Hello! what is the best setup for creating content without compromising my privacy? i am aware of most opsec stuff but i have some questions:

  • how do i use 2FA without giving YouTube my phone number?
  • how big of an identifier is my voice? should i use a voice filter?

thanks.

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      There is a surprising (to me) amount of Perrtube recommendations here. Has something happened that suddenly so many of you recommend it?

      Also, could you give advice on a few instances that are maintained and allow uploading? In the past (a half or 1 year ago) I’ve had trouble finding one.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      It is small but maybe one day. Right now the federation leaves a lot to be desired. Still better than YouTube privacy wise.

  • ExtremeDullard@lemmy.sdf.org
    link
    fedilink
    arrow-up
    26
    ·
    4 months ago

    YouTube is Google. Asking how to use Google without losing your privacy is asking how to swim without getting wet.

    Use PeerTube. You’re asking this question on Lemmy, so surely you’re comfortable with the whole Fediverse thing.

  • nutbutter@discuss.tchncs.de
    link
    fedilink
    arrow-up
    26
    ·
    4 months ago

    I highly recommend using PeerTube instead of YouTube.

    For voice, I recommend using something Ardour or LMMS to mask your real voice with some filters.

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      4 months ago

      There is a surprising (to me) amount of Perrtube recommendations here. Has something happened that suddenly so many of you recommend it?

      Also, could you give advice on a few instances that are maintained and allow uploading? In the past (a half or 1 year ago) I’ve had trouble finding one.

      • nutbutter@discuss.tchncs.de
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        TIL Vids is a really well maintained instance. It is not federated, and not everyone is allowed to upload just like that. Go to their Matrix channel for more information and discussions.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    20
    ·
    edit-2
    4 months ago

    You can use a hardware security key, like a yubi key, or a software fido2 equivalent.

    That way it satisfies the two factor requirement, without using a phone number.

    For initial registration you can use an SMS service like SMS pool or the others, you pay a little money, you receive a real text message to a real phone number. You just don’t have access to that number in the future

    Your voice, vocabulary choice, lighting conditions, power interference frequency, can all give away parts of your location and identity. You have to choose what level of paranoia is sufficient

    The most anonymous, would be to have a v-tuber like model, respond and parrot LLM generated voice audio, from a script that’s been translated a few times. Or pay a voice actor from Fiverr to read your script.

    Of course this whole time, using a VPN.

  • Mubelotix@jlai.lu
    link
    fedilink
    arrow-up
    16
    ·
    4 months ago

    Pay some random guy on the internet to upload for you. Yes, your voice will get you identified. Keep in mind that even a voice filter won’t be enough to protect you from authorities. Some people use AI voices instead of theirs to stay anonymous

    • pentagrammar@programming.dev
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      Adding to this, uploading audio/video instead of text means a lot more info and metadata for future adversaries to chew on and discover what you might be hiding. There are instances of people being traced to their country/city based on tiny details like the electrical outlets on the wall, geographical features and noises from nearby electronics like national news broadcasts.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        The lights flicker at a specific frequency and those frequencies are ever so slightly different in different places. It can be mapped to a grid.

  • dactylotheca@suppo.fi
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    4 months ago

    Who are you protecting your privacy against here?

    Because if it’s Google, then why on earth would you want to upload content to YouTube in the first place?

    OK, let’s say you didn’t give them your phone number and masked your voice. If you’re not connecting over a VPN or something like Tor, they still have your IP address.

    OK, you now use a VPN, but your browser can still be very effectively fingerprinted and that fingerprint could be nearly unique.

    And so on and so on. And this isn’t even going into metadata in & about your video files that could be used to fingerprint the system they were done on.

    • hopefull_cottonball@lemmy.mlOP
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      4 months ago

      Who are you protecting your privacy against here?

      viewers and potential malicious hackers.

      Because if it’s Google, then why on earth would you want to upload content to YouTube in the first place?

      I understand everyone wanting me to use PeerTube, but i can’t see my content being successful there.

      And so on and so on. And this isn’t even going into metadata in & about your video files that could be used to fingerprint the system they were done on.

      i confess i didnt consider this. but i think there are tools to remove all metadata from videos. in the end, i dont need to hide myself from google or anything of the sort. i just want my information to be harder to find.

