Can You Get Arrested For Wiping Your Phone?

[MUSIC PLAYING]

Welcome back to This Week in Privacy, our weekly series

where we cover the latest updates with what we're working on

within the Privacy Guides community.

in this week's top stories in the data privacy

and cybersecurity space.

Privacy Guides is a nonprofit which researches

and shares privacy-related information

and facilitates a community on our forum

and matrix where people can ask questions,

get advice about staying private online

and preserving their digital rights.

Before we dive into this week's show,

here's a rundown of how the show is laid out.

We'll start by covering site updates,

then we will discuss the top stories

in data privacy and cybersecurity.

Next, we'll explore some trending posts

on the Privacy Guides forum.

And finally, we will answer questions from viewers.

So if you have a question for us, please leave a comment

either on the forum thread over at discuss.privacyguides.net

or in the YouTube live chat.

I am Nathan and I am joined today by Jordan.

Hello, Jordan.

- Hey, how's it going?

This is, I'm excited to be here this week.

- Excited to be co-hosting with you.

I think we co-hosted once together so far, right?

- Yes, a couple of weeks back, but yeah.

So just to let everyone know,

this is kind of a last minute swap in here.

Jordan had some technical issues,

so we'll be trying our best this week,

but just letting you know ahead of time.

- Yeah, no worries.

All right, we're gonna go ahead and kick things off

with the site updates.

It's been a little bit of a quieter week.

We got a lot of stuff cooking behind the scenes,

But to start with, we do have a new video out for members.

We have released the first,

so we've been talking about doing

this smartphone security course.

There's technically four videos, there's an intro,

and then there's like beginner, intermediate, and advanced.

The intro and the beginner are now out for members.

So the intro's real short, I think it's less than two minutes.

So I would say the first of three videos is out,

but it's technically the first two of four.

So if you are a member over on the Privacy Guides Forum,

or I believe even here on YouTube,

you could go ahead and check that out already.

And we've got another video in the works

that I actually sent off to Jordan yesterday, I believe,

that is ready for the next phase of editing.

So that is shot and that is edited.

We're doing some, or I'm trying some interesting things

with like moving around and just,

I'm excited for you guys to see it.

I think obviously Jordan does amazing work on the editing

and I think it's really gonna be exciting.

So definitely let us know what you guys think about that

when it comes out.

And we do have one change to the forum

and we wanted to let you guys know about it.

We have added experience levels.

So when you join the forum now,

we will prompt you to go ahead and enter,

this totally self-reported,

what do you think your experience level is?

And it's a beginner, intermediate and advanced.

And it'll add a little tag to your profile.

Actually, if you look at the announcement,

I don't know if we can put that on screen or not,

but it is right there on the forum.

Jonah has a screenshot where he shows an example

of what it'll look like on your profile.

And there seems to be some confusion about this.

So we're gonna go ahead and talk about it real quick.

This is, again, this is entirely self-reported

and it's designed to make the forum a little bit more,

how would I describe it?

I guess user-friendly, not really user-friendly,

but basically what it is, is it's designed for,

if you are more of a beginner,

then when you ask a question,

it'll automatically add a tag that says ELI5,

which is explained like I'm five.

And it basically lets other people know

not to withhold anything.

Jonah actually specifically says that in the announcement here,

like we don't expect you to withhold information

for it being too difficult.

But, you know, just to kind of explain it in simpler terms

and to be patient with the person asking the question,

because they may not necessarily know all the same things.

They may be kind of new to this privacy stuff.

And it does not change the experience at all for anyone else.

If you're an advanced user or an intermediate user,

you can still add that tag.

If it's a concept that you're not really familiar with

and you want that kind of explanation,

there's no like sections of the forum

that are not available to beginners

or vice versa or anything like that.

So just to be clear, and again, it's self-reported.

So, you know, it's kind of up to you.

Do you feel like an expert or expert is the wrong word?

Do you feel like a more advanced user?

Do you feel like an intermediate user?

And I believe you can actually change it too

at a later date.

So maybe after a little while, you're like,

yeah, I feel like I'm getting the hang of this.

You can bump it up to intermediate.

So yeah, hopefully that is something

that will make the site a little bit more welcoming

for people who are maybe just getting started

in the privacy journey.

'Cause I have seen from a lot of other people,

it can be really overwhelming when you first join.

And the goal is to try and make it a little bit easier

to navigate for people who are new

to PrivacyGuides forums.

So, and sorry, I'm navigating back to my notes here.

Unless Jordan has anything to add,

I think we'll start getting into the news.

You got anything I missed or?

- No, great overview on everything.

I guess we can dive in straight into this first story here.

And it's a write up from Kevin.

So here's our community and news intern.

And it's about an Atlanta activist being charged

wiping their phone before CBP search. So just reading from Kevin's summary here.

Samuel Tunik, a Atlanta-based activist, was arrested and charged with destroying evidence

after a US Customs and Border Protection unit searched his Google Pixel smartphone

404 Media reports. The search was conducted by the Tactical Terrorism Response Team,

an elite unit of the CBP on January 25th, 2025. Tunik supposedly erased the data of his pixel

smartphone before the CBP officer searched his device. Although the circumstances of his arrest

was unclear, an official indictment states that Tunik allegedly did knowingly destroy

damage, waste, dispose of, and otherwise take any action to delete the digital contents of

of a Google Pixel cellular phone.

There is no evidence that Tunik committed any crimes

beyond this charge.

As of today, Tunik has been released

and is awaiting further trial proceedings.

He's not allowed to leave the Northern District of Georgia

in the meantime.

Privacy Guides cannot confirm if the device had GrapheneOS

or a similar operating system installed.

GrapheneOS is exclusively to Pixel devices

providing features such as a dress pin that allows users to quickly wipe data off their

phone in high risk situations.

And as you might know, evidence tampering is a crime in most countries.

If you're caught erasing data prior to a law enforcement search, you may experience similar

charges faced by tunic.

Nevertheless, journalists and activists alike may feel unnerved by this recent development.

So I feel like this is kind of a unprecedented thing, I suppose.

I was under the, I'm completely like, I'm not super into like how US law enforcement

works, but I was under the impression that you would get this sort of arrested if you

wiped the device after they collected it

or while they're in the process of collecting it.

But am I understanding correctly that this happened

before the Border Patrol people collected the device?

- I believe so.

So it's really hard to know for sure.

But yeah, according to 404 Media here,

It says that he wiped the device before they were able

to search it and I believe it was before he was arrested

or anything and yeah, it's,

this is a really confusing, not confusing story.

So I have a friend who is a lawyer

and is very passionate about this kind of stuff.

And she sent me like eight pages of thoughts about this

phones. And this is specific to the US. Yeah. To be fair, a lot of those pages were a paper

she wrote in college that she shared with me that was basically about the state of cell

phones search rights here in the US. And it's very unclear area. So within 100 miles of

the US border and that does include the ocean.

Customs and Border Patrol has jurisdiction

and they can choose to search your phone.

And there's a very,

everyone, I should also mention,

this includes any port of entry.

So that's why this would have happened in Atlanta.

Atlanta is not within that 100 mile zone,

but because they have the busiest airport

that is an international airport in the US,

Customs and Border Patrol would have some jurisdiction there.

So it's a little unclear why they wanted to search his phone,

but he wiped his phone.

And like you said, we don't know if it had a graphing on it,

although it would suggest that he did

because graphing does have that feature,

but it could have been, I think,

I think Alex has that feature too.

And the article simply says that he put in a code

and wiped his device.

So I don't, you know, it could have been any number of things,

but it could have been a third party app

that did it automatically on a stock pixel.

So we can't say for sure, but for one reason or another,

he wiped the phone and now they're basically trying to charge him with destruction of evidence.

And this is where the gray area is, is the Supreme Court has really, actually, let me

go ahead and open one of the documents that she sent me, because the Supreme Court has

really declined to weigh in on this.

So like when does your phone become evidence that you can be charged for destroying?

Can you protect your data before they physically take it?

the legal difference between wiping and refusing to unlock.

The only case that we really have that like clearly says anything about cell phone privacy

is Riley v. California.

And what happened is this dude was pulled over because his car registration or his tags,

his license plate basically was expired.

And then when they pulled him over, they found out that his license was also suspended.

So the standard practice is to impound the car and search the car.

And then when they searched the car, they found hidden guns.

So obviously that escalated the situation.

And just to clarify, when they search the car, when they impound it, it's just to make

an inventory.

Like here's everything we found in the car, you'll get it back.

When they found the guns, that changed the math.

So now they had, they arrested him for, I believe, possessing guns he wasn't supposed

to have or maybe he didn't disclose them.

But sorry, there's a lot of context that goes into this.

When they arrested him, when cops arrest somebody, they are allowed to do a basic search of that

person and the immediate area for the officer's safety. So the idea is they want to make sure

that you don't have a knife or you're hiding a gun under the seat, which he kind of was,

that you're going to try to attack the cop with. And when they arrested him and they did that basic

search, they also searched his phone. And that's what this case, this Riley v California, he said

they had no business searching my phone because that did not present a risk to the police. And I

believe if I remember correctly, he won that. So the Supreme Court did say you need a warrant to

to search a phone in that case.

But I mentioned this 100 mile border zone

where Border Patrol has jurisdiction,

they don't need a warrant to do a routine search.

And the Supreme Court has refused to say

what does a routine search look like?

We know what it doesn't look like

if they hook it up to Celebriot or anything like that,

that counts as a more advanced search

and they do need a warrant for that.

If you're a US citizen,

I'm not sure about if you're not a citizen.

But a routine like hand me your phone

as long as they're not plugging it into anything

might be a routine search that might not.

So cell phones exist in this really gray area

where we have conflicting court rulings

where some courts say you need a warrant,

some courts say you don't,

some courts say you need it in this situation,

some courts say you don't.

And it's really unfortunate

because the Supreme Court has continually refused

to lay down a legal precedent on this.

According to my friend,

they declined three cases in 2021,

the Fifth Circuit declined a case in 2023.

