• AgentGrimstone@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    6 days ago

    I’m still pissed the email I had managed to keep junk free for years was leaked because my insurance company had a breach.

    • frayedpickles@lemmy.cafe
      link
      fedilink
      English
      arrow-up
      8
      ·
      6 days ago

      Simplelogin/anonaddy

      That having been said, keeping an email “private” is roughly as silly as people who think phone numbers are private, as if the white pages never existed.

  • ChaoticNeutralCzech@feddit.org
    link
    fedilink
    English
    arrow-up
    11
    ·
    6 days ago

    Does your company/school provide employee/student Microsoft 365 licences? Ask your Windows-using colleague to check that “Optional Connected Experiences” are enabled and tell the IT team that they are likely allowing genAI training on internal documents (Microsoft seems to have reserved the right to do that and never denied the allegations). Yes, they can disable this organization-wide and will likely contact Microsoft over this, and if enough of us do this they’ll know they crossed a line.

    If your company’s IT team does not respond, you’ll have another argument getting your peers over to LibreOffice.

    • Phoenixz@lemmy.ca
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 days ago

      We’re working hard to get rid of Microsoft as last we checked, we can’t disable copiloi using our data used on SharePoint without also removing all required user functionality like searching documents from SharePoint. We searched everywhere and literally couldn’t find a way to remove that.

      I know that government is storing citizens data there…

      WTF, why have companies ever decided to use Microsoft ?

      Dump Microsoft, now.

      • Zeon@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        6 days ago

        Because the IT Manager is a clueless imbecile who only wants things his way and will not take in any other alternatives whatsoever. Doesn’t matter if it’s better for the company, they insist on having everything their way.

        • nature_man@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 days ago

          I remember bringing up possibly switching to linux to my IT manager at my previous job, I was told, and I quote:

          I would love to, windows sends a lot of junk network traffic and that sometimes makes it hard to investigate shit, but I was told by corporate that people already know windows and we already paid for the licenses, so no.

          That’s basically been my experience as well whenever I recommend linux over Windows to corpos, they can’t understand that there are valid reasons to switch, they are corporate and they know better than you, even when they know nothing about your field!

      • IamAnonymous@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 days ago

        I believe the government gets a different version of Windows. My work has blocked copilot and all the AI tools. The search function in Sharepoint works for me though. Companies cannot afford to dump Windows. They need to hire people with Linux knowledge or train existing employees and most importantly rewrite programs still using MS DOS.

        • ChaoticNeutralCzech@feddit.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          6 days ago

          programs still using MS DOS

          Ever heard of DOSBox, the multiplatform DOS emulator?

          But yes, the lack of support for Office and other programs on Wine is a problem.

  • beanlink_@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    7 days ago

    Until there is serious consequences to data breaches and criminal charges it doesn’t matter. It’s been a free for all for a long time the best we can do is simply keep using products or services that respect your privacy and discourage or not use services.

    • Bytemeister@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 days ago

      Yeah, our response to the Equifax breach was the end of data privacy. Oh, you lost literally all of the data for all of the adults in the US that you have been tracking without consent? All good, don’t worry.

      Really, the response should have been the FBI taking all of their equipment, figuring out exactly what was stolen, notifying all the victims, then formatting and shredding all the equipment and sending Equifax a bill, on top of a huge fine.

  • cum@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    6 days ago

    I can control if I use Linux or not. I can’t control my government being bribed lobbied by big tech that shits on consumer rights. I know what can reasonably change. Also the therapist and doctor offices are bad examples, because they have strong legal defenses through HIPAA.

    • chiliedogg@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      6 days ago

      They do have HIPAA. That doesn’t mean their IT departments configured Windows correctly. Especially if it’s a government facility that’s required by law to accept the lowest bid from a third-party IT provider.

      I work in municipal government, and our third-party IT is absolutely terrible. They can’t manage to set up an email address or image a computer without inventing 19 new ways to fuck it up. They’ve called me for help with my coworkers’ computers. If I worked in tech, that wouldn’t be so bad, but I work in the planning department.

      • cum@lemmy.cafe
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 days ago

        Technical issues are irrelevant. If Microsoft is caught acting on this data, then they are in a lot of legal trouble. As far as I know, HIPAA doesn’t have exceptions for unintentional data leakage from inept admins.

  • minorkeys@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    2
    ·
    edit-2
    6 days ago

    This is exactly the same argument we had with the loss of anonymity brought about by social media participation, primarily of Facebook. Now more and more of the digital space connects with the real world and other people end up giving out info about you. Then we had cameras and microphone put in every smart device and people bought those eagerly just so they could play with the equivalent of the latest dog face filter, putting them everywhere so you get spied on all over the place.

    The average person is walking civilization into a nightmare and individuals who notice can do nothing about it. People will not let responsibility ruin their recess. They’re children handing control of everything in their lives over to psychopaths who are re-enslaving all of us. Lemmings off a fucking cliff bought off with a series of damned toys.

