, she's an adult performer. Um, But they posted a picture and somebody else replied and they asked Rock, like, who is this? And that was literally it. It was like, who is this? And Grok said like, oh, that's a, what is her stage name? Siri Dahl, I guess.
And that's like, oh, that's Siri Dahl. She's an adult performer, but her legal name is this and her birthday is this. And it's just so like, like on the one hand, I understand how AI doesn't really understand what you're asking because just in case anybody's under the delusion out there, AI is not sentient. I don't care how convincing it looks. I'm certainly not anywhere remotely convinced.
But it, I understand the concept of like, it didn't know if you were asking like, who is this person for real? Who is this person's name? But just the fact that it threw that out there, and especially this goes back to, again, we mentioned this in previous episodes, the idea that AI just trains on everything indiscriminately without consent. And I guarantee you... In some kind of world, I can see a world where this woman may have said like, sure, it can know who â like my stage name.
It can know the sites I've been on. It can know the videos I've been in. I don't mind that. But I think she would have been like, I would prefer it not tell people my legal name, right? Like that's why so many performers use stage names is to give themselves a little bit of a layer of privacy. Yeah. just the fact that it is scooped that up and just threw it out there. And you know, your personal morals aside, like that's fine.
You can, it's not fine, but your personal morals aside, you can say like, well, she's an adult performer, whatever. I'm using a fake name. Nate is not my real name. I'm very open about that fact. And what happens when you ask the AI, like, Hey, who's this? And it doxes me. Like anybody, any of you, like every single one of you in the chat right now are using like fake names. I'm hoping, I'm hoping Lucas Trauman isn't your real name, but maybe it is.
We have handles and we have usernames and we have those for a reason. And the whole point of privacy is that you're supposed to have that... that consent to be able to say who you want to share data with and what data you want to share with them. And when AI scrapes all that up, even if it never shares it like it did here, it's still taking away that agency from you and it's taking away your right to privacy and your control over that information.
Yeah, I wanted to throw this one into our AI section because I felt like that was a really important reminder. And just, again, the fact that it did so without being prompt. GROK has been completely insane from the get-go. Some people like that for some reason, but the fact that it just threw that out there completely unchecked really blew me away. And I was like, wow, we should talk about this. That one, I think, was pretty quick. That's all I had on that one.
Do you have any thoughts on that, Jordan? I mean, I think this is sort of a case of a very unfortunate case of AI doing something that you don't intend, which seems to be very common with these tools.
Like it's, I guess I'm kind of interested to know like I also don't have access to this full article so I think I might need to reload it or something but I think you brought up some good points like I think you know the whole point of these adult performers using these like pseudonyms or like stage names and you know trying to have some level of privacy because Obviously, when you're in that industry, I think the chances of, you know, stalking and doxing and swatting is
substantially higher and your safety concerns would be much worse than the average person. Like, you would need much more security.
So it's very concerning that there's basically been... breach of you know this person's information against their consent that's probably causing them a bunch of issues right now so that's really unfortunate but yeah I don't really have too much more to add I think this is just a very unfortunate and sad story because, yeah, I think many people wouldn't like their personal name being connected to their activities.
And I think this is also especially important with, like, adult performers because, you know, there's stigma around that industry and I think some people don't want to deal with that. So, yeah, that's kind of my take on it. It's understandable that somebody... Yeah, there's a tweet that Nate's showing on the screen. So someone asked Grok, who is she? What is her name?
And Grok appears to have responded, she appears to be Siri Dahl, an American adult film actress, and then all the information about her. So it's kind of unfortunate that... this AI tool could identify somebody so easily? I guess it is somebody whose face is pretty widely shared on the internet, but still connecting that back to an actual person's name. How exactly did that happen? That's kind of my question. Where did it get this information?
I guess it's, you know, possible that there was data brokers with her information that were listed and an AI scraped up that information and associated it or something, or doxing sites that found this information and then basically just published it. I'm not really sure how that, you know, happened. Do you have any, did you see anything in the article that like suggested that or explained how that happened? Because it seems pretty, pretty terrible.
No. And that's scrolling through the article again. That's what's horrifying is she said that up until now, she's been able to keep her real name kind of unknown. And it says she's been paying for like data removal services for years and stuff like that. And it's, it's unfortunate that You know, the thing that got me into privacy was it was actually Michael Basil's podcast back when there were two of them, like him and his co-host.
