r/theprivacymachine

I need to vent about this because I'm STILL shaken from what happened to my mom last week… I'm 41, my mom is 68, lives alone, she called me crying asking me what is vishing because she'd almost been scammed out of $4,000. She got a phone call from someone claiming to be from her bank saying there was "suspicious activity" on her account and they needed to verify her information immediately to stop the fraud. The caller ID literally showed her bank's actual name and phone number. The person on the line knew her name, the last four digits of her account, and even mentioned a recent purchase she'd made at Target.
She was THIS close to giving them the verification code that came to her phone (which would have let them into her actual account) when something felt off and she hung up. Thank god. But she was a mess afterward and I spent two hours on the phone with her trying to explain that this is a real thing that happens to people every single day now.
So I researched what is vishing and how widespread it's become, and I'm horrified. seems like voice phishing scams have exploded in the past year, and with AI voice cloning getting so good, scammers can now imitate specific people's voices from like 30 seconds of audio from their social media. There's a whole growing industry of criminals running these vishing operations and our parents have no idea.
nobody is actually warning older adults about this in a way they'll understand. My mom knew about email phishing (we drilled that into her years ago) and she knows not to click sketchy links. But what is vishing in a practical sense? Nobody told her that phone numbers can be spoofed to look like her real bank. Nobody told her that the "verify your identity" language is the giveaway. Nobody told her that legitimate banks will literally NEVER ask for verification codes over the phone.
I tried to talk to her about it and even she said that the caller ID showed my bank, how was I supposed to know? And she has a point. The technology that lets scammers do this is way ahead of what most people understand is even possible.
I've been trying to figure out how to protect her going forward. I told her to hang up on any call about her accounts and call the bank back directly using the number on her card. I'm thinking about getting her one of those call screening services, but I don't know which ones actually work versus which ones are just another way to harvest data themselves (the irony). And I'm now paranoid about my own dad, my in laws, my aunts and uncles... basically every older person I love.
what is vishing protection actually supposed to look like for older adults who aren't tech savvy? Is there a realistic way to safeguard them without just hoping their gut tells them something is off, like my mom's did? Because we got lucky once and I don't want to count on luck a second time...

So aye basically what the title says.

I'm looking for devices that fit the same consummer niche as a fire stick that is ideally more privacy focused.

I dislike the lack of information control the consumer has over smart TVs and basically anything amazon makes and want to try and find an alternative that allows some of the benifets offered by a smart TV without feeling as creeped out by it 🤣

May just be wishful thinking but surly some company has realised theres market out there for people who want a little more convenience without having to accept all of the creepy information harvesting.

I have been teaching myself about the "domain name system" settings this week to try and stop the popup ads and other web junk on the Edge browser. I was reading a computer blog that mentioned a tool called Microsoft Sentinel that watches your network for cyber attacks. Seems like a good security layering for my laptop.

I logged into my Outlook but I cannot find the download button for it anywhere. Is this something I can install on my Windows laptop to watch my home wifi, or do I need to buy a different router?

I am slowly getting the hang of IP addresses and how my computer talks to the internet gateway, but now I am looking into the MS Sentinel and figuring out if its any good for my "privacy stack"

I have been using the app for years Is it too late

I want to to permanently delete it but Do they still have my data

Should I be worried about anything, like will my snaps be on the darkweb etc, I’m scared about my privacy,

Some apps don’t give much choice, so wondering how people balance usage versus limiting access.

im kinda scared about how much of my stuff is floating around online, i got a weird call last week with way too much personal info, freaked me out, so started looking into online reputation management because a coworker said i should hire someone to clean up my digital footprint
but the more i read the more it feels off. these companies want my full name, old addresses, jobs, family info, basically everything just to get started. so im paying someone to build a giant file on me to protect me from people who have files on me. that cant be right
also seems like most of what they do is just opt out stuff from data brokers that i could do myself for free if i sat down for a weekend. and some of them create a bunch of new pages with your name on them to push down the bad ones, which sounds like the opposite of privacy to me
anyone here actually used online reputation management and felt like it helped, or is this just one of those things where you pay someone to make the problem worse and not know it? trying to figure out if im being too suspicious or if my gut is right on this one