  • TriflingToad@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 days ago

    got ‘Hogwarts Legacy’ for $17 on a sale ($60 normally) and after starting it up I got put on a shader caching screen for literally 10 minutes It instantly put me on a screen that forced me to go to some 3rd party website to enter my email and IRL location for them to delete my data if they had it, BUT IT DIDN’T EVEN WORK. It showed an error message!!

    Then it gave me literally 15 customizeable items I don’t care about then after literally 20 minutes of playtime IT CRASHED.

  • ProgrammingSocks@pawb.social
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    7 days ago

    Pretty sure we all know that. I’ve been using Linux full time for about 8 years now. I’m also EXTREMELY aware that I can’t change what OS an organization runs. It’s a systemic problem.

  • leadore@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 days ago

    On a side note, I don’t discuss anything with gmail users that I don’t want indexed and stored in Google’s dossier of me.

  • drathvedro@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    edit-2
    6 days ago

    But does your medical clinic do? Does your therapist do? Does your family member…

    Surprisingly, yes. Though they’re not happy with it, for various reasons. But it was refreshing to rant to my therapist about snap, apt and systemd and have them truly understand me.

  • rumba@lemmy.zip
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    6 days ago

    Dude, I can’t even demand my health care insurance cover anesthesia for a procedure. Demanding anything from the government or a corporation is absolutely pointless at the moment.

  • BendingHawk@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 days ago

    I hate to say this, but PRIVACY IS DEAD… Atleast online… Unless, you are an IT expert and been using VPNs since 2001.

  • tekato@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    7 days ago

    Using Linux does not make you safe either. Given that almost every server runs Linux, you can bet good money that most intelligence agencies have a few full time employees adding backdoors to the kernel XZ Utils style, and at least one of them has succeeded.

    • deaf_fish@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 days ago

      True, but I’m a betting man and I bet that the US intelligence agency is so deep in Microsoft that Linux looks totally free and clear by comparison.

  • raspberriesareyummy@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    6 days ago

    Valid. I also don’t have the “I don’t care” stance but rather that medical providers etc should go to jail for storing data on unsecure infrastructure

  • einlander@lemmy.world
    link
    fedilink
    English
    arrow-up
    164
    ·
    8 days ago

    Don’t forget with the Recall feature, you may be on Linux and are using a secure communication application, but if who you are talking to is on windows your conversation can be scraped.

    • Hellfire103@lemmy.ca
      link
      fedilink
      English
      arrow-up
      90
      ·
      8 days ago

      Same thing with email. It’s all well and good if you’re using ProtonMail or Tuta or Posteo, but you’re still cooked if the other side is using Gmail.

      Old problems, new modi operandi.

      • ASDraptor@lemmy.autism.place
        link
        fedilink
        English
        arrow-up
        25
        arrow-down
        1
        ·
        8 days ago

        Afaik, with proton you can send messages that won’t open through gmail if you protect them with a password. The other person receives a message with a link to open the mail in a browser after entering the password. It’s not the easiest solution but if you want to avoid gmail from knowing the contents of a message, you can do that.

        • bitwolf@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          14
          ·
          7 days ago

          Do Proton remotely erase the message on the recipient’s email server? Even if it’s not a protonmail server?

          • Arcka@midwest.social
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 days ago

            Someone correct me if I’m wrong because I don’t know how proton works on this. These type of things usually don’t send the protected content in the email to the recipient’s server, they just send a link that the recipient opens and it’s all still kept on the private service’s server.

    • jonne@infosec.pub
      link
      fedilink
      English
      arrow-up
      43
      arrow-down
      1
      ·
      8 days ago

      It’s not like companies that use Linux don’t get breached either. Your personal data is in thousands of databases that have varying levels of security. Personal choices don’t affect any of that, regulations like GDPR are what’s needed.

      • Rivalarrival@lemmy.today
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        1
        ·
        edit-2
        8 days ago

        GDPR has much the same problem: it can only actually be enforced against entities with a presence in Europe. When Europeans do international business, the GDPR only protects them if that foreign site has a business presence within Europe. When they have no bank accounts or business assets inside the EU, they are not subject to the GDPR.

        Even though the GDPR covers your side, it doesn’t always cover the other side.

        • jonne@infosec.pub
          link
          fedilink
          English
          arrow-up
          21
          ·
          edit-2
          8 days ago

          That’s why I said “regulations like the GDPR”. The US and other blocs need similar regulations. Especially the US is important, as they’ve shown that they’re willing to stretch the size of their jurisdiction to sometimes absurd lengths.

          That’s usually a bad thing, but in this case that might be good.

          • Rivalarrival@lemmy.today
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            7 days ago

            I think you missed my point…

            I am not subject to the GDPR. I don’t have to abide by it. Even if my country adopted a GDPR-like regulation, that regulation would only apply to my privacy. Not yours.