And they said they were talking about why they split up their data instead of like, you know, because I will admit I was that guy that I use Gmail, Google search, Google Chrome, Google Drive, Google Calendar. I used Google everything. And they were talking about that and they were like, yeah, but the defender needs to get it right every single time. The attacker only needs to get it right once. And that was the moment it clicked for me.
And I'm like, wow, like not obviously like all of us, I have nothing to hide, but I'm like, if my Google account gets breached, that's my entire life. That's again, my calendar, my browsing history, my searches, my YouTube, like everything, my files, everything. And so that's when I kind of started to diversify a little bit. And when I did, I realized I'm like, oh, this is actually a lot easier than you would think it is. And that's kind of what got me started in privacy. But It's unfortunate.
So when we think about that phrase, you know, the defender needs to get it right every single time, we think about it in terms of like data breaches, right? And so we want to like data, or at least I do, I guess I shouldn't speak for everybody, but I think of it in terms of data breaches. We want to minimize how much data we put out there. We want to make sure we're diversifying so that the fallout is reduced. But it also goes for this stuff. It also goes for these data removal services.
It goes for, and it's unfortunate because, you know, you were asking, like, do we know how that got out there? Throw a coin and take your pick, right? Or like throw a rock and, you know, it's like, there's so many ways, especially in America where our data laws can best be, or our privacy laws can best be described as LOL. Like there's just so many opportunities and it's impossible to defend against them all.
We try our best, you know, which is, One of the reasons we recommend like data removal services and Michael Basil's workbook and Yale Grauer's big ass data broker opt out list. And whether you want to do it automated, whether you want to do it personally, whether you want to do a hybrid, it's just there's so much to defend against and it can be so exhausting. And unfortunately, I've personally seen some people burn out and quit because it is so much work and it's so exhausting.
And it's just, yeah, who knows where they got it from? There's a million places they could have gotten it from. And it's really hard. just horrendously unfortunate. Um, especially when somebody seems to be doing everything right and trying their best and using the data services. And I don't know which ones she used. Maybe she was using, but I mean, we just got that study from consumer reports, right?
Like a couple of years ago where we finally got some transparency about which ones work and which ones don't. And that was one study. And we really need a lot more of them because like, we still don't really know for sure which ones are the most effective and And yeah, this could have come from so many, so many places. And it's just so unfortunate that somebody is trying to do everything right and still failing.
And now they're it says in this article, they're like making a game out of it, asking Grok, like, what kind of car does she drive and what's her address? And she's like, yeah, how long before Grok guesses? They said so far it hasn't been able to reply accurately yet, but she worries it's only a matter of time. And it's like, cool, that's awesome. So I don't know. Yeah, that's that's a depressing story. I feel so sorry for her.
Yeah, I think it's like I was saying before, this leads to, you know, this can lead to violence, it can lead to abuse. Like it said, almost instantly harassers started opening Facebook accounts in her name and posting stolen photos.
adult clips with a real name on sites for leaking OnlyFans content so you know there's people I think these people that post on you know adult websites I think they're at much higher risk of receiving harassment and abuse so I think it's especially important for someone like this to have this protection but I think when it comes back to the the data broker stuff I think that the tools it doesn't it doesn't matter so much about the tools and stuff i think there really needs to be a
change where that data doesn't isn't allowed to be collected in the first place because you're basically just playing like a cat and mouse game um plenty of countries it's this information is not allowed to be used for this purpose like that's the whole point of a lot of data protection laws is they stop this sort of thing happening and you know, maybe it was great back in eighteen twenty five when everyone needed to have access to the public records of everyone because, you know,
they needed to work out where to go to, I don't know, find someone. That's great. But we live in the interconnected like Internet age, like people are instantly able to access information. They can find out things significantly faster. You don't have to go down to like a courthouse.
You don't have to go down to like a government building to access this information it's readily available on the internet it shouldn't be um and it shouldn't be allowed to be used to like advertising for like all these like creepy stuff like training ai and stuff like that um i honestly wouldn't be surprised if you know i feel like grok has the least amount of ethical like guidelines set for it like it'll just answer absolutely everything and it won't have any concern
over like the ethics like where does this person live what's their address it'll just be like certainly here's the address of blah, blah, blah. It's just like, it's, you know, AI is basically the guy, the guardrails are not very great. Like we talked about with the Microsoft copilot issue, the guardrails are very thin. People can use them for malicious purposes.