So her speculation is that the court

is kind of trying to figure out what the public consensus is.

And that's really what they want to base their ruling on.

And right now they can't kind of figure out

where the public opinion is on this matter.

And that's why they don't really want

to put down a ruling yet.

So not to get too much into like analysis or anything,

but one thing she said is in her opinion,

that's why we need to build consensus.

We don't want to wait for them to make that ruling based on scattered litigation, kind of quoting her a little bit here.

But the idea is that we want to try and form public opinions so that they rule in the favor of like, no, you need a warrant to search a phone.

But yeah, that's kind of the all the background of this.

So it's unfortunately, there's like really no like legally speaking, we can't really say for sure what exactly.

There's no precedent here. There's no laws.

Everything is purposely vague and blurry.

And yeah, it sounds like the article goes on to say,

"Tunik has been released. It is awaiting further trial.

He's not allowed to leave the state of the Northern District."

I think you may have mentioned that.

So yeah, it is something to be aware of.

I realize that a lot of people,

or some people may have really sensitive things on their phones.

Like I believe one story I read, I can't remember where,

But it talked about an immigration attorney who had his phone

searched, like plugged in and searched the advanced search.

And he had to go through like multiple court cases.

But at that point, the damage is kind of done, right?

And that's supposed to be like confidential information, client attorney

and stuff like that.

But it's, it's tricky because we now see this and I've, I've thought

about this for a long time is like, if you delete that phone, if you wipe it,

could the cops charge you with obstruction of justice or, you know,

tampering with evidence or anything like that. And again, according to my friend, there's

really no clear like, Oh, well, he wasn't arrested yet. So it's not technically evidence yet.

And there's also a lot of, um, what's the word I'm looking for? The, uh, gosh, I just

lost my trade of thought. I'm so sorry. Um, yeah, there, there's somebody was making the

point about, uh, there, there's kind of the law weirdly does and doesn't, from what I

I can tell put a lot of emphasis on motive.

So like if he had a script that every single day

reset his phone, it would be really easy for him

to be like, no, they just happened to grab my phone

right before that script ran or whatever.

But, you know, if he manually triggered it,

it becomes a much trickier gray area, I think.

So, yeah.

- Yeah, I think the, the write up from Kevin,

like he suggests like if you're a US citizen or resident,

the best bet is not actually to wipe your device.

If you expect an imminent search or arrest,

something that you could think about

is make sure your device is fully patched

and setting a strong password or passphrase on the device

instead, which would make it a lot more resistance

to forensics tools like Celebriot.

But I think in a lot of cases when we see these cases,

it's like a case that goes on for like a year, two years,

more like it's a long time to have a device in isolation. And I think by the time, you know,

they actually need to extract the information from the device. It might already be, there might be

exploits available for Celebrate to access the information. So it's a bit of a problem. But I

think, yeah, it's, I think in this case, I heard there was, there was actual like video evidence

of him actually wiping the device. That's why this has been a concern, I think. So,

I mean, I don't know how someone could prove that you've wiped your device. I mean,

that's another whole thing, right? Like, I guess there might be some metadata on the device that

could potentially notify law enforcement that it's been wiped recently. But yeah, before first

unlock state is the most secure state you can have your device in. So if you keep your device in

that state when it's taken by the police,

then that will give you the most security.

- Yeah, just to back that up,

I think for most people that is probably your best bet.

I, like I said, there are definitely some people

who have really sensitive stuff on your phone

where it's worth it just to go ahead and wipe it

and roll the legal dice like that.

But I think for the vast majority of people,

what would be better is to just restart your phone.

And well, there's two things specifically.

Number one, be mindful what data is on your phone, right?

This is a really, and I know,

I think we're planning to talk a little bit more

about digital minimalism in the future,

in like a future video,

but there is a strong argument here

for the idea of digital minimalism

of try to keep things off your phone

if you don't actually need them.

And sometimes you do,

but sometimes things like email or banking apps

or setting up the disappearing messages

apps like signal or session, um, you know, or simple X, simple X also has those two setting

those disappearing messages.

So that way, even if the phone is taken and unlocked, there's very little data on it.

It's kind of a harm reduction, uh, attitude.

But also, yeah, for those who don't know, when you restart your phone before you unlock

it for the first time, that is called before unlocked, uh, first state or before unlocked

state.

And that is basically the most secure your phone can possibly be.

Um, because once you unlock it, your phone starts to store things in the temporary memory

And it becomes a little bit easier to compromise.

I'll admit, I don't really know the technical details of that.

But it's, yeah, so for most people, your best bet is probably just going to be to go ahead

and reboot your phone before handing it over.

And like Jordan was saying, as long as it's like up to date and it's the most recent operating system,

that's usually going to be, that's going to provide you a pretty decent amount of protection,

I think in a lot of cases.

There's also not to go on too long, but there's a, you know, there's a lot of the apps that

we recommend in the privacy community have the option to add an additional layer of like

passcode locking or authentication.

So like you can lock, I think proton is one of them.

I believe signals one of them, Molly's one of them, things like that, that you can add

that additional lock where even if the phone itself is unlocked, the app itself may not

necessarily be unlocked.

I don't know how well that works against forensic tools, but it could slow down people

a little bit.

And then just one last thing to kind of alert people to is biometric unlock is kind of a

pro and a con.

Face unlock is not usually something we recommend because there have been stories about people

like pointing the phone at you and unlocking it.

But things like fingerprint unlock, generally speaking, again, phones are a really great

legal area.

But generally speaking, you cannot be ordered to turn over the password because that is a

violation of your Fifth Amendment right against self-incrimination and your First Amendment

right to free speech here in the US, but you can be ordered to unlock the device.

So, um, yeah, things like a fingerprint may not be, they may provide a little bit of

protection.

They may provide a good balance between longer passwords and convenience.

But also if you're going to a protest, hopefully you're going to harden your

phone a little bit more than usual.

So yeah, I don't know.

Oh yeah.

And real quick, Kevin pointed out in the article here that graphing specifically

does have an option to automatically reboot your phone after a certain amount of

time of inactivity. So yeah, if you're going to, if you're

bringing it to a protest, you could lower it dramatically to

like a couple hours. So yeah, I mean, I think in a lot of cases,

you should weigh up whether you actually need to take your phone

to any event, you know, especially if you suspect that

there will be police presence or law enforcement, I guess.

Because yeah, you can eliminate the risk entirely. And I think

It's important to be mindful and use tools

that don't leave trails behind,

especially if it's something sensitive, right?

Like journalism or any sort of thing like whistleblowing.

Yeah, it's better to utilize tools

that don't open you up to having that data

searched in the first place.

So, but yeah, I think that's a pretty good summary

of that article there.

I think we're pretty good to move on to the next one here.

Alrighty, so our next article, we're gonna head all the way on the other side of the

world and talk about Australia where this world first teen social media ban that we've

been discussing for quite some time has now taken effect.

So I believe that took effect on the 10th, if I remember correctly, so that's two days

ago at the time of this recording.

And for those who are just joining us, basically Australia has banned children from under 16

building social media accounts.

And yeah, I do.

So the article we cited here is the register,

but I mean, you can find this being talked about

in any number of news outlets.

And I know it's probably not great for editorial reasons

for them to be injecting their own bias,

but I do really appreciate their cynical take on this,

which actually does kind of reflect,

experts have been saying this isn't really gonna do anything.

And the prime minister also said that too.

He said, "From the beginning,

we've acknowledged this process won't be 100% perfect,

but he compares it to underage drinking.

He says the fact that teenagers occasionally find a way

to have a drink doesn't diminish the value

of having a clear national standard.

So yeah, I mean, that's really,

that's kind of the nuts and bolts of the story

as far as the actual facts go is if you're under 16,

you can't have a social media account in Australia anymore.

I don't think the accounts are getting deleted.

I could be wrong about that part.

Yeah, that's definitely a good question, right?

I think it's we should probably like set some some work, some pre pre information

here, but it's basically it's the way that this ban works is that it will

deactivate those accounts and the information will be deleted.

So yeah, oh, losing their accounts.

It depends on the platform, what they decide to do in particular.

But like we've already seen people that have their account.

I mean, the main issue that I've seen with this is that the social media platforms that have asked for people's day to birth,

a lot of kids have already lied and said they're like 42.

So it's not coming up and saying, oh, you're underage.

You can't use this.

I think that the government is kind of a bit confused about what children do.

They don't usually tell the truth.

They're not going to get on platforms before they really should.

That's just how it works.

It's just how children are.

So, I mean, it's not really a surprise that this isn't working too well, I guess.

I think there's at least currently I've seen a couple of articles from the ABC.

That's like the national Australian national like news agency.

Australian broadcasting company or something like that.

Yes, something like that.

And it's like the state media, I guess.

And they've been kind of talking to children and talking to parents and things.

And there's quite a lot of instances, at least currently, of people who have,

who are under 16, having multiple accounts on the same device.

Some of their accounts not being banned.

some of them are being banned because the age is correct.

So it's funny.

It's it's not working that great.

I also saw some comments because the way that this law works is they're not allowed to.

I believe they're not allowed to actually ask for your ID.

They have to use like age assurance techniques.

So they're using like facial recognition, age facial recognition,

which is like you point the device at your face and it guesses your age,

which I think is a little bit of a problem, right? Like what if someone who's like 18 looks

younger than they are and then now the racket's banned? Like that doesn't really make that much

sense to me. And there's also people who just point their device at other people. So I mean,

I'm not sure that that is really that great at stopping this. The only way that I see it actually

being effective is if they introduce some sort of digital ID system or they actually force people

would upload their ID documents. Like everyone to upload their ID documents. So the thing

that I've noticed though is that a lot of people who are adults haven't really had any

effect on their accounts yet. So it seems like they might be going for the most obvious

accounts first that I've put the correct birth date and stuff and disabling those. I think

according to the government, they said they shut down like 300,000 children's accounts

on Snapchat or something. So it's definitely working for people who are under 16, their

accounts where they have put their real date of birth are being disabled. So yeah, I don't

think this is, we've talked about this a bit, but I think when you restrict children's ability

to access information, it becomes a little bit of an issue. It's also kind of confusing

which platforms they're banning like Pinterest and Discord.

