this post was submitted on 20 Nov 2023
44 points (95.8% liked)

Privacy

32039 readers
919 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I like to try websites out before tying my identity to them. How do you do it? Simplelogin? I honestly won't manually make a new gmail for every new website I try and I to want the option to see what emails I get.

top 28 comments
sorted by: hot top controversial new old
[–] [email protected] 12 points 1 year ago (2 children)

I host my own Simplelogin instance and generate a new address for every service. Combined with Bitwarden, I now have a unique address and password combination for each account.

[–] [email protected] 6 points 1 year ago

I.. did not know you could self host. Well that's neat.

[–] [email protected] 4 points 1 year ago (1 children)

I’m still not clear on the value proposition of simplelogin.

I seem to get the same thing with a domain and a catch all address.

[–] [email protected] 1 points 1 year ago (1 children)

How do you reply to emails to your catch-all?

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (2 children)

Hit reply.

This is why I just moved from protonmail to Fastmail. With Fastmail I can send from arbitrary addresses using my domain. Why it’s not that simple with proton is beyond me and now that I’ve tested everything with Fastmail these past few weeks, I see it’s a choice.

I almost signed up for simplelogin but realized I was being sold something that should just be included. Plus setup was convoluted as fuck.

Meanwhile Fastmail is intuitive so far.

[–] [email protected] 5 points 1 year ago (1 children)

But in some cases you don’t want to use arbitrary addresses, but the exact same that was used to send you an e-mail. For me this is necessary and Simplelogin hides my real e-mail address. Additionally, I can with ease deactivate addresses and minimize spam by a lot.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

I can reply from ANY address from my domain including the exact one that was used to send me an email.

I can “deactivate addresses” by sending messages to a particular address straight to trash with rules.

Edit: turns out Fastmail has a masked addresses feature built in, separate from a catch-all. It’s basically simplelogin built in, if you want to enable it. Proton is looking more and more overpriced.

[–] [email protected] -1 points 1 year ago (1 children)

And when those addresses wind up on mailing/spam lists and they're coming from multiple places, you're screwed. That's why email forwarders became a thing, catch-alls aren't new, but you lack the control most want with them.

Plus, Proton does support plus/+ addressing, which does the same thing as a catch-all. You know the email addy it came from.

[–] [email protected] 1 points 1 year ago

If I were a professional spammer, the first thing I’d do to clean the address list I have is to strip out plus addresses. It’s a simple regex.

On how to filter, I can send any address straight to the trash apparently just like simplelogin. I’ll know who sold or leaked my info because it’s in Bitwarden and I can just search my vault to see who I handed that particular address to.

[–] [email protected] 8 points 1 year ago* (last edited 11 months ago) (1 children)
[–] [email protected] 5 points 1 year ago

Which of those work for phone numbers (SMS validation)? Email is easy.

[–] [email protected] 7 points 1 year ago (1 children)

I'd never use a temp email when I'm paying, considering they have my CC info. For random accounts that I won't check the mail accounts of, temp is great. Not going to trust a company for this.

[–] [email protected] -1 points 1 year ago (1 children)

Those addresses are there until you delete them. What does them having your CC have to do with it? Better yet, why do they have a CC? Meaning a real one? Not a masked one? Fuck that!

[–] [email protected] 1 points 1 year ago (1 children)

Ah, you'd use Privacy.com? Decent idea I suppose.

[–] [email protected] -1 points 1 year ago (1 children)

Its (incredibly) rare for me to use a card online if it's not privacy. I also used them constantly in real life thanks to places that have apps that let you add CC's. My gym, Supermarket, Gas at Kroger, Car wash, etc.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Do you pay for the premium tier? I would like a decent credit score, and using my card for normal, everyday purchases doesn't bother me as much.

Edit: Well, technically, they have your data anyway. It's like using Paypal for everything. TBH I'm OK with the system as it is right now, but I'd like greater adoption for Monero so I can make purchases directly using that instead of converting it to fiat once again.

[–] [email protected] 1 points 1 year ago (1 children)

No, I joined before it all changed and the only difference was how many card a month you can make. Currently, I believe they push the real transaction info to your bank so they'll show normally on your bank statements, where mine just say privacy.com, as well as the browser addon and web app, which are are all now a paid feature.

That said though, the $10/mo is worth it for what you get in the end. My whole purchasing life would change without it.

[–] [email protected] 1 points 1 year ago (1 children)

If they are going to push the transaction to my bank anyway, I'm definitely not trying it. As I said, even PayPal will obscure the buyer's details from the seller. What's the point?

[–] [email protected] 1 points 1 year ago (1 children)

Only on the free plan, but verify that. Even if you did do it on the free plan it's still very much worth it. You still have the protection of different cards for different people, the fact they lock to who you use them with, the ability to set spending limits, burner cards that only work once, the ability to pause or delete cards at will etc. All of that is a huge win either way, even if the transaction info goes to the bank. But even then that's an option.

[–] [email protected] 1 points 1 year ago (1 children)

I would be OK doing that if they didn't link to my debit card in the free plan (last time I checked)

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

How would expect them to do it? I can't see how they wouldn't link to you card if you expect to spend money. Moneys got to come from somewhere. Auth tokens are the safest way of doing that, prior to them upgrading to that it was done through ACH, which is not only slow, it's much more dangerous for the user since they have actual checking acct info. Auth tokens don't work that way, and even if there was a breach, your checking acct info isn't there, only a token they can't use. The way they're doing it is the smartest way for both speed, and your acct safety.

[–] [email protected] 1 points 1 year ago (1 children)

They link to one's credit card in the premium plan. That's what I would have wanted to see becoming universal in their services, but unfortunately that's behind a paywall

[–] [email protected] -1 points 1 year ago (1 children)

Gotcha, so you mean actual (credit) as a funding source vs debit? Can you link that? I didn't see that in the comparison, I'd possibly consider that.

I can do that now with Capital One, but having that all together would be nice. Kinda surprising, I'd think those habitual wrongful charge back types would wreck that for everybody.

[–] [email protected] 1 points 1 year ago

My apologies, I thought privacy.com supported credit cards, but apparently they don't, even in the premium tier. Indeed, I would like virtual cards for my credit card, since I'm never going to buy anything with my debit card anyway. I wish the other banks had something like Capital One

[–] [email protected] 5 points 1 year ago (1 children)

With gmail if you have an account like [email protected] you can then sign up for a website such as netflix with email [email protected] and gmail will forward it to [email protected], but you'll still see the full address on the To line so you'll know where the mail came from. Anything after the + can be whatever you want. This lets you sign up with a different email address for every site you visit without having to create new addresses with gmail. You can also make a filter to hide spam if one of the addresses is compromised.

[–] [email protected] 4 points 1 year ago (1 children)

only works with very simple scripts though - I'd assume that checking for a '+' in front of the '@' and removing everything inbetween is very simple if your goal is to spam everyone from a data-leak

[–] [email protected] 1 points 1 year ago

That's very true. I cannot attest to the knowledge and skills of potential spammers. However, more common than data leaks are data selling, and I doubt any company would bother to manipulate the email addresses they buy from others.

[–] [email protected] 3 points 1 year ago

I feel like numbers are much more difficult, aren't they? There are limits to how many there are, and the generally cost money to register. How does generating a unique number per service per user work?