Like we saw with this, you know, finding out a person's identity or finding out where they live, you know, this is all concerning stuff. And, I think it's like a combination of things. AI tools don't have really any ethical frameworks. They can be used for like really abusive stuff. And also just like the US's lack of any national privacy laws restricting companies to use people's information.
And I'm sure that, you know, these AI chatbots have also been trained to like a bunch of personal information has been sucked up by these chatbots, right? Like, I'm sure that, you know, if you asked Grok about where Elon Musk lives, it probably wouldn't say, but I'm sure if you said some other famous person whose address is somewhat public, it would come up and tell you exactly where they live. So it's, you know, I don't think this is great, especially because it's so accessible now.
Like it's basically available to anyone. Like you can use an AI chatbot for free. Anyone can access this. So it becomes really concerning when it's used to dox people. So I think we'll only continue to see more of this unless some changes are made, which is kind of unfortunate, but yeah, You can only protect yourself as much as possible. Like Nate was saying, using all these data removal tools and getting DMCA requests and all sorts of stuff, there's only so much you can do to protect yourself.
And if the laws and the country doesn't prioritize people's privacy, then there's only so much you can do. You're basically just removing stuff for them to add it back again. Um, so I can definitely understand why someone might feel worn out after they've just constantly been removing the information from the same sites over and over again. Um, it definitely makes sense. Yeah. Thank you for completing my thought there.
Cause that's what I was going towards and I forgot to like close the loop on that is. We shouldn't need to pay for these data removal services. We should just have strong data privacy laws. And I know this is really not the best example, but it makes me think of years ago, somebody tracked... I think it was a journalist at Wired. They got the phone records of every phone that went in and out of Epstein's Island for like a year or a month or something.
And the ones that went back to Europe, as soon as they hit European airspace, the record stopped because GDPR is so strong there. that they just basically stopped keeping the records or they had been deleted by that point or something. Um, like everywhere else we could track the phones right back to their front door. But that was the only one that like, as soon as they hit European airspace, they stopped. And so like, it's laws are, I know laws are really contentious in the privacy space.
Cause some people are like, Oh, nobody pays attention to laws. They just don't work. And, and yeah, some, some companies will bypass them. And then when that happens, you have the right to sue them. Hopefully if they're well-written laws and you have private right of action, like, It's not a perfect bullet. We definitely need all these layers. We need the technical layers that enforce the laws, but we also need the laws that give you that protection in the first place.
And I would be â I'm not going to say I guarantee you. I would be very shocked for something like this to happen in Europe. I don't believe she was European. Because they just have stronger privacy laws. Yeah, it said she was American, right? Yeah, an American film actress. So yeah, that's definitely that.
And actually one more thing that occurred to me real quick while you were talking is the article says that the reason she and a lot of other adult actors use fake names and try to protect their privacy is because they don't want their family being harassed, which is a thing. that I could absolutely see terrible people doing. You don't have to like porn. That's fine. I'm not here to convince you that you should.
But a lot of people will take it way too far and say, I'm going to call your family and send them pictures of you naked, clips of you, and basically just harass them because it'll guilt you. And I think that's something I see more in authoritarian governments, I think, or at least that I read about more, is there was a human rights lawyer in Iran that... her daughter was basically arrested one time.
Um, I read this book years ago, so I may have the finer details wrong, but like her daughter was arrested coming in and out of the country. And she, Basically, the government was trying to pressure the author, the actual lawyer, the mom. They were trying to pressure her to quit her job and stop being a lawyer. And she told her daughter straight up.
She's like, I have to pretend like I don't care because if I bend and I give in to their demands, every time they want to pressure me, they're going to go straight to you and they're going to harass you. And it took months, but finally the government stopped harassing her daughter and left her alone and they've never bothered her since. And that's something that, I don't know, that's just a thought I guess I'm trying to get at is like, we tend to think of privacy as a very individual thing.
And a lot of the work is, you have to download Signal, you have to sign up for the services, you have to be mindful what data you put out there, but it is important to think about the impact of the people around you as well. And yeah. Yeah. I don't know if that necessarily applies to everybody, but I thought that was an interesting thing that the article pointed out.