I don't know about Discord, but I don't know if any of you have been on Discord,

but there's a lot of stuff that's bad on there.

And I believe that even the app on the app store is rated R 18.

So it's very confusing.

It doesn't make much sense why they're choosing certain apps over others.

I think in a lot of cases, we'll just see a lot of people flocking to different apps instead,

possibly even shadier apps using VPNs to bypass this.

And I think in a lot of cases I've seen there's people who use this for like niche

interests. They use social media to interact with other people who have niche interests, people who are like, you know,

marginalized, like queer people. It's it's a bit of a problem that we're restricting the access of

children to the internet basically. I

They have a right to access the internet and there needs to be better systems to do this, right?

Like we already have on device, like parental controls, like Apple has some of the best in the world.

You can set that up straight on people's devices. It limits what people can access.

I think when we start like adding blanket bands to platforms, it becomes more of an issue.

So I'm not really, I think a lot of people are very much not a fan of this in Australia.

And I don't think people are going to like Albo very much for too much longer because of this.

I don't think it's going to be very good.

Yeah, you really hit the nail on the head with everything.

A lot of the stuff you said actually is here in this article.

And let's see, reports have noted a sudden sign up in a spike for apps like Lemonade

and Yope that currently aren't covered by the ban.

That surge has made prophecy out of warnings that banning social media will just see kids

shift to services operated by outfits even less interested in child safety than the likes

of Meta and Google.

Hard to believe there's companies that care less than Meta about child safety, but apparently

there are.

They also said that, you know, the law, I believe, said they have to take like quote

unquote "reasonable measures" or something.

So basically companies have to figure out on their own how they're going to verify users,

which means a lot of them are outsourcing it, which ironically the article points out here.

Some have decided to work with age verification companies based outside of Australia.

So now you're putting people at risk with companies that aren't even in the country.

The article says these companies may request a photo of government ID or a selfie.

So I guess some of them may actually require ID.

But yeah, some of them may take selfie.

Like you said, I, when I was in college, I sat behind a girl in my English class that I swear looked like 20, you know, 19, 20, 21.

And she was like 42 or something like that.

And she just looked amazing.

And I'm sure when she was 20, she probably looked like she was 16.

So, you know, this, this like determining a person's age isn't always accurate, just based off the photo alone.

And then, um, yeah, again, like you said, you know, some people are using makeup masks lying about their ages.

I know in the UK with their online safety act,

we saw people uploading video game characters,

all kinds of crazy stuff, VPNs like you said.

So yeah, this is very symbolic I think.

And actually on that note,

we did include in the show notes,

EFF has launched an age verification hub

as a resource against misguided laws.

So I think this is a good time to mention that real quick.

So the EFF has launched this website.

First of all, they're launching, they're doing an AMA,

I believe next week.

Yeah, December 17th at 5 p.m. Pacific time.

And then, excuse me, 12 p.m. through 5 p.m. Pacific time

with EFF attorneys, technologists and activists

answering questions about age verification.

Oh, this is going on for three days,

December 15th through 17th.

So you'll have plenty of time to ask your questions.

And if you're not a Reddit user

or you're unable to make that for any reason

They're going to have a live stream panel discussion.

That's January 15th from 12 p.m. Pacific time again.

So there's that worth checking out, but they also have an actual hub, EFF.org/age.

And this is a really, really simple hub, but it has, over on the left side, it says, like,

why join the fight?

And it tells you, you know, what's at stake, who is harmed, is this legal, does the tech

even work, which we were just spent all this time talking about usually not, and it usually

backfires a lot. And yeah, I actually like where did it go? In the original article where

they talked about this new hub, EFF, they had a really good line. It says, "We all want

young people to be safe online. However, age verification is not the panacea that regulators

and corporations claim it to be. In fact, it could undermine the safety of many." So,

Yeah, it's like you were saying, we've talked about this quite a lot.

And it's one of those things where politicians want easy, simple solutions.

Everybody does.

It's human nature.

We want a good guy and a bad guy, and we want very clean, simple, you know, all good

or all bad.

Like it makes for a good movie, but in reality, people don't really like it when there's kind

of a gray area and like, oh, this person has redeeming qualities.

So like politicians just want an easy answer that they can point to and say, I did a thing.

I made everybody safe vote for me again next year.

And unfortunately, this is not one of those issues that you can just easily do that with

even I've mentioned in the past, like going after the companies and making social media

like Facebook themselves has pumped out so many studies that say this is bad for mental

health just across the board, not even for kids, you know, doom scrolling.

I know I'm kind of rambling or getting on a soapbox a little bit here, but like doom

Doomscrolling has become a common term in today's day and age.

And honestly, that kind of blows my mind that we all just accepted that as a term.

But like, that's how bad it is.

And I don't, that's not limited to kids.

We all know what doomscrolling, even if you don't know it by name, if somebody describes

it to you, it's like, oh yeah, I do that sometimes.

So like, it's crazy that we will do anything other than crack down on these companies and

be like, stop intentionally putting people at risk.

And it just, there's so many arguments against this.

It makes kids unprepared for how to deal with this stuff once they turn old enough to start

using social media.

And it, I've mentioned before, I think it takes away from the parents right to like

decide when is right for their kids to join.

And it's just, yeah, I don't know.

It's at best, it's well-meaning.

And I say at best because I know there's a lot of people who don't believe that.

And I don't blame you for not believing that.

I'm not saying I believe it entirely, but at best this is well-meaning, but it's an oversimplified.

What's somebody, I forget who it was.

It may have been EFF.

said, it's like, it's like taking a machete where you need a scalpel.

And I don't know if they were talking about age verification, but yeah,

it's, it's just one of those things where it's an oversimplified solution,

quote unquote solution that, uh, yeah, we're going to have to keep an eye on

cause that's, uh, yeah.

Yeah.

I think there's, we've made a lot of, we've made a lot of like points towards

why this is, uh, why this is bad.

Um, someone said here, if you're under 16, you're probably unable

watch this live stream. Um, actually you can still watch the live stream.

You just wouldn't gotta be logged in. So that doesn't,

that's another thing that doesn't make sense about this, um,

this whole thing is it doesn't affect being logged out.

So what people are just going to start watching YouTube videos logged out,

people are going to start watching things through frontends and all these other

things. Um, I think stopping people from posting as well is kind of,

you know, it's, it's,

I heard someone say it's like you're silencing an entire generation, basically, because they

can't comment on anything, they can't express their thoughts, they can't do anything.

So I think that is another important thing about this is that there's people that are

being silenced and their voices need to be heard as well on this.

And it's not like these are people that can vote, these are not people like that are of

that age, but their thoughts on this still matter. So I think we should definitely listen

to what they're saying. And in a lot of cases, it sounds like a lot of people, especially

under 16, are against this because that's where they find their communities. That's

where they access information. So I don't know, I think this is... I don't want to use

a commonly used anecdote here, but it does feel a bit like a slippery slope.

This could be like the push towards an actual ban or towards requiring ID for any platform, for instance.

I think it's very problematic, but like Nate said, there's some really good information here on the EFF's website.

There was also, I'm also following a fight for the future one as well.

They're also going against this sort of stuff.

So it's worth checking out that.

It was, it was a page specifically for Australians as well.

And yeah, I think we should definitely try and because I think a lot of people

that I've talked to about this, they're actually in favor of it because

they don't really understand the repercussions behind something like this.

because it's actually kind of like, it's shrouded in language that a lot of people would want to agree with, right?

Like this is to protect children, this is, you know, this sort of stuff.

And I think that's important to kind of come out against if you can, to people in your life, to people that you talk to.

Because, yeah, there's definitely some people who are...

There was an interesting post I saw, and it was from one of the MPs in Australia,

and he spelt Snapchat with a capital C.

Like, there's no capital C in Snapchat.

Like, these people don't even know what social media platforms are,

and they're enacting laws to ban them.

Like, I think there should be more experts consulted on this than just politicians who

don't really understand technology. They don't understand the repercussions of this sort of ban.

But I'm sure they did the calculations and they found that this would be

received positively by the public. So that's why they went ahead with it.

But yeah, it's kind of all I have to say about that one.

Yeah, the slippery slope argument is like, it's really tough because sometimes it makes you

sound kind of paranoid. And sometimes it doesn't come to true, you know, or it come to pass.

It's one of those things where everybody always makes that argument on both sides of an issue.

But yeah, I don't know. I mean, I'm with you. I think it is a slippery slope. I think it puts

It puts power in the hands of the government to be able to say, "This requires age-gaining,

but this doesn't." Then they can update that list at any time to say, "Well, now this thing

is not safe for children." You made a really good point that, again, this is a little bit

conspiratorial, but any government will usually dress things up in a way that makes it very hard

to argue with them. "Oh, this is for the safety of the children." Then when you come in and you're

I don't think this is a good idea.

The default response is, oh, so you hate kids.

And it's designed to like paint you in that negative light

when you go against the grain like that.

And it's kind of nefarious, but it's really intentional.

They know what they're doing.

But yeah, the last thing I want to touch on is

what you said there about they don't even really know

how a lot of this stuff works.

And I don't know about Australian politics,

but in the US, that's certainly how it works.

It's a lot of the time somebody will come in

and say, we think there's a problem.

Here's our solution.

Here's this bill.

And a lot of the time the politician,

'cause you know, to their defense, they're human.

Nobody knows everything, right?

They probably have no idea about how any of this stuff works,

but they're like, well, you made a good argument,

you've got this bill, it's ready to go, sure,

I'll get behind it.

And that's one of the reasons that it's really important

to try to get involved politically if you can,

is because a lot of the time, they may not know any better.