Many articles on the topic as is, though this guy's post on Linkedin was straight on the technical side without the article fluff which I feel is more important if you dabbled in BitLocker

Some guy out of spite for Microsoft released BitLocker vulnerabilities over the web, and on Github of all places(owned by Microsoft which is absurd). Normally, you would get paid for such a bug bounty, though I heard he had some sort of falling out with the arrangement, so he decided to go vengeance sicko mode instead. Funny how Microsoft essentially tried to shut down VeraCrypt only to get a bit of their own medicine. Irony. Gotta love seeing it

Worth to check your BitLocker setup if you have been using it as well as the hacker's Github since he did give nice details of what was at fault even with all the spite he held

From the guy's post I linked:
"What to action now:

1. Enable BitLocker pre-boot PIN on laptop devices
2. Set a BIOS password
3. Disable USB boot
4. Alert on unexpected WinRE entry events in Intune or your SIEM."

I would like some advice for my public wi-fi usage.. Could somebody clarify if any of these are unsafe?

1. Checking public local news sites, and weather. Seems like a straight-forward thing;

2. Streaming music/videos. Not really seeing any risk here either;

3. Browsing my social media *with* my account already logged in. If I had to log in during a public wi-fi session, this seems bad;

4. Checking public transit and navigation data(Uber etc.). Once more, if the apps have my credit cards stored, I feel like it is fine. Otherwise, if I had to add something on the spot, this would seem like a risk;

5. Logging into banks, or shopping. This seems like a bad thing, though I believe I can mitigate this with a VPN to stay safe if needed.

Could somebody tell me if something seems off? Otherwise, are there any risks I didn't notice? Seems like a VPN could mitigate most of these risks..

Planning out a distant trip, and sort of feeling like I am going into uncharted waters without knowing what risks other countries might have with internet usage(Vietnam)

Im trying to do basic searches without google shoving a summary at the top of every single result and i want to turn off ai mode google... its driving me nuts honestly. half the time that ai answer is wrong anyway and i still have to scroll past it to find a real link
tried a few things already. on my laptop i found some chrome settings to turn off ai mode google has built in. helped a little but the ai summaries still show up on the actual results page. also tried adding -ai to the end of my searches which works but i dont wanna do that every single time. who has the energy
on my phone its even worse. went into the google app, tapped my profile, found search labs, switched ai mode off. restarted the phone. still seeing ai summaries on basically every search. so either the toggle doesnt do what it says or theres something else im missing
also, even when i turn it off, my searches probably still go through the same ai stuff on googles end, the toggle just changes what i see. so the data is still being processed either way which kinda defeats the point
ive tried other search engines too (duckduckgo, brave) and theyre fine for most stuff but i keep going back to google for specific things because the results are just better
is there a real way to turn off ai mode google uses or is the only real option to stop using google completely? feel like im fighting toggles that dont actually do anything

I have some laws problme and i need my website cuz i making money with but how to hide my realy location and number and data that law can not find me

A funny video of a blurry looking guy... Look how he cant move anything over his face. The guy doing the interview didnt manage to get him to throw a few fingers in-front of his face

Yo what’s up everyone,

Just wanted to share a quick appreciation post for the mobile setup I finally got dialed in on my phone. I used to bounce around between different premium paid VPNs, but I was getting tired of the random slowdowns and clunky apps.

I decided to piece together a custom stack using three free tools, and honestly, the performance is blowing me away. Here’s what’s under the hood:

## How it actually works:

I tap a link ➔ NextDNS strips out the ads and tracking junk ➔ RethinkDNS processes it ➔ Cloudflare WARP wraps it all up in a super fast WireGuard tunnel.

## Why this setup goes so hard:

* Literally $0: Getting enterprise-grade privacy and global infrastructure for free feels like a total cheat code.

* Stupidly Fast: Traditional VPNs always add a bit of lag when servers get crowded. WARP connects straight to Cloudflare's massive edge network. My traffic routes through Atlanta but pins me locally to Jacksonville—the ping is basically nonexistent. Web pages load way snappier than they ever did on premium VPNs.