¶ Age verification laws quick update
I think we've talked about that story plenty, unless you have any more thoughts to add. No, I'm good. I guess we could move on here to some, we got some quick stories here just to quickly cover because We've talked about this every week. There's more of these age verification laws for children coming out. It's really unfortunate. More countries are doing it. There was even some movement in the US as well. I saw today, this morning from Politico.
I think the governor of California was considering it. So there's definitely movement in the US as well. This doesn't apply just to... Australia and uh Europe it's now happening uh in the United States well it's moving to happen we'll see how that happens but um so yeah Newsom backs social media restrictions for teens under so he didn't entirely say this was going to happen he just was less against it than usual um so I'm not really certain about this.
I don't really know much about this guy, but, um, I think this is basically, he said that, uh, he was convinced that this was a good idea by some of the Australian, uh, movements from Australia where we basically implemented a social media ban for under sixteens. Personally, I think it has been largely pretty bad. It hasn't worked that well. Um, So basically now they're having, according to this article, they're now having a debate over whether this would be a good idea to implement.
And there's also another article that we have here, which covers basically, it's from TechCrunch, and it's basically covering all the countries that are moving to implement social media bans and age verification and identity verification. So Australia, obviously, we talked about that when it happened. Denmark is set to ban social media for platforms for children under fifteen. And France is also pushing for it for kids under fifteen.
So it needs to get through the Senate, though, before it actually gets passed. In Germany, there's also a movement to add a social media ban for under sixteens. There's still, you know, it still needs to go through and be approved before it actually happens. Greece is also close to announcing a social media ban for children under fifteen. Malaysia is also considering one for under sixteen year olds.
Slovenia is also drafting legislation to prohibit people under the age of fifteen from accessing social media. Spain has also announced But they plan to ban social media for children under the age of sixteen. And the United Kingdom is weighing a ban on social media for children under sixteen. So the UK, I would assume, would be pretty likely just because they've had the Online Safety Act for a while, which kind of required this stuff.
So it's pretty much a... it's just a continuation of what we've been saying before here. This is not great for people's privacy. There's no way that you do this without, you know, identifying people. And not everyone has ID as well. So you're locking people out of platforms. And I think you're also locking children out of communities that they, you know, some people have very niche interests. They're from a minority group.
They find solace in, you know, these, these platforms, these online platforms to talk and meet people. So taking away that access is probably going to be pretty detrimental. I think we're going to see that in the next couple of years, but it doesn't seem to have been super effective. At least in Australia, a lot of people are still bypassing it, but it could be that further restrictions need to be put in place before it becomes effective.
So we can only hope that that won't happen because we probably don't want, you know, people tap to upload their ID in every case, because right now they're using age assurance technology, which we've talked about and said, you know, that doesn't work very well. It's kind of racist. It's not great at determining people's age. And you basically have to send a biometric scan of your face. But yeah, do you have anything you want to add here, Nate?
I feel like we've definitely talked about this a lot. We probably don't need to go into super detail. Yeah, I don't really have anything to add. I just, it's, like you said, and, and I mean, I'm not Australian, but from what I hear, Australia's ban has not really been that much successful. Um, the UK is online safety has been a downright catastrophe, but you know, politicians are going to be politicians and they're going to, who, who was it? Um, I should know this one is American.
George Bush Jr. Like there's that famous picture of him standing on the aircraft carrier saying mission accomplished like three days into the Iraq war. And we were there for another twenty years. So or maybe it was three months, but it was like still it was. And that's that's just what comes to mind when, you know, all these politicians are like, oh, yeah, we should do what Australia did. And it's like, OK, come on, guys, like. Yeah, I don't know.
Changing your mind is not cool these days, I guess. But yeah, from what I've seen, it does not seem to have been successful anywhere at all. And I cannot imagine that that's going to bear out any different for anybody else. I don't know why they think it's going to work better for them. But yeah, it is. I will echo real quick. Somebody said in our private signal chat is like, it's really concerning how much this is spreading like wildfire.
So I can sit here and laugh at them and I can be like, God, they're so stupid. And I'm going to do that. But also it's, you know, it's one of those things where like, we can't, we can't take it not seriously because unfortunately even stupid people are dangerous in the right situations and they're gonna push this through if nobody stops them. And it's really important that we keep trying to like, this is why we keep sharing this every week, even though we don't really have anything new to add.