Like I really, I don't wanna let them off the hook too much

'cause I'm very critical of politicians myself,

But I think a lot of the time we envision them

as like these evil like, you know,

like in a movie or a political thriller,

they're like purposely just trying to make people suffer.

And it's like, no, a lot of them really think

they're making the world a better place.

And they have no idea that this is a genuine risk

that has all these knock on effects

or there's so many easy ways to get around it.

And a lot of the time that's simply

because there's nobody on the other side of the aisle

as citizens, there's nobody on the other side of this issue

coming up and saying, hey, this is a really bad idea.

And here's why I think you shouldn't do this.

Not to shill it all the time, but I did mention

on a previous live stream, Louis Rossman did a talk

for EFF Austin, which full disclosure,

I'm a board member of EFF Austin.

But if you look up Louis Rossman, EFF Austin,

he tells the story of that's exactly how he got involved

in right to repair because he found out there was a law

that was going through and he went and talked

to the politician who was sponsoring the law.

I might be getting the finer details wrong,

but basically he went and talked to him

and they told him it's like, well, you know,

that other person came in and here's what they told me.

And Rossman was like, what are you talking about?

That's not how any of this works.

And the guy was like, the politician he was talking to,

he's like, son, I'm like 80 years old.

I don't know how any of this stuff works.

They came in, they made what sounded to me

like a coherent argument.

I believed them, you're the first person

telling me otherwise.

And that was the moment,

and ultimately Lewis was able to win him over to his side.

But that was the moment that Lewis realized.

He's like, a lot of the time there is simply nobody there

telling them why the other side is mistaken

in this thing and is, you know, yeah, it's just the point is like, if you can, and, oh,

here's what I was going to say is like, you know, don't go in there and like attack them

and like, you're evil, but if you can get in there and show them like, hey, this is

why that person's wrong and this isn't a good idea.

I'm not saying it's 100%, but a lot of the time it can make a difference, especially

at the local, the local levels.

So yeah.

All right.

On that note.

What?

Yeah, do you have anything to add or?

- No, yeah, we can move on to the next story here.

And this one is from Brave.

So Brave, this is published on December 10th,

AI browsing in Brave Nightly,

now available for early testing.

So this is kind of a surprise, I guess,

because Brave browser has kind of built itself

like a privacy and security focused browser. And generally, when we think of AI browsing,

we think of insecurity and privacy invasion. So this is certainly an interesting direction for

Brave to be putting their resources into. But we've kind of seen a similar thing happening

with Firefox. So I'm just going to quote from the article here. "Today we're announcing the

the availability of Brave's new AI browsing feature in Brave Nile.

Our testing and development build channel for early experimentation and user feedback.

When ready for general release, this "agentic experience" aims to turn the browser into

a truly smart partner, automating tasks and helping people accomplish more.

I feel like that's the buzzword of this year's "agentic".

It's "agentic".

We added an "agentic agent".

However, agentic browsing is also inherently dangerous, giving an AI control of your browsing

experience could expose personal data or allow agentic AI to take unintended actions.

Security measures are tricky to get right and disastrous when they fail.

As we have shown through numerous vulnerabilities we found and responsibly disclosed over the

last few months.

to prompt injections, basically where a website can have a prompt on the page that can basically

redirect the agentic AI to perform like a malicious attack against someone, are a systemic

challenge facing the entire category of AI-powered browsers. For this reason, we've chosen

a careful approach to releasing AI browsing in the Brave browser, soliciting input from

security researchers. We are offering AI browsing behind an opt-in feature flag in the nightly

version of Brave, which is the browser build we use for testing and development.

We'll continue to build upon our defenses over time with feedback from the public.

At present, these safeguards include AI browsing is currently only in the nightly channel behind

an opt-in feature flag via Brave's integrated AI assistant, Leo. AI browsing happens only in an

using a dedicated browsing profile,

keeping your regular browsing data safe,

and AI browsing has restrictions and controls

built into the browser,

AI browsing uses reasoning-based defenses

as an additional guardrail against malicious websites.

The AI browsing experience has to be manually invoked,

ensuring that users retain complete control

over their browsing experience

and likable AI features in Brave,

AI browsing is completely optional,

by default.

So what are your thoughts, Nate?

What are your initial thoughts here?

- Yeah.

Well, my initial thought kind of goes back

to what you said at the very beginning

where you said you're surprised

because AI is not typically something we think of

in the context of privacy and security.

And I agree with you for the record,

but I have noticed that Brave is trying

to really, they're trying to have their cake and eat it too,

where they wanna be a privacy browser.

And there's a lot of websites out there that show

that they do have actually really good privacy out of the box.

And I do believe that they're really innovative,

but I also question exactly how private AI can really be,

even with all of the stuff they've put into it.

I don't know, it's interesting for sure.

I agree with you, like a gentic AI

is definitely the buzzword of the year for sure.

And, you know, I really appreciate

that a common criticism with Brave is it's got all the,

the, you know, people call it blow.

It's got the AI stuff, it's got the crypto stuff.

It's got all this stuff built in

that people don't necessarily want.

And I understand, I guess it's one of those things

I think both people have really good points

'cause some people will say like, well, just don't use it.

You know, you don't have to use any of it,

which is totally true.

Ironically, Brave, actually, I found this out recently,

Brave Shields has one to disable Brave's own AI summary

and Brave Search.

So you can use Brave with Brave Search

and still disable the AI summary using their own shields,

which is pretty cool.

You can opt out of all this stuff,

but at the same time, I understand the argument of like,

oh, you know, but the code is still there

and it's kind of adding potential attack surface

and I don't know.

In regards to this specifically, I'm still,

I'm not entirely convinced what use agentic browsing has,

especially this early in.

It's one of those things where I personally wouldn't

trust it to do, I don't know, even simple things.

Like, you know, okay, I need a new coffee maker, you know,

go compare the top three brands or whatever.

And it's like, but how do I know those are still the best?

How do I know that's not paid advertising?

How do I know you didn't summarize

something that wasn't there?

I've, I don't know if I've shared this story here before,

a long time ago, I was testing out LLMs to see like, Oh, let me see if these can improve

my workflow in any way. And I was doing a review of Threema, I think. So I, um, I told

an LLM, I can't even remember which one. I'm like, Hey, give me the pros and cons of the

messenger Threema. And one of the pros it said was it has a password manager built in.

And I was like, this is news to me. So I asked it. I'm like, Hey, what's your source for that?

And of course it couldn't tell me because this was one of those LLMs that doesn't cite

sources, but it went, oh, you're right. There is no password manager. And it's like, what? Like,

you know, there's so many stories out there about like developers don't like using AI because they

have to go back and fact check it. It's just twice as much work. And so I don't know, but it could

also be one of those things where it gets better over time. And when Proton rolled out their LLM,

they made the argument that like AI is not going anywhere. And we may as well give people private

options, which I feel like maybe is what Brave is going for here is like, everybody's trying to jump

on the agentic AI bandwagon.

So maybe it's best to give them an option

that's slightly less crappy than all the other ones.

But yeah, I don't know.

Yeah, I will say this.

I feel like Brave has been, again,

has done a lot of innovative things in the privacy space

and they have been one of the biggest,

I don't know if critic is the right word,

but like they said, we have shown through

numerous vulnerabilities that we found

and responsibly disclosed over the last few months

talking about the agentic browsing and other,

the security and other agentic browsers.

So I feel like I wouldn't expect them to be perfect.

I would definitely expect there to be mistakes in this,

for sure, some of which are just inherently

baked into AI itself.

But I gotta be honest,

if I was gonna trust anybody with it, I would trust Brave.

I'm not saying you should use it,

I'm just saying if I had to,

I would probably trust them first.

- Yeah, they seem like at least so far,

like I am very much in the camp of not really wanting any of these features in my browser.

But this definitely seems like the best possible people to be doing this.

And it seems like they've thought about the security aspects.

But I guess before we talk about that a bit more,

sod this all, just sent a gift membership in the chat.

So thank you very much.

And Supreme is 21, just receive that.

So definitely say thank you to that person.

And Jonah also sent five Privacy Guides gift to memberships in the chat.

So if you didn't get one of those, make sure to say thank you.

And we also got another donation from Sod this all for two pounds.

Enjoying the stream.

Keep up the good work.

Thank you so much.

That's so appreciated.

Oh, we're glad you're enjoying it so far.

Yeah.

Um, getting back to the article real quick, it does say, you know, they are open source.

They say we welcome bug reports and feature requests on GitHub.

Uh, we encourage anyone who discovers a security issue to report that issue to

our bug bounty program and they say they're actually doubling their usual reward

for now on hacker one.

So, um, yeah, it seems like they've, uh, they've at least put some thought into

this.

They talk about, cause I read this article earlier, they, they said, um, where was it?

It uses reasoning based defenses as an additional guardrail.

Um, maybe they're, they're talking about something else, but further down in the

article, they talk about how there's basically like two LLMs working here.

And so when you tell Leo to go, you know, compare coffee pots or whatever, Leo

goes and gets the answer and then actually double checks with a second LLM and

is like, Hey, here's the answer I came up with.

And then that LLM compares the prompt and the answer to kind of determine if

it's in the ballpark or if something's really wrong.

Um, this is very high level.

So they didn't go into like super, super detail, but, um,

and I really appreciate personally in this article, they keep saying over and

over, like right here, despite its risks, it shows great promise.

Um, whereas, oh no, here we go.

While these mitigations help you significantly, users should know that

safeguards do not eliminate risks such as prompt injection.

Um, further down, they say, uh, where did it go?

Basically they say throughout this article, like, look, nothing is

perfect, this has risks.

And they're really trying to hammer it home.

Like you need to understand this has risks

if you're gonna use it.

And I don't think they ever say they're gonna get rid of it.

I think it's just something they're acknowledging,

but yeah, it's important to be aware of that,

which unlike a lot of other browsers,

a lot of other companies are just trying to get the next dollar.

They're trying to just roll this out as quick as possible,

be first one to market.

And it seems like they're trying to make sure

that people know the risks,

which I personally really appreciate.