            Microsoft has proven themselves overtly hostile to privacy. Yours, mine, and everyone’s. The available options are:

            1. Attempt to regulate them into behaving like decent human beings.

            2. Avoid their business.

            When my therapist is using a system that is overtly hostile to their privacy and mine, the solution is not to ask the government to chastise their attacker. The solution is to eliminate their reliance on their attacker, and get them in a system the attacker doesn’t control.

            I’m not saying we should avoid GDPR-like regulation altogether. I’m saying that at the OS level, Linux is intrinsically compliant with the intent of such regulation but may not comply with the letter, if the letter requires some sort of affirmative confirmation or certification of compliance that would be complicated for the developer to implement.

            Microsoft will be able to be technically compliant with the law, but will definitely subvert it’s intent and purpose however it can.

            Regulation will likely have chilling effects on the better option, while promoting the worse.

            • Arcka@midwest.social
              link
              fedilink
              English
              arrow-up
              2
              ·
              7 days ago

              Even if my country adopted a GDPR-like regulation, that regulation would only apply to my privacy. Not yours.

              That could depend on how the regulation is written, so we should push to have these new regulations cover all users of services hosted in our countries.

    • umbrella@lemmy.ml
      link
      fedilink
      English
      arrow-up
      7
      ·
      7 days ago

      this goes for pretty much every single chat app out there. most of the popular ones are proprietary and go through private servers.

      privacy is important kids.

    • AbsentBird@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      ·
      7 days ago

      So it’s not enough to brag about being on Linux ourselves, we should be encouraging our friends to switch to Linux as well?

    • nialv7@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      2
      ·
      7 days ago

      How’s this different from someone just record your call? The thing you are worrying about has been possible long before Recall is a thing.

  • Limonene@lemmy.world
    link
    fedilink
    English
    arrow-up
    93
    arrow-down
    3
    ·
    8 days ago

    But does your medical clinic do?

    No, they don’t, and it pisses me off. Every time I see it, I think, Well, there goes my medical privacy.

    But where else can I go? There’s only one health company in town, and they bought all the doctor’s offices.

    Who can I complain to? The doctors and nurses are visibly frustrated with Windows every time I see them use it. If they can’t change it, how could I?

    • Nyanix@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 days ago

      I work in IT for healthcare, and our CTO, CIO, and head of Cybersecurity are all ex-Microsoft. We’re a “Windows Shop” adopting anything Microsoft has ever made, from Windows to Azure DevOps to Access

    • CarbonatedPastaSauce@lemmy.world
      link
      fedilink
      English
      arrow-up
      56
      ·
      8 days ago

      That ship has sailed anyway. I’ve had no less than 5 breach notifications show up in the mail from things related to my health care in the last 2 years, and it’s not like I’m constantly at the doctor. The whole system is a disaster.

    • groet@feddit.org
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      2
      ·
      8 days ago

      They might not know there are alternatives. So they likely do not ccomplain to their IT person.

      Dont be a “jUsT uSe LiNuX” guy, but when you see them frustrated maybe say “hey I see you are frustrated as well and I as a patient are concerned about my medical data privacy. You know there are better and safer alternatives, maybe you could ask your IT if it would be possible to switch to Linux?”

      Realistically, they can’t switch because the software to use some $€1m medical device only runs on windows.

      • ewigkaiwelo@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        7 days ago

        I’ve had the se thought as expressed in the last paragraph the other day and isn’t the anwser in compatibility layer? Like can’t they install and run windows medical software using WINE?

        • lightnsfw@reddthat.com
          link
          fedilink
          English
          arrow-up
          13
          ·
          7 days ago

          Having worked in healthcare IT. Adding more complexity will only make things harder for them. A lot of healthcare staff can barely operate the Windows PCs and applications they’re used to. Change anything and they act like the sky is falling.

        • skulblaka@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          7
          ·
          7 days ago

          That opens up a legal liability for the people creating the compatibility layer. You’ve gone from two points of failure (the doctor and the machine) to three.

          For sure it can be done but most people / companies won’t want to take on that liability.

    • fishpen0@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      edit-2
      7 days ago

      I work for a healthcare company and when we launched we made a huge deal about only using Linux on our backend and only giving Macs to employees. It’s been almost 10 years and we’ve hired a small army of morons since then and they fired our CTO. These idiots have demanded windows so they can “do analytics” despite all our analytics being in looker and dbt and a bunch of fucking business bros in the csuite and vp level who demanded windows laptops because they just like it. They eventually canned our head of IT ans well and replaced him with a dumbass and that guy is currently trying to take MacBooks away from engineering. Then the head of “cloud engineering” just started outsourcing half our shit to consultants who keep building one off snowflake windows machines because nobody gives a shit anymore. So what used to be a clean ecosystem is now a giant botched pile of lowest effort garbage.

      Stay away from this entire industry. There’s some brain rot where they only hire people with healthcare backgrounds even if the role has nothing to do with healthcare. What that turns into is people from ancient out of date orgs who have no idea what they are doing being hired over people from legitimate tech roles or any other background that is more advanced in other fields and the company will always slowly roll backwards into stupidity.