It's just to remind you guys that like, this is happening. And especially if you live in one of these countries or one of these States, you need to like contact your politicians and speak up and be like, Hey, this is bad. And you know, I'm not going to get too far into the whole thing, but like, Try not to come at them like they're idiots. I know I was just making fun of politicians, but try not to come at them and be like, oh, you guys are so dumb.
Try to come at them in good faith because if nothing else, you're probably going to win them over better that way. You certainly stand a better chance. Yeah, we really need to fight back against this and educate everyone on why this is a terrible idea and get people to understand that so that there's pushback because otherwise they're just going to rush it right through and everybody's going to be like, yeah, the children, sure. And it's going to hurt everyone in the long run.
So yeah, that's all I got.
¶ Forum updates
And with that, if you don't have anything else to add to that, we are actually going to move into our forum updates. So in a minute, we will be taking viewer questions. So if you're watching, go ahead and be sure to... to go ahead and leave those. There we go. That's the one I was trying to do. Be sure to go ahead and leave those in the live chat. Or if you're on the forum, you can leave them on the forum too. We will be checking that.
But for now, we are going to go to the forum and we're going to talk about a few of the hot topics that people have been discussing this week. And the first one, this actually came in pretty last minute. So I don't know if you had a chance to look at this one, Jordan, but it says, I verified my LinkedIn identity and here's what I actually handed over. We thought this one might be a good one to discuss in light of all this age verification stuff.
This is not the forum post, but real quick, I am going to share what it links to. This is like a blog post that somebody wrote. Um, so this person says that, uh, they wanted the blue check mark on LinkedIn. The one that says this person is real in a sea of fake recruiters, bot accounts, and AI generated headshots. It seemed like the smart thing to do. So I tapped verify. I scanned my passport. I took a selfie three minutes later, done badge acquired. Then I did what apparently nobody does.
I went and read the privacy policy in terms of service, not LinkedIn's the other company. Um, Which I know this author probably did this on purpose, but I think it's funny that they did the thing and then read the privacy policy. But yeah, so apparently LinkedIn uses this company called Persona, which I believe is the same one that Discord is going to be using. Don't quote me on that.
But yeah, you can see here, they went and read the privacy policy and basically Persota collects full name, passport photos, selfie, facial geometry, NFC chip data. I do want to point out a lot of the time privacy policies say they may collect this stuff. So like, for example, he says like, where is it? Postal address? I don't know how they would get that from just his passport because U.S. passports do not have your postal address on them. I think most passports don't.
But maybe they ask for it during signup or maybe it's one of those like if you submit a driver's license, we'll read the address off that. So I just want to point out like maybe not everything was taken. And obviously we know things like IP address. You can obfuscate by by using a VPN. But then like Mac address, OS version language, all of this is completely insane. Um, he said, here's the weirdest of hesitation, detection, copy and paste detection.
Um, which quick unrelated note, if you run a website and you disable copy and paste, you suck because password managers are a thing. I hate when companies do that. Um, but yeah, it's, and then they shared all this stuff with their quote unquote global trust, global network of trusted third-party data sources. And they use it for training AI, I think he said. And yeah, right there, uh, to train their AI, where does my face go? Here's what LinkedIn gets.
Here's what persona gets and the company that they, good God. Oh man. Yeah. This is just really crazy. And, um, just on the topic of all this, like, uh, like age verification stuff. It's, it's really worth, and he does have some actionable stuff towards the end for the record. Like, you know, if you can try to contact these companies, tell them to delete your data because they've already verified you. There's no reason they should be holding onto it in theory, but, um, and he's European.
So this is very much written for the perspective of like, you know, the GDPR says this and you can contact this person, but, um, um it's just very eye-opening because i think a lot of us especially those of us who are people who aren't really more into privacy they kind of think especially when the company says like discord you know it's like oh you'll submit it and we'll delete it as soon as we're done but they don't all say that and there are situations where they won't do that
and so yeah it's just kind of a it's kind of a very crazy thing um i thought it was a good read uh do you have anything you wanted to add to that So, yeah, you're right about Discord. So Discord was using KID originally. And because people kept bypassing it, they switched to Persona. So the benefit of KID is allegedly, in massive quotation marks, the picture doesn't leave your device and the scanning process is done on your device, right? That allowed people to bypass it.