- Yeah, I think it's, I'm not in shock.

Like I genuinely am wondering what these sort of features,

like we've seen Firefox is also doing a similar thing,

like they're doing like a AI window.

I think it's very similar to what Brave is doing.

And it's, I guess my question would be,

what, who uses this and why would I want to use this?

So I prefer personally, like I prefer to like,

use the browser myself and would this really be saving me a lot of time? I'm just kind of questioning the

the need for this, I guess. I definitely am not quite sure what

is this just because Brave wants to be on the same level as other browsers and also get that market share from people who like AI?

I'm not really sure.

It certainly isn't particularly appealing to me, but I'm not really, maybe I'm not the target audience for this sort of feature,

but I feel like a lot of the extra features in Brave, I literally turn off every single feature that they've added.

Like, I just don't use anything that they've added. I just want the browser to have a search bar and, yeah, I don't need like a weather widget.

I don't need like a news tab. I don't need like a Brave VPN. I don't need like a Leo AI thing.

So I don't know, I think if I was going to use Brave again, I would probably disable all of this.

But yeah, it's not, I don't entirely understand it myself.

Yeah, I'm with you. I disable all the crypto stuff. I disable the Brave news.

I mentioned I disabled the AI summaries and Brave search even.

I do, I will admit I do use Leo sometimes,

but it's mostly for looking up like server errors.

I do a lot of self-hosting and I find it's,

I've had good luck with that, good success with that.

But I'm with you in the sense that I like it to be separated.

Like that's why I shut off the AI summaries in search

because I found myself relying on them more than I wanted to.

And I realized I was doing it.

And I'm like, no, I don't want to do that.

I want to go to the actual source.

I want to go to the website and get the full context

us this source or not.

And, uh, you know, it's one of those things where like, if I want the AI,

then I want to specifically open a Leo tab and go to that.

I don't want it just integrated in that way.

So the only thing I could personally think as a real use case for sure is maybe,

um, and I could be wrong here.

I could be projecting, but like, um, maybe if somebody's like differently

abled and it's like, no, it's awesome that I can now send the browser out to,

like I said, compare like six different coffee pots.

And that's easier for me because now I don't have to navigate

to every single website and that's a physical challenge.

But I don't know, maybe there are other use cases,

but yeah, I don't see myself really using it anytime soon.

I might play around with it whenever it comes into stable,

but I just, like I said, I don't trust it

to not make mistakes and just make double the work

where I have to go back and double check it.

So I don't know how much I'm gonna end up using it.

- Yeah, no, that's actually a really good point

about the differently abled people.

I guess I don't think about that

because I'm in a position where that doesn't affect me,

but that is a really good point actually.

I do think that is kind of an important thing

that should be available, but also, yeah, I'm not sure if...

Yeah, that might be tricky because I'm not sure what sort of...

It is gonna be sending basically everything to an AI server,

So that could also be a privacy risk for those people too.

I think I would hope that this sort of feature

could work on device, but it's pretty unlikely, right?

It's a lot of processing power to like analyze screens

and like do that sort of stuff.

So it seems like that probably might not be the case.

It's probably being offloaded to some open AI

or Gemini or some other third party AI companies.

So it's kind of unfortunate that there isn't really anyone who's taking a privacy first approach, even Proton.

They've got their AI thing, but it's not a local model or anything.

It's running on their servers.

And it really is just a pinky promise at that point.

So yeah, I don't know.

I'm not really the biggest fan of these features, but I think that the Brave team has done at least the due

diligence to try and make it, uh, not complete crap, like a lot of these AI

companies, um, like, uh, open AI or I don't really know the, all the other ones.

Um, but yeah, it's, it's interesting.

Uh, comment whoever that one's from.

Yeah.

Yeah.

That one.

Yeah.

Uh, Claude.

Yeah.

Can't remember all of them off the top of my head, but yeah.

Um, yeah.

It's definitely interesting to see.

Agreed.

All right, on that note, we're going to go back to some political stuff.

And we're going to talk about the U.S. planning to scrutinize foreign

tourist social media history.

And actually I've seen this article kind of make the rounds.

And I think they kind of buried the lead on this one because that is alarming,

but it's not just that.

So yeah, well, so I'm going to kind of start towards the beginning of this

article here, this comes from the Guardian.

And they say the mandatory new disclosures would apply to the 42 countries whose

currently permitted to enter the US without a visa,

such as longtime US allies,

Britain, France, Australia, Germany and Japan.

So in a notice published on Tuesday,

Customs and Border Patrol said that it would require

any telephone numbers used by visitors over the same period.

Any email addresses used in the last decade,

they would really love me if I had to do this,

as well as face fingerprint DNA and iris biometrics.

So that's why I said,

I feel like a lot of people are bearing the lead

because I haven't heard anybody mention that

like any newspapers yet or any news outlets. I think privacy international mentioned that in

their headline. But yeah, I know DNA fingerprint biometrics, which I mean, you can make the argument

that fingerprint and stuff like that, you or face at least you kind of give when you go through

the airport anyways, because a lot of them use facial recognition nowadays, which you can opt

out of as an American citizen. TSA will get a little bit short with you sometimes if you do it,

and they'll make you stand in the long line.

But other than that, I haven't had any issues.

But DNA, I think, is a new one.

I can't remember that one.

The article goes on to say it would also

ask for the names, addresses, birth dates, and birth places

of family members, including children.

So now your loved ones are being put at risk just

because you wanted to come visit.

So yeah, this goes back to an executive order

that Trump signed on the first day of office.

Here on the second term, it says that it calls for restrictions

to ensure visitors to the US quote,

do not bear hostile attitudes towards its citizens,

culture, government institutions, or founding principles.

And then the article just kind of goes on to talk about

how the US is supposed to host the World Cup this year.

We're co-hosting it with Canada and Mexico.

So there are concerns that this might cause

like a dip in visitors for the US part of that.

FIFA said they were expecting more than 5 million fans

across the whole thing.

And they say that the US has already seen a dramatic drop

in tourism on Trump's second term.

So, yeah, there's just kind of a lot of statistics here.

California tourism authorities are predicting

a 9% decline in foreign visits to the state.

Hollywood Boulevard reports a 50% fall in foot traffic.

Las Vegas has seen a rapid decline in visits.

Canadian residents who made a return trip to the US by car

dropped almost 37% in July.

Air travel from Canada 25%.

So anyways, yeah, a point being like it goes on to say like,

tourism is already kind of low

and this is probably not gonna do any better.

And Jordan and I were talking about this a little bit

before recording actually.

And it's such a tricky area

when you talk about this kind of political stuff

because on the one hand, every country of course,

wants to make sure they're keeping the bad guys out, right?

And they wanna make sure they're keeping out the people

who have ill intentions when they come to the country.

And especially in the wake of 9/11,

if you were old enough to remember that,

I remember all this information coming out that like,

yeah, these guys, anybody who spent five minutes

would have realized that these guys had bad intentions

and there were all kinds of red flags

that didn't go off or nobody followed up on.

But it's just, I don't know, man,

there's, I feel like this is especially the DNA stuff.

Like the social media is already kind of,

but now you're talking about, you know,

family members, including children,

all their information, DNA biometrics,

I really have to wonder at what point

is this going just a little bit too far?

And I don't wanna get too far off topic,

but I've heard Snowden talked about

one of the big problems they had at the NSA

was an overwhelming amount of data

and the inability to parse it.

And I have to wonder if that's kind of a point

they're gonna hit too,

where they're taking in so much data, it's like, cool.

Now that we've got 500 data points

on every single person coming into the US,

we can't get through all the noise

to find the actual problem people

because it's just too much data.

- I don't know if you have any thoughts on this story.

- I mean, I think I would say,

people I've talked to,

just like the general sentiment that I've had was,

people are a little bit cautious

about entering the United States

for a large amount of reasons.

And I think this sort of thing is not really helping things.

I think people, once they learn,

you've got to unprivate your social media accounts,

let them search through everything, give DNA swabs,

fingerprint scans, biometric scans.

This is sort of the stuff that,

I think a lot of countries where there's more

repression of citizens.

That's a lot of people would say is, you know, that's you're infringing on people's freedoms.

And I think America, people assume that it's a free country, but there's this sort of stuff where if you want to enter the country, you have to give DNA swabs face scans.

Social media history, like this is not really looking like a country that cares about the freedom of the people that want to visit.

And I don't know, it's it's definitely kind of concerning.

But the way I understand it, right, is you don't have to be like an American citizen to be protected

by, you know, the Constitution and all of those things, right? The laws apply to tourists as well,

correct? I would have to check with my aforementioned lawyer friend, but I actually don't. I think

certain things do and certain things don't. Okay, yeah, I think that's certainly something that I

was thinking of. Yeah, it's a bit of a, this is for the visa process, is that correct? You need to

provide this information for the visa process. It's not even to like enter the country. I don't think

so because no, because it says the new disclosures would apply to the 42 countries whose nationals

are currently permitted without a visa. I see. So this is basically applying to everyone then,

in that case, right? I think so, because yeah, I think the visa, the process to get a visa,

I think is even more strict. Wow. And is this just for, this is just for tourism. Like, you have to

give all this information for tourism. Yeah, just to come visit, which I mean, obviously, I am an

American citizen, so I haven't been on that side of things, but like I went to Europe a couple months ago and

you know, it was just for a couple or not even a couple weeks. It was like 10 days. I didn't have to get a visa or anything. So like

I kind of have been a little bit on that other side of this fence where I get to

you know, not in the turning over social media and stuff, but yeah, like it's you know,

I don't know. It's just it's weird to think about if I were had I gone to Europe and when I get to Amsterdam, you know

to go through the port of entry and they're like, okay, unlock your Facebook.

And especially someone like me, how do I explain that?

Like, okay, what's your Facebook?

I don't have one.

What about Instagram?

I don't have one of them.

What's your, you know, like people already give me weird looks when I'm like,

I don't have any of this stuff.

But and then, you know, I don't know if I get caught not telling them about my

mastodon account.