      • dactylotheca@suppo.fi
        link
        fedilink
        English
        arrow-up
        11
        ·
        4 months ago

        If you want to protect your privacy against viewers of your videos, how you upload them to YouTube makes more or less no difference. With this scenario the question is how much information are you leaking in your content, and that’d cover everything from writing style idiosyncracies to anything that can be used to potentially identify eg. where you live and so on.

        If you’re worried about “malicious hackers”, then the question is who are these potential hackers you’re protecting against? Would they be attacking Google or you? If it’s you, then how you upload things to YT is again completely meaningless. If they’re attacking Google and get far enough to actually exfil data, what they’d actually be able to get out of it is anybody’s guess. Using a VPN and a throwaway email is probably good enough in any case.

      • youmaynotknow@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        Here’s the deal, YouTube belongs to Google, which makes the content inherently easy to find, unless YouTube doesn’t want it to be. That removes any possibility of you controlling who can see and who can’t.

        Peertube is a completely different animal, you have much more control on who has access, in special if you self host.

        My confusion with you post is that you say you want it to be hard to find, but at the same time you want it to be “successful”, what do you mean by that? What would make it successful for you?

        • hopefull_cottonball@lemmy.mlOP
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          4 months ago

          My confusion with you post is that you say you want it to be hard to find, but at the same time you want it to be “successful”, what do you mean by that? What would make it successful for you?

          sorry! bad phrasing. if one is to assume there is no way to 100% hide your identity from google, then at least make it “harder to find”.as in instead of giving google my info on a golden plate it would require a bit more effort. that is what i meant. ideally i would like my content to reach as many people as possible.

          • youmaynotknow@lemmy.ml
            link
            fedilink
            arrow-up
            4
            ·
            4 months ago

            In that case, and please anyone correct me if you think I’m wrong, I would create a user just for that, entirely divorced from real life “me”, including, but not limited to, different country, gender, age, all demographics, and use this persona exclusively for this purpose.

            Know that if you are expecting to monetize directly from YouTube, this is most likely an exercise in futility, but if you you’re not concerned with that, you’re golden.

            I would make sure to upload always over a VPN, just for good measure.

  • MigratingtoLemmy@lemmy.world
    link
    fedilink
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    4 months ago
    1. Purchase spare chromebook (with cash)
    2. Purchase spare SIM (cash)
    3. Get TOTP working with spare SIM, link FOSS authenticator app, delink phone number.
    4. Throw away SIM.
    5. Get a flash drive, wipe, load videos on it.
    6. Go to public location, sign into Google account from there, upload video.
    7. Remove battery from Chrome book after uploading video, only ever plug it into power in the proximity of WiFi hotspots which can’t be traced to you.
    8. Preferably don’t bring your phone with you since they can track you through that
    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      4 months ago

      You don’t need a SIM card to have a TOTP app they’re totally independent

      A VPN you pay for with crypto is probably more secure than driving to somebody’s public Wi-Fi for this use case. Driving to a location, sitting around while uploading a massive video on public Wi-Fi, it’s going to look very suspicious

      • MigratingtoLemmy@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        4 months ago

        Connecting directly to the VPN will still give away your IP unless you do that from a public location (which is not a bad idea). As for sitting around, select new coffee shops and find angles where cameras can’t see you. Make it an irregular schedule

        • MigratingtoLemmy@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          Walking then. I do not have any solutions against facial recognition like mass surveillance other than randomising your patterns

          • kugmo@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            Put some pebbles in your shoes to make your walking pattern on video seem different from your normal walk.

            • MigratingtoLemmy@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              4 months ago

              I suppose you could do that. Maybe putting an extra layer in one shoe will help with a limping posture if you’re willing to go that far, but nothing is foolproof against AI

      • MigratingtoLemmy@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        Use public transport, wear baggy thrift store clothes, preferably masks on. Will fool everything but the sophisticated (and expensive) AI systems. Won’t work if you’re in the UK or China because their governments are insane

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      Your IMEI number just got linked. You need a disposable phone and SIM. Or just go to one of those SIM swap parties where everyone swaps a used phone and SIM randomly from a basket

  • telep@lemmy.ml
    link
    fedilink
    arrow-up
    5
    ·
    4 months ago

    you can use something like smspool.net to verify the account with a one time use #. then google will allow you to link an authenticator app to the account. removing the # from the account afterwards does not remove the TOTP code either.