So... persona, you actually are sending it to them, the image to them. And people looked a little bit more into persona, which I didn't even know. Unfortunately, it's very common persona. It's like a very common, like, uh, age verification, identity verification thing. Um, so people are bringing up, uh, basically this, this persona service actually has links to Peter Thiel's Palantir. So if you don't know Palantir, they make like spyware and like mass surveillance technology.
Um, so yeah, It's kind of concerning that there was a link here. I'm reading this article from Kotaku, and it says that one of Persona's biggest investors was Peter Thiel. So I'm not really sure. I don't know. This is very sus, obviously. It seems like there's some... connection here.
I'm not entirely sure what the whole context is for that, but, you know, I think it's also great that this person was able to put together a list of all of these data points that Persona is collecting, because I feel like a lot of people just assume that this data is probably collected, but it's good to get a validation that they are collecting passport photos, selfies, facial geometry. I'm not sure about NFC chip data.
I feel like you would have to scan the chip itself, which as far as I know, it doesn't ask you to do. National ID number, nationality, sex, birth date, et cetera. So a lot of that does make sense for the service they're providing, but Obviously, you shouldn't need to provide this in the first place. This is a lot of sensitive information. Someone could steal your identity with all this information. Yeah, so Draken Blacklight said, Peter Thiel is evil, and yeah, I would say so.
Like, yeah, evil CEO vibes, definitely. I don't really know too much about him, but I know quite a bit about Palantir, and it's, like, one of the worst companies to ever exist. Like, why would you name your company Palantir? Like, it's, like... That's like, are we the baddies? You know what I mean? So yeah, Nate, did you have anything you want to add there? No, no, I don't think so. I love that sketch for the record. That's one of my favorite sketches of all time. Are we the baddies?
Yeah. No, that's all I got on that one. I think we can move on to, we had one other quick forum post, I think. Did you have a chance to look at that one at all or? No, you can take it for sure. Okay. Yeah, it's just Entei. I swear I never pronounce it right. I think it's Entei. It might be Entei. I think it's Entei. Entei, the popular photo manager. They also have a password manager. No, not a password manager. Authenticator app. They have a two FA authenticator app.
But Entei, really cool people. They have released Entei Locker. which let me go... I can go ahead and share the blog post here real quick. So this is kind of... This is kind of like a very low, I haven't played with it myself and I feel bad I should have because admittedly I did get an email from them like two weeks ago that was like, Hey, we're giving people early access. Like, cause you know, I'm an influencer and they're like, just don't release it until this day. And I've just been so busy.
I haven't looked at it at all. And I feel bad. because I want to. But it's supposed to be like a little vault to organize and store your important documents. So for example, he cites like medical records, insurance policies, identity cards, passwords, and notes. They say that you can share them with trusted people. You can set up trusted contacts. So kind of like a lot of password managers these days have legacy contacts where they can request access to your vault.
And if you don't, reject it in a certain amount of time, like three days or seven days and they get access. And the idea is God forbid, you step outside tomorrow, you get hit by a bus, then somebody can still get access to your passwords and, you know, make sure the bills are paid or whatever. I think it's really more for, um, like head of household kind of scenarios or caretakers. Um, They say it's free for up to a hundred items, all features included.
If you're a subscriber, you can store up to a thousand items. It's fully end-to-end encrypted, fully open source. Uh, I don't know if this is self-hostable, but honestly, I wouldn't be surprised if it is in the future because I know Entei Photos is already self-hostable and they even have a blog post about how to do that. So yeah. Um, I think the question I've been seeing a lot of people ask and one I admit I will ask and, uh, I might email them back and ask this question, actually.
But basically, why would I use this instead of something like NextCloud or ProtonDrive? Well, I think NextCloud is obvious for several reasons. But something like ProtonDrive or one of the other cloud-based encrypted clouds that we would normally recommend. And I think in my personal opinion, I would say maybe the answer there is like, maybe it's like simpler or maybe it's kind of a more, a more minimal version. Let me put it that way.
Cause I will admit if my password manager, as much as I preach digital minimalism and I try to live by it, it still has hundreds of, of, of entries. It's cause you know, there's all kinds of things that like I use a couple times a year, like my medical portal I'm in, I'm relatively healthy right now. So I don't, really log into the doctor's office a lot other than like to schedule physicals and, you know, stuff like that.