That's probably not a good look.

So yeah.

Yeah.

I think if you've made any comments, criticizing the US government or

the US in general, that would probably, I don't know, that seems like that could be a reason to deny you entry into the country.

And I don't know, just to put a different perspective on this as well, I don't know if anyone's ever, people always talk about, you know, China is quite strict on this sort of stuff.

But even China doesn't require this sort of information to enter the country, right?

So this is kind of, I feel like this is almost like global precedent at this point.

Like I actually have never heard of a country requiring this much information just to go

there as a tourist, not even to live there, just as a tourist.

So yeah, this is definitely kind of concerning.

And it's just, for me at least, it's just another reason why I would never go there.

No offense to any Americans.

I think you have an amazing country, but um, that's it's just yeah, it's a tricky. It's a tricky situation

To the uh

To the defense of the china critics, I think china still does it they just don't tell you you just show up there

And then find out you have to turn around and go home because they saw your twitter

Um, I could be wrong, but yeah

I don't know. I don't we we were talking about this a little bit before earlier

I don't want to be too political, but I do you know, I wasn't the military and i'm

I've never been an overly patriotic person, but I'm really worried about the direction

that we're headed in America.

This kind of stuff is a big part of that.

Like you said, this is ridiculous for a democratic, open country.

We've already seen people turned away at the border.

There was a guy, a French person, a scientist of some kind, who flew to the US for a conference

earlier this year flew into Houston and they said that he had a like anti-American extremist

content and to be fair, they never disclosed what it was.

So I mean, maybe it was like really bad stuff, although I find it a little bit hard to believe.

Maybe it was just, I don't like that guy, you know, there's, there's unfortunately, there's

a lot of stories out there and we're living in a very difficult time where the veracity

of a lot of claims is up for debate.

So it's really hard to parse through this stuff, but I think this is setting very dangerous

precedents when you make these overly broad, like, you know, hostile attitudes towards

its citizen culture, government or institutions.

Like, I don't know, that's kind of one of the freedoms I enjoy as an American is to criticize

my government, which I've been doing regardless of party for the last several years.

So I don't know, I'm probably getting a little too political, but yeah, it's just, we're

not heading in a good direction.

Um, it's scary from a, from a privacy perspective, for sure.

Yeah.

Also just from a general like freedom perspective, this is kind of concerning.

Um, I think everyone can sort of regardless of your political alignments say that this

is not really a great, uh, aspect in terms of people's privacy.

This is kind of invasive.

it's collecting too much information just to enter the country.

Um, I feel like that's a reasonable position to take on this, um,

regardless of what you think about whether this is a good idea or not.

Um, but yeah, I don't, I don't really have too much more to add on this

unless there's something you could add from a more American perspective.

No.

Um, yeah, I just not, not to give it a pass, but going back to what I said,

I see the argument of having to, trying to weed out the bad guys, but I just wonder about

the efficacy of this.

And you know, the question that I've always asked in the past is like, what are we giving

up in exchange for something?

You know, we want to keep the children safe, but if we're taking away all their rights,

is it really a worthwhile trade off?

Like how much are we improving their safety versus how much we're taking away?

And I feel like that really applies here.

How much are we weeding out the bad guys and keeping the country safe in exchange for violating

so many people's privacy. That's very concerning to me.

Yeah.

All right. I believe our next story will take us to India.

Yes. So India considers enforcing a GPS on mobile devices.

So this is sort of a quick little story here.

India's government is considering a proposal to force

smartphone manufacturers to enable GPS tracking at all times. This is just a short write up on

the privacyguides.org/news category by Fria. So the proposal comes courtesy of the Cellular

Operators Association of India, a non-governmental trade association representing reliance. Okay,

I'm not going to try. Just you can see on the screen. Some of the biggest Indian telecom companies,

The proposal is a response to the Modi administration's

rostrations that they often don't get precise locations when making legal

requests to telecom firms, since they rely on cellular tower

triangulation, which isn't always very precise.

So AGPS is Assisted Global Positioning System is a form of GPS that combines

a satellite-based GPS with some other technology like Celia Network and

nearby Wi-Fi access points to achieve a much more precise location than either technology

could achieve alone. The proposal would see to it that smartphone users can't disable

the technology. This would mean that the location services would always have to be enabled without

an option to turn them off. Apple, Google and Samsung all oppose the move on the grounds

that a GPS network services is not deployed or supported for location surveillance, and

that the move would be a regulatory overreach, according to a letter from the Indian Cellular

and Electronics Association, a different non-governmental organization representing Apple and Google.

India's government has scheduled to meet with the top smartphone manufacturers to discuss

the matter, but the meeting was postponed for unknown reasons.

at this point, no decision has been made.

So I think one interesting thing we've seen with India

is they sort of have been pretty ready to sort of implement

these surveillance things.

Like I know they've got quite a comprehensive digital ID system

and that's certainly a bit of an issue

with a lot of surveillance things.

But I think the ability to get even more precise location from this AGPS thing is, I don't know, it just seems a bit, it's like you're treating every single person as a suspect at that point.

Like every single person has got to be tracked, their location is to be recorded by the government.

That seems like, I feel like that's like 1984, you know, like that's like, that's like kind of like dystopian, you know.

But it seems that the Indian government doesn't appear to think so.

It says here, Apple plan to outright refuse the order and the Indian

government quickly backed down and reversed the requirement.

So it was because the manufacturers would have to install a government app by default

and it wouldn't be able to be removed by users.

Basically, that app would be able to provide the location tracking at all times.

So yeah, it's a bit of an issue, right?

Especially when there's these governments trying to strong arm

like smartphone manufacturers into like implementing these tracking measures.

I think it's quite a bit of a problem, especially when this is so wide

reaching in society, like every single person is going to have to have their

device location tracked at all times.

It's it's it's problematic in a lot of ways.

But yeah.

Yeah.

I don't have a lot of thoughts on this that you didn't already state.

It's India's going a little bit hard in the paint right now with, uh,

trying to really force things on their citizens.

And like you said, originally it was this, this app, this, uh,

Sanchar Sathi, which I'd probably mispronounced that.

And I apologized to all the Indian listeners, but they were like, oh,

it's this cybersecurity app.

And then they backed down from that.

And they were like, oh, well, you know, everybody downloaded it.

So it's cool.

And then they were like, Oh,

But now encrypted messengers need to link to a SIM.

And that also, I believe, got repealed, at least informally,

got repealed.

And now they're like, oh, but now this assisted GPS tracking.

And it's just--

I don't know.

It's really weird.

And the fact that they keep--

it's the fact that it keeps happening.

The cynical part of me wants to make the joke.

It's like, don't you know you're supposed to put a few months

of space in between all these attempts?

Like the fact that it just keeps happening like every other week and it's like something different every time it's like, what is going on there?

It's you know, earlier I talked about giving politicians the benefit of the doubt, but I'm having a hard time doing it here for sure.

So yeah.

Yeah, I don't I feel like we don't have to explain why this is a problem, right?

Like having everyone's location monitored by the government at all times.

I feel like most reasonable people would be against this, but apparently the Indian government thinks that this is completely reasonable.

So I don't know, but I think it's, I think if you live in India, you need to really make

a stink about this because this is like, this is mass surveillance.

Like that is by the letter mass surveillance.

So definitely, definitely, I'm not too familiar with Indian politics.

So I'm not really sure what avenues you might have to, to fight against this.

But I've definitely do some research on that.

I can't really provide any info on that, unfortunately.

- Yeah, they do, I know they do elections

because I know their elections last for like a month.

Like it's a pretty intense process.

So they definitely have elected officials.

So I would imagine there is a way to contact them, I hope.

All right.

And that'll take us to our next story, which is,

this is a big deal.

I'm a little bit surprised

'cause when I first heard about this, I was like,

"Oh no, this is gonna be like the next just never ending,

never ending vulnerability that we keep hearing about."

But so far, I feel like it's been a little bit quieter

than I expected.

Not to say it's not bad,

it's just been quieter than I expected.

So anyways, there's a new vulnerability called React to Shell

and I do apologize that I'm kind of reading this story

in real time.

This was kind of a last minute story for me,

but there's this new remote code execution

that has exposed over 77,000 IP addresses

and has breached over 30 organizations.

So again, it is a big deal.

I was just expecting to see it in my head

lacks a lot more.

So this is an unauthenticated remote code execution vulnerability

that can be exploited via a single HTTP request

and affects all frameworks that implement React server components,

which includes Next.js, which is very popular.

So yeah, it...

Bleeping Computer likes to get really, really deep in the weeds

on a lot of these kind of vulnerabilities.

So I'm probably not going to read the whole article

because they get very technical.

But I do know that next.js is a very big vulnerability,

or not vulnerability, excuse me, a library, I believe.

It's something that I know gets used quite a lot.

So React is close, I'm sorry.

Yeah, yeah, it's a very popular one.

So React disclosed the vulnerability on December 3rd

and explained that unsafe deserialization

of client-controlled data inside React

enables attackers to trigger remote code execution

without authentication.

So basically, for those who don't understand remote code

execution, it's remote.

They don't have to have physical access to your device

or anything like that, as long as they can get access

to the server.

I have seen a few of the projects that I follow

have been pushing out updates that specifically

in the patch notes say like, this is to fix the React,

what is it called?

React to Shell Flaw.

So I'm glad to see some people are responding to this.

So on December 4th, a security researcher

published a working proof of concept

demonstrating the command execution

against unpatched servers.

And soon after scanning for the flaw accelerated

as attackers and researchers began.

So this is one of the reasons that responsible disclosure,

and I'm not saying this person didn't responsibly disclose,

I don't know the details on that,

but this is one of the reasons that responsible disclosure

is such a big deal in the security community

because once you go public with the details,

especially like detail detail of how this works

and approve a concept.

They like literally the next day,

I start seeing articles in my newsfeed

about like all of a sudden scans have gone up

and attackers are trying to find people

who are using this outdated server or server software

or whatever, we see that kind of stuff a lot.