* Ghosting my ISP: My real mobile carrier/ISP sees absolutely zero browsing data. Websites just see a generic Cloudflare data center IP instead of my actual location.

* Battery Saver: WireGuard is super lightweight on Android, and because NextDNS is stopping heavy ad scripts from downloading, my phone isn't cooking itself or wasting data.

You get a rock-solid firewall and full traffic encryption, you should definitely look into this combo.

Disclaimer: I wrote the actual content and tech breakdown, but ran it through AI to clean up the formatting/markdown so it doesn't look like a wall of text. Let's talk about the DNS setup, not the grammar.

Can anyone help me access my gmail account? No phone or backup account.

What is a sweetspot for firewall settings to not go full North Korean mode but still have a secure system foundation? Seems like having everything cranked up to the max just breaks half of my apps. Some are kinda old from Windows 7 era, so maybe thats it, yet it works fine if I keep the default firewall switches on

Basically, want my apps to stay safe but limit outbound connections and the ones that could come in without halting my apps. Outbound rules is a foggy forest I'm stuck on right now but been sweating over the public and private profile settings. I might have messed something up on those steps

Anyone got something to suggest in that regard? I know my way around settings, or if somethings not clear, I can look it up but not sure what sweetspot to pick if it is even possible without antivirus tools being in the security setting mix

I've been using the saved passwords on iPhone feature for years without really thinking about it. At this point I have probably 200+ passwords saved across banking, shopping, kids' school portals, medical accounts, everything.
Last week my husband mentioned his coworker had her iCloud compromised and the hacker apparently got access to all her saved passwords instantly. 
My entire digital life is basically behind one Apple ID password and a Face ID scan. If someone got my iCloud credentials through phishing or a data breach, would they have access to all my saved passwords on iPhone too? Apple's documentation talks about end to end encryption and secure enclave but never actually answered my basic question.
Also, when I go into settings I can see every password in plaintext just by using Face ID. So anyone who has my phone unlocked could just scroll through everything? That doesn't feel very safe
How safe is the saved passwords on iPhone system really, and should I be moving everything to a real password manager instead?

I work in IT, mostly sysadmin and network support. Started paying more attention to my home network after helping a friend recover from a basic SSH brute force on his self hosted setup. That got me checking my own setup and now I'm second guessing some defaults I never really thought about.
I'm trying to understand what is the 22 port actually doing in a normal home setup, and how exposed I am without knowing it. I know the basic answer, but I want to understand the real world privacy side better.
My setup at home is pretty standard. A consumer router from my ISP, a NAS box, a Raspberry Pi running Pi-hole and a few small things, and two laptops. Normal home internet, no static IP.
I ran an outside port scan on my public IP from a small server I rent, and port 22 came back as filtered, not open. That's what I'd expect since I never set up port forwarding for it. But then I noticed the NAS has SSH turned on by default on the local side, the Pi has SSH on too, and one of the laptops has remote login switched on (probably something I clicked years ago and forgot about).
also, even if what is the 22 port doing from the outside is basically nothing, on the inside it's running on a bunch of devices. That means anything on my home network (including a couple of smart plugs and a TV I don't fully trust) could try to connect. I have no real way to see if they ever do.
My router logs are not helpful for this either. The interface shows me some basic traffic but nothing detailed enough to see if random devices on my network are scanning around for SSH. And I have no idea if my ISP logs anything on their side.
The other thing that bugs me is moving SSH to a different port. Half the stuff I read says that hiding the port is pointless, the other half says it cuts almost all the random scan noise from your logs. Both kind of make sense and I can't tell which one actually matters for a home setup where I'm the only person using it.
 how much of a real privacy concern is what is the 22 port doing on the inside of your network, compared to the outside? Is it worth turning SSH off completely on devices I don't actually remote into, or is the inside risk basically nothing if my router side is clean?

Currently I am working on blochain P2P Energy trading project , I am a researcher at IIT Kharagpur, Till publication of paper I am keeping my repository private .