What else am I, I don't even know, but there's things that I just don't log into very often, but I have accounts for them. And so, you know, if again, God forbid, if I were to get hit by a bus, I think I could see how it'd be stressful for my wife to have to go through hundreds of entries and try to figure out like, you know, okay, which one is where we pay the rent, which she should have access to that too.
But you know, which one's where we pay the rent, which one's utilities, which one's insurance, which one's banking this, that, and the other. And I could definitely see it being really useful where there's a space where like, look, here's like, the ten or fifteen things you need to keep a roof over our head, keep groceries, and just figure everything else out later.
So I think for me, or maybe if you don't use the cloud, if you just keep really steady backups, this could be the one minimal cloud you use, especially if you're already an Entei user. I don't know. Those are kind of my thoughts, just off the cuff. But do you have any thoughts on this product, Jordan? I mean, yeah. I kind of see it as... I guess, an extension to a password manager or just like an alternative, I guess. I don't know. I think this is an interesting idea.
I'm not sure if this sort of, I feel like there's been a couple of companies that have tried to do a similar product. I guess it's nice to have everything in a separate spot. It kind of makes sense that Entei is kind of trying to have like a drive-ish sort of thing. I guess it's more like, I feel like it's more like a password manager, but yeah, I mean, this is a password manager. I think if, if we, if we're being honest, like this is basically just like a password manager.
So, I mean, it'll be interesting to see how this product works in like, you know, I haven't personally tried it out. It says it is available right now in the app stores, any popular app stores. So it could be an interesting alternative, but I think we'll have to watch it closely. It seems like it's less about auto-filling, like it's more just like a specific place to store private documents and stuff. So I'm not sure if this needed to be a separate product or not.
I feel like there's already products that do this. But I think if they build out the features to really cover a lot of these important things that people need a separate app for, for instance, Compartmentalization is good. I think, you know, not having all those documents in your password manager, but instead in this separate app would be a security benefit to some people. So, I mean, I don't think it's a terrible idea.
I think it's something we'll have to watch because right now it does look relatively basic, but it is kind of expected considering they only just released the product. So yeah, overall, pretty interested in it. But I think it will need some extra testing, and we'll see how the development process goes. Yeah, I'm with you. I'll be interested to see where they take it.
I will say, to me, it doesn't strike me as a password manager, because the photos they show, the screenshots are like, there's a JPEG, there's a couple of PDFs. I don't know. This one here looks interesting. It says thing, and then the subtext is... uh, save location of real world items. So like, I guess you could drop like a GPS pin, like, Oh, this is the storage unit or something, which I mean, for the record, of course there's workarounds.
Like you could put that in the note section of your password manager. Right. But I don't know. That's interesting. I kind of like that. I think I do want to dig into this a little more. I'm interested. I'm not, like you said, I'm not totally sold. Um, but I would be interested to know what they think the use cases for this and And yeah, I think I'll shoot him an email this weekend, because I do like it. It's just, yeah. And real quick, actually, I think that does take us to our questions.
So I was going to mention Lucas here. Lucas said, would a one thousand password mean one thousand items? Like a one thousand character password? I hope not. But yeah, I mean, I think a password would count as an item, to be honest. So yeah, let's go ahead and transition to our Q&A section here. Unfortunately, it does not look like we have any questions on the forum. Might be kind of a light week.
But were there any questions you specifically noticed, Jordan, or any comments you wanted to shout out? Someone said, floating head, question mark. Yeah. You know, it's good. You need to protect your privacy. You know, everyone has certain requirements. So that's just my requirement. I feel like everyone can understand that in this community, you know. So not really surprising, I don't think. Is it a locked note app or a password manager, Lucas says.
I guess it's... I feel like it's in between that because it does store passwords technically and it also stores... like Nate was saying, like that other information. If you watch the actual, like there's like a one minute intro video from the CEO, Vishnu. If you watch that, it was the reason he decided to create it was because his dad was struggling with like storing documents securely and having a way to access it.
So it does seem like, you know, It is a tool that is applicable to some people, maybe not as much for people who are really into privacy and security stuff, but I think, you know, It's clear that they've thought out this product quite a lot. So I don't know. I think it's worth downloading it and trying it yourself if it fits for what you need, if you need this sort of app. I mean, I don't need every single app that you need. Everyone has different needs.
So if this is something you do need, maybe check it out. And maybe it might actually be something that... fits your use case. Obviously, Privacy Guides is not going to recommend this until we've had it announced by the community and it passes all of our criteria.