So yeah, the researchers determined

that IP addresses were vulnerable

using a detection technique

where an HTTP request was sent to servers

to exploit the flaw and a specific response

was checked to confirm whether the device was vulnerable.

So again, they could do this automated scanning

to see who was vulnerable.

Gray noise recorded 181 distinct IP addresses

attempting to exploit the PLAW over the past 24 hours

at the time this article was written.

Scans are primarily originating from the Netherlands, China,

the US, Hong Kong, and a small number of other countries.

So that's interesting, Netherlands.

Did not expect to see them pop up on this.

Palo Alto Networks reports more than 30 organizations

have already been compromised.

Attackers exploiting the vulnerability to run commands,

conduct reconnaissance and attempt to steal configuration and credential files.

And some of these compromises are linked to known state associated threat

actors. So yeah, let's see here.

Let's see, Cloudflare has rolled out.

No, you're good.

I just noticed in the United States, there was 24,000.

That's like the highest out of every other country.

And just thought that was interesting.

Yeah, that surprises me too.

I wonder if they've got to be using VPNs or something, I think.

So yeah, it says here further down in the article, because again, I'm skipping over

some of the more technical details.

But if you're a tech savvy person who wants those details, definitely check those out.

Because again, bleeping computer usually digs deep into the step by step.

They say that Cloudflare has already rolled out emergency detections and mitigations.

However, it inadvertently caused an outage.

So if some of the websites you use earlier this week kind of went down for a little

bit, that could be why CISA has added the CVE to their known exploited

vulnerabilities catalog and is requiring federal agencies to patch by December 26th,

which is a very generous timeline in my opinion, but maybe I'm wrong.

Um, let's see here.

Yeah.

So we, uh, we see these kind of vulnerabilities happen from time to time.

It's, you know, if, if, uh, if one organization uses a certain

library or a certain, uh, framework in this case, you know, then.

Unfortunately, everybody who uses it could be exposed.

So thankfully, like I said, I haven't seen too many.

What I've seen a lot in the past is one thing happens.

And then every single week for six months, there's like six new companies

are like, Oh, we had a data breach because of this third party thing.

I personally have not seen that yet, but also I guess this is still pretty early and could still end up happening.

So yeah, hopefully a lot of the projects you use are patching for listeners out there.

They definitely should be because I believe this vulnerability was rated like a maximum severity rating.

Like this is like a severity 10 vulnerability.

So like they 100% should be.

And I would hope that everyone is rolling out fixes sooner rather than later,

like not the 26th of December.

That's kind of a long time.

Yeah, that's like three weeks away.

That's crazy.

Yeah, especially for like a remote code execution vulnerability.

That's quite a long time.

And I think there are versions rolling out now that have got the

that have it fixed.

So I think all it requires is just to make sure you've updated.

So that might be more difficult in some organizations or might be more easy in some organizations.

So it kind of makes sense.

But yeah, this also affected like other things that like include or depend on the React server, basically.

So I think the ones that I listed here is the React Router, Waku, RSC, Plugin RSC, RW, SDK, and Next.js.

So I guess if there's anyone who's like a developer or anything like that, you'd probably know by now, unfortunately.

But yeah, it's definitely an unfortunate vulnerability

and definitely hope that people are updating

their backend stuff right away.

- I just wanted to say I went and checked,

followed several links and yeah,

that's a 10.0 vulnerability.

That's crazy.

I don't know that I've seen one of those before personally.

I've seen a lot of like nine point somethings,

But wow, 10 is I think as high as the scale goes.

- Yeah, definitely a pretty bad one.

Oh, we just got another five privacy guides,

memberships gifted by Jonah.

So if you got one of those, make sure to say thank you.

Thanks, Jonah, for that.

- Jonah's so generous.

- 10 gifted memberships, oh my goodness.

- I know.

Yeah.

All right.

I think it's time to head over to the forum and look for questions unless you have anything

else to add.

No, yeah, definitely.

That's everything there.

Let's move on over to the forum here.

Was there any updates that you thought were very important to mention this week?

Oh, yes.

So we do have some bad news that we're going to cover real quick that has been getting

a lot of discussion, which is that Techlor has shut down their forums, actually.

So let me, we have a discussion going on about that in our forums that has been very active.

But I real quick, I do want to read Techlor's own statement about it over on his site.

Basically he says, "Oop, there's a pop-up."

Basically says, "TechLore has a new home.

Everything is now consolidated at TechLore.Tech and powered by Ghost, but there's difficult

news too.

We're closing our public forum."

So as of today, which is a couple days ago, the forum is read only.

It will remain accessible until June 1st of 2026 so you can export your data and reference

valuable threads.

After that, all user data will be automatically deleted.

Users can still DM each other to exchange contact information if they wish.

He says this was a difficult decision.

We went back and forth on for months.

The forum has been a space where many of you connected

and shared knowledge.

Losing that hurts, not just for the community, but for us too.

He says, but the reality is we were a two-person team.

We haven't been able to give the forum the attention it deserves.

And forums require sustained focus, energy, and care.

And that's energy we want to direct at our core mission.

So yeah.

And then he goes on to talk about moving into focus

on their other content.

So yeah, thanks to the privacy dad

who went ahead and shared this on our forums

'cause that's definitely where I first heard about this.

And then thanks also to JG who went ahead

and posted the actual link to Techlor's statement.

So yeah, it's been a very polarizing thing

among our own community.

You know, I think nobody's really happy about it

from what I've seen for sure.

And it's very unfortunate, but it's,

yeah, I don't know.

I think, I guess the reason it's been especially unfortunate

is a lot of people, I don't know,

there's a, how do I want to word this?

I've seen a lot of people really like the idea of diversity

and just having more options in general,

which is something I'm a big believer in too.

And so I think that's a major reason

that everybody's been really kind of bummed about this.

But I don't know, it's a,

and I know it's, I don't know,

I don't have a lot of thoughts other than what Henry said.

You know, it's two people over there at TechLore right now

and that's, forums require a lot of work.

You know, we're really fortunate to have

a really good team here of volunteer moderators

that help keep an eye on things

and our forums are super, super active.

I know it's not easy to keep up with a forum

or any kind of community really.

So that's a lot for two people to manage.

Did you have any thoughts on this story,

on this development, Jordan?

- No, it's just an unfortunate outcome,

but yeah, I think it's,

there was definitely some interesting information there.

I would definitely look at exporting your account's data.

That's a thing you can do in discourse.

And I think, yeah, it's interesting to see that they're taking a direction towards more

digital rights activism, which is really exciting.

So I think I'm excited to see where that leads.

But I think that the forum will be sorely missed.

I definitely was a fan of that forum and I was pretty active over there.

So it is unfortunate it's going away, but as you can say, all things come to an end eventually.

So that's unfortunate, but yeah, definitely looking, definitely very excited to see what

future stuff their team is working on.

Agreed.

Yeah.

Yeah, Jonah says over here in the chat, end of an era, we really need more places to constructively

discuss privacy advice, but we're coming at things stronger than ever at PrivacyGuide,

so hopefully we can pick up some slack.

So yeah, I mean, of course, if you were a TechLore forum user, we would love to have

you over at the privacy guides forum. We now have the, what did I talk about at the top?

The experience level tags. So, you know, if you feel like you're still pretty new to this

stuff, you can go ahead and tag yourself with a beginner tag if you want to. And yeah, you're

definitely welcome here. And I don't know. Yeah, there's, you know, they're talking about

some other stuff too, because again, it's the diversity that people really appreciated.

So people are talking about different Lemmy communities.

And it's a good discussion to check out

and see what else is out there.

People mentioned a few specific project forums,

but those are like, you know, Graphene Cubes.

Those are dedicated to those projects specifically

and not always privacy in general.

So yeah, but I'm with you.

I'm excited to see what TechLore

is gonna be putting out in the future.

They've been putting out some really good videos lately.

So wishing them the best on that for sure.

- Yeah, some really good stuff,

especially on the, I saw the video about the digital omnibus and I thought that was great.

So it's really good stuff to see coming out.

And yeah, we're definitely also working on some activism stuff here as well,

which I think will be really exciting.

But it's, it's definitely, definitely a change.

I'll definitely miss it.

But yeah, all the best to them in the future endeavors.

Yeah.

I'm catching up on old content.

He's got a lot of interviews with people

that have been really interesting.

All right.

I think that'll bring us into the questions.

So we're going to start by taking questions from our forum,

specifically from our paying members.

And if you want to become a member,

you can go to privacyguides.org,

click the little red heart icon in the top right corner

of the page, and you will be presented with options there.

And then once we have checked the forum,

we will go ahead and bounce over to the live chat,

where I know we have been getting some questions.

So thank you guys who have been active.

I actually, it doesn't look like there have been

a whole lot of questions this week,

but there have been a few posts I wanted to mention.

One of them was, JG said it would be really cool

if privacy guides talking about the highlight story

this week about the man who got arrested in Atlanta.

He said it'd be really cool if we could get in touch

with EFF to answer questions as far as legal stuff and issues.

So it wasn't EFF per se,

but I did reach out to a lawyer and I hope that was helpful.

You said, this would help us better understand how to

and how not to enter the country if you're an activist.

So yeah, I know we didn't answer that specifically,

but I did talk about how there's,

it's really a lot of gray area when it comes to cell phones,

searches at the border right now

and definitely need to just err on the side of caution,

I think.

And then JG also asked if Jordan could weigh in

about the social media ban, which you did.

So, trying to see what other questions here.

Feel free to chime in if I missed one, Jordan.

- Yeah, just seeing a couple of speculations here about,

you know, was the activist that was arrested,

were they using Graphene OS?

We don't know.

So, I mean, I hope they were, you know,

but yeah, I don't, we don't know,

but it would be interesting to hear.

More details about this.

We're kind of waiting on the media to pick it up or like for more information to get released basically at this point.

I wouldn't be surprised on that note if 404 does release because I think that's where we originally picked up the story.

