profincognito.me
Security & Privacy Researcher | Advocate for Privacy, Open Source & Digital Rights
š MS Cybersecurity @ Northeastern University
š https://profincognito.me
74 posts
153 followers
115 following
Regular Contributor
Active Commenter
comment in response to
post
comment in response to
post
It felt great to nerd out on privacy advocacy and the possibility of community-run internet. We even wrapped it up with a conversation on improving our personal healthābecause whatās success in tech without taking care of ourselves first? Feeling energized and inspired!
comment in response to
post
Telegram isn't fully open source - only client apps are. Server code is closed. They also use MTProto, their homebrew crypto protocol. Reminder: 'Don't roll your own crypto' exists for a reason. Any serious security product should use established, peer-reviewed protocols instead.
comment in response to
post
The line must be drawn. The First Amendment isn't just Americanāit's humanity's blueprint for freedom. Its erosion threatens more than speechāit endangers democracy itself. Defend it now, or lose it forever.
comment in response to
post
Today, they censor 'misinformation' and 'hate speech.' Tomorrow, it could be criticism of policies or leaders. If America's beacon of free expression dims, it sets a global precedent. A world of controlled narratives follows.
comment in response to
post
š is here, y'all!
comment in response to
post
One solution? Containers.
Implement strict isolation using SELinux policies, seccomp filters, and network namespaces. Lock down resources with cgroups, enforce read-only filesystems, and validate every action with ephemeral tokens. Each AI agent becomes its own hardened, containerized environment.
comment in response to
post
X was never a free speech platform as they claim it to be. š
comment in response to
post
Works everywhere including mobile!
comment in response to
post
Have you tried YT using Brave? I never saw an ad. It blocks all kinds of pop ups too.
comment in response to
post
Not a cryptographer by any means - taking Applied Cryptography with Prof. Rushanan @northeasternu.bsky.social inspired me to do this.
Would love feedback from the cryptography community, especially if I've misunderstood anything. Mad respect to
Moxie and the Signal team for designing this.
comment in response to
post
No worries āļø
Happy to clarify!
comment in response to
post
Only Zcash t-address is available when you use the website. Itās NOT a shielded address (z-address) meaning all the transactions are visible on a public blockchain ledger.
comment in response to
post
Private messengers should accept private donations like #monero #xmr and shielded @z.cash #zcash
Let me know how I can help to make this happen!
comment in response to
post
Bottom line: If you're someone who values privacy for your health metrics, Apple Watch sets the gold standard at the moment (for iOS users).
Privacy should be the default. If companies can access your data, they will be compelled to at some point. Choose systems that protect your privacy by design.
comment in response to
post
If you're a @grapheneos.org user concerned about wearable devices, I'd recommend checking out their official documentation. I haven't deeply researched those setups yet, so I'll defer to their expertise on privacy-preserving fitness tracking approaches.
comment in response to
post
With Appleās strict approach, losing your password could mean losing your data forever. Google and Samsung can analyze patterns across users (with consent I hope) to develop new health features. Apple requires users to explicitly opt-in to studies through ResearchKit.
comment in response to
post
Google and Samsung use TLS encryption for transit and AES-256 for storage. These companies maintain the ability to access data server-side. They encrypt data in cloud, but not end-to-end. This means that while your info is still "protected", itās accessible to the companies if a situation arises.
comment in response to
post
To get better protection: you need to have 2FA on your Apple ID, passphrase set on your iPhone, iCloud backups on. Then, the health data is basically sealed off from everyone but you. These requirements ensure proper key management & secure storage of your encryption keys. github.com/iAnonymous30...
comment in response to
post
Apple's health data privacy uses end-to-end encryption (E2EE) for iCloud sync. This covers everything from heart rate and ECG to sleep tracking and workout data. Your metrics are encrypted on-device and stay that way until decrypted on your authorized devices.
support.apple.com/en-us/102651
comment in response to
post
Rust
comment in response to
post
When I say open source, I mean @opensource.bsky.social's definition: software that guarantees ALL essential freedomsāuse, study, modify, and distribute.
The hyphenated open-source? Just a generic adjective.
The movement is about freedom, but security sometimes settles for transparency.
comment in response to
post
Source-available ā open source.
Licenses like MongoDBās SSPL allow you to view code but restrict freedoms like modification, redistribution, or commercial use.
From a security perspective, source-available often suffices for code audits, but it lacks the trust guarantees of true open source.