But I would say that's pretty likely that will happen just because Entei has a couple of their products listed on Privacy Guides already because they've been so great about auditing their software and, you know, being generally proactive. So I wouldn't be surprised if the same thing happened for this new app. ANDREW FITZ GIBBONS, Yeah, for sure.
¶ Q&A
Um, not really a question, but earlier when we were talking about persona, Lucas said that apparently discord has stated they will not continue to use persona for age verification because of all the pushback. So, um, I've heard a lot of conflicting things. I've heard they, they started working with persona and then they're not. And I've heard there's like you said, there's like ties to Peter Thiel and, um, yeah.
So I hope they stop working with them, but I haven't done any digging on that myself. And then just one other one real quick. Hello Hello said, they're straight from Mordor. For those who don't know, because you're not a massive nerd like me, Palantir is the name in Lord of the Rings It's been a while. I'm due for a rewatch because I know it's like the twenty fifth anniversary of Fellowship of the Ring this year.
I think Palantir, the Palantir is like the little orb that the bad guy Sauron, he's like the big bad guy and his like secondhand Saruman. They use it to communicate long distances, kind of like a crystal ball. Um, I could be getting that wrong. Like I said, it's been a long time and I haven't read the book since I was really young, so that's not going to save me either.
But, um, yeah, but it is literally like there's a company in China that named themselves Skynet because the CEO really liked the Terminator series. And it's the exact same thing. It's just like, oh, I'm a huge, and they all do it. There's another one called Enduro, which is another Lord of the Rings reference. Um, there's others I'm forgetting, but they all do. And I feel like they do it to be like cheeky and funny. Like, Oh, we're just a bunch of harmless nerds.
And it's like, okay, but that's like in a thousand years. And actually it's not like this because this actually happened, but like, imagine in a thousand years, some companies like, Oh yeah, we named ourselves like third Reich industries. It's like, what the hell is wrong with you? Like, why would you do that? Like you said, it's like, are we the baddies? Like, yes, you're trying to prove you are. It's, it's insane, but. Yeah, I digress.
I mean, I personally thought that their logo looked a little bit like the Eye of Sauron a little bit, but I mean... Oh, hold on. I've never seen their logo. I have to go look this up now. I don't think I've seen their logo. I feel like it does look like the Palantir thing that you were saying. It does look like that. Yeah, it's like him holding the orb. I see it.
Oh my God. Yeah. I almost wonder if they are like genuinely malicious and this is them just like trying to, like, you know how a lot of times people in conspiracy theories will be like, oh, they're leaving all these breadcrumbs and it's like, no, you're reading into it. And this almost makes me wonder if like, are they right? Like, are they genuinely leaving breadcrumbs and we're just ignoring it? Because that is so spot on. That is horrifying. I don't want to live in this timeline anymore.
Okay. I digress. Do you have any other questions or comments you want to highlight? Not really. I think this has just sort of been a quiet week this week. So thanks, everybody, for chatting in the chat with us and stuff like that. But yeah, it doesn't seem like we have any questions on the forum, unfortunately. Yeah. Thank you, guys, who showed up and chatted. Thank you for the regulars. It's always nice to see you guys.
¶ Outro
Um, all the updates from this week in privacy will be shared on the blog every week, uh, which is already out now. And in case you guys didn't know, we've started sending that out right when we start streaming. So, um, if you want to go sign up for that as a newsletter or subscribe on RSS, that's a good little indicator right there. Reminder, um, to get that notification for people who are audio listeners.
We also offer the podcast available on all audio platforms as well as RSS again, and the video will be synced to peer tube shortly after this. Privacy Guides is an impartial nonprofit organization that is focused on building a strong privacy advocacy community and delivering the best digital privacy and consumer technology rights advice on the internet. If you wanna support our mission, you can make a donation on our website, privacyguides.org.
To make a donation, click the red heart icon located in the top right corner of the page. You can contribute using standard fiat currency via debit or credit card, or you can donate anonymously using Monero or with your favorite cryptocurrency. Becoming a paid member unlocks exclusive perks like early access to videos, priority during the live stream Q&A, and on our forum, you get a cool little badge in your profile and the warm, fuzzy feeling of supporting independent media.
So thank you all so much for watching, and we will be back next week with more news. Bye.