And 404 in my opinion does a really good job of keeping up with stories because one of the drawbacks of the news cycle is a lot of the time once something falls out, people just move on.

So I really appreciate organizations of any kind that do kind of like stick to a story and update whenever there are updates.

So hopefully they will.

But somebody asked a few questions about how the forum works specifically, which it looks like Jonah went in and answered those.

Yeah, so not a lot of questions from the forum specifically this week.

But, and Jonah just gifted a whole new round of memberships.

Oh, no, no, no, that was solid this all.

Sent five privacy guides, gift memberships.

Hey, thank you for doing that.

How nice of you.

Man, this is like Oprah, you get a membership,

you get a membership, you get a membership.

I love it.

Thank you to all the members, the new members.

Okay, so scrolling back up to the top here,

this is kind of a difficult thing.

Can a bidder, you said,

shouldn't the Supreme Court's job be to interpret the law

and not the public opinion?

That would be nice, but according to my lawyer friend,

there is unfortunately politics

that goes into this stuff sometimes.

So I hate to say that,

and that's not me trying to cast any kind of aspersions

one way or the other.

That's always just unfortunately been part of the system here in the US.

And I don't like it, but yeah.

That's also why a lot of the time you will see a case that will go like, it'll work its

way up through the courts.

And then right when it gets to the Supreme Court, the, the, um, somebody involved in

the case, usually the person pushing the case, the, what do they call that, the plaintiff,

I think they'll drop the case because their fear is that if they take it up to the Supreme

Court, the Supreme Court will rule in a way against them and then it will become legal

precedent across the US.

That's not exactly a one-to-one of what you're saying, but the point is it's a lot of the

time there is a little bit of political game theory that goes into our political system.

It's unfortunate.

So Saad, this all says love the guitars in the background.

Thank you.

I appreciate it.

There's a few I'm proud of.

Let's see.

You said you're not sure about disappearing messages

for most people.

As a recommendation, I'm not super sentimental about old messages,

to be honest.

But I recognize that not everyone shares that opinion.

So--

Especially because it's so easy at this point.

Like, you know, signal, you can just swap a setting in the settings and then every single

message you send in the future is going to expire.

I know I just put it on four weeks.

I'm not too sentimental about things, but I think it's an easy change to make and you

never know what you've sent in the past that you might not want to be existing forever

on someone else's device, which is what would happen if you didn't have it.

So definitely worth thinking about a bit more if you need that sort of protection, but I

I can completely understand if you are a little bit sentimental about your messages.

Somebody, Abdelhaq Kour, apologies if I pronounced that wrong.

You said, why isn't Session Messenger on the PrivacyGuides website?

I believe the biggest reason, and we actually talked about this the other week,

as I believe a headline story, is the lack of perfect forward secrecy,

which is basically, if you didn't know, it's when every so often the encryption

keys rotate. So that way if somehow, if the encryption were to be cracked by like

a government computer or something, they would only get access to a certain window

of messages instead of your entire message history. However, we did announce last week

that coming in 2026 session will be adding PFS. So obviously I cannot say anything for

sure. We don't know the future. There may be other factors that I'm not aware of,

but I wouldn't be surprised if there is at very least a discussion revisiting session

and whether or not we should add it. So if you have opinions on that, definitely join the forum

and be part of that discussion when it comes up. So there's comments about doom scrolling.

I will address this one actually. You also asked if you care about privacy, why is your face on

on YouTube, I chose to make that decision

just to help spread the message.

And obviously I could have gone like the route

like Jordan is using the,

I don't know what Apple calls those, the emoji thing.

But Jordan is using that like the hated one, for example,

just does a voiceover.

I could have gone that route.

And honestly, if I were doing it today,

I maybe would consider doing like the VTuber thing

potentially, but at the time that I started doing

YouTube videos, VTubers weren't really, at very least they weren't a super popular

thing like they are now.

And, um, I don't know.

I, I felt like for me, it was worth giving up a little bit of that privacy to

help spread that message.

And, um, I don't know.

I, I, it doesn't really bother me so much anymore.

There's other steps that I take to try and protect my privacy.

Like, um, you know, for, I'm actually pretty open about this.

Nate is not my real name.

It's, it's a stage name, if you will.

And, you know, I take a lot of steps to compartmentalize my life and remove data broker data and stuff like that.

So, you know, privacy is a sliding scale.

It's not like an all or nothing.

Like, could I have better privacy by not showing my face?

Absolutely.

I could also have better privacy by just not having a YouTube account in general.

So, it's kind of up to everybody to judge their own threat model and what's important to them.

And I was willing to not to like try to make myself sound grand or anything, but I was willing to make that

personally to help spread that message.

So, and then I think this is when they started handing out

memberships.

[laughter]

Yeah, I definitely think there's risks with showing your face.

And I think especially for people that are of a certain group of people,

it can be kind of problematic.

So yeah, I personally prefer not to because yeah, just not something I really want to

deal with, but I think it's good to also make that sacrifice as well.

But I think it's certainly up to the individual, you know, like whatever you're comfortable

with I think is important to think about and choose what's the best option for you.

Nate looks like Harry to me.

What I miss?

Oh, Harry who?

Just because you said your name wasn't actually named but yeah.

Oh, like Harry.

Okay.

I don't know if I have an opinion on that.

Actually, I will say when I was younger, like middle school younger, I got, this is going to be a hard thing for younger people to think about.

to wrap their heads around, but once upon a time,

Harry Potter was not cool.

And I got bullied, picked on a lot for looking like Harry

Potter.

So yeah.

Interesting.

Yeah, I know nowadays that would get you cool points.

But back then it was an insult.

Somebody asked if we mentioned Noster.

We didn't bring up Noster.

I don't believe we recommended on privacy guides either.

If you think we should, again, head over to the forum,

started discussion. Do we still allow discussions on GitHub? I know that used to be a thing.

No. Well, I mean, unless it's an issue, but there's no GitHub discussion. Gotcha. Gotcha.

Okay. Then yeah, if you think we should head over there. And then yeah, somebody else asked,

what are the benefits of being a member of PrivacyGuides? For now, I think the biggest thing is

probably the early access to videos by, I think it's like, man, how long was the,

oh no, it's still member only the threat modeling video is still member only.

But yeah, now we've got the smartphone course as well. And yeah, so early access to videos,

but I do know we're always having discussions and taking suggestions on

additional perks that we can offer to members. So yeah.

Definitely worth checking out the videos that are like sitting there because they're not quite done yet.

Like we want to release the entire course to the public in one go.

We don't want to just like have it sitting there and not be complete.

So that is why it's sitting as members only for the foreseeable future.

We're hoping to have the stuff published by the end of the year.

So that'll be public then.

But it is kind of important to make sure we get all of the course done.

is kind of a lot of work to get that all completed,

especially because there's a lot of information in the course.

But yeah, it's looking pretty good so far,

but there should be a regular upload soon.

We're just been working a little bit more on the courses.

So yeah.

- Yeah, which again, I really wanna thank you for that

'cause I feel like in my personal opinion,

as somebody who has edited all my own videos

start to finish over at the new oil.

Like I feel like the, the most involved part is the part that you're doing, like just a

quick peek behind the curtain.

What's been happening so far with the videos I'm on is I film them, I do the initial rough

cut just to kind of cut out all the dead space and the mistakes and, and then I send it over

to Jordan and Jordan does all the color correction and adds all the really cool animations and

graphics and stuff that I could never figure out how to do in a million years.

And so I feel like Jordan's doing the majority of the work by far.

And I really, I think they're crushing it too.

And I really appreciate all the hard work they do.

So.

Yeah, no, I think it's definitely, uh, it's going to be really great once people

get to see, because I feel like nothing's public yet.

But, um, I think once everyone gets to see, um, the smartphone security course,

I think they're going to be very impressed.

Cause yeah, I do, I do think you did a great job with explaining stuff.

And just to be clear, it was Nate who wrote that.

So yeah, that's going to be coming soon.

Definitely look out for it.

But just one small thing is YouTube members are different to our forum members.

You only get access to the early videos on YouTube, if you're a YouTube member.

So it's kind of an unfortunate thing, but just another thing to cover here.

And also, Nate, can you either neither confirm nor deny the Harry allegations?

You know, I think my thing lately is I'm just going to deny everything.

And yeah.

Yeah, I was in an online chat room one time a few a while back where somebody was like,

hey, aren't you, Nate?

And I was like, I don't know who you're talking about.

So I think that's just going to be my thing now.

Oh yeah, I guess people could recognize you I suppose.

Um, that is, that is something to think about.

Um, hello there, Dev, Dev Josh.

Hello.

Welcome.

Yeah.

All right.

Well, that is all the updates from this week in privacy.

They will be shared here on the blog every single week.

Um, so stay subscribed with your favorite RSS reader.

If you want to stay tuned, um, there are, I believe I'm

missing some parts to this sign off.

Oh no.

Well, I know I do wanna remind you guys that,

like I said at the top, Privacy Guides is a nonprofit

which researches and shares privacy related information.

And my cat is making a last minute cameo yet again.

And we facilitate a community on our forum and on matrix

where people can ask questions and get advice

about staying private online and preserving

their digital rights.

If you would like to support our mission,

you can go to privacyguides.org

And there is a little heart in the corner, the top right of the website.

You can click on that and you could become a member or you can make a one time donation.

And all that information is available there.

So thank you guys for watching.

Again, updates will be in the blog.

So subscribe with your RSS reader.

If you prefer audio, we do have a podcast style recording of updates, um, which you

can go find on our website as well, or I believe we'll also be in the description here.

There's a newsletter that contains a summary of all these stories if you want access to that as well.

So thank you guys for watching. Jordan, did I miss anything?

No, I'm not sure why that changes in the document, but yes, we will be good next week. Don't worry.

But yeah, thanks so much for watching.

Just making sure I covered it all.

Yeah.

Okay. All right. Thank you guys so much for watching and we will see you same time next week with the latest news from next week.

Bye-bye.

[MUSIC]