Hi all,
I haven’t used Discord in a while, but it became so that now I have to use it for communication with certain people getting support for some services that I use. What I’m doing currently is:
- using a separate randomised e-mail address only for the Discord account
- using a randomly generated username
- no profile picture
- tweaking the settings as best I can for privacy
Other than these points, I’m also being wary of talking about anything personal on Discord. Would you add anything so I can be even safer when using Discord?
getting support for some services that I use
NAME AND SHAME please.
I know interested people don’t like to talk about it…but we, the people, should really be moving away from Discord. A bucket of water doesn’t fix a burning house, ya know?
Moving away from Discord can mean you need to stop interacting with the community using it. My personal examples are: Tilt5, Makera, Turbo Sliders. In the these cases Discord is also the way to access support for something you’ve paid for.
Getting thise communities to move into something open (e.g. Matrix) can be a tall order.
I get your point, but that’s exactly what I do. When someone say “just use discord”, I drop their product/service/etc. and move on. I’m not saying everyone else should do that, but my life is too short for “support” via Discord
Do you game with friends? If so, what do you use instead of discord?
Yeah, I text and call them
An end to end encrypted chat app that supports group chats and calls.
Discord doesn’t have encryption and, according to the terms of service, can read your messages. If you care about privacy, I definitely would not recommend using it for private conversations, especially after recent rumors about adding ads. I think they won’t lose the opportunity to use your DMs for it
Don’t waste time your life on harm reduction over solving the root, removing Discord completely.
You can use it in a browser or opt for WebCord.
Note that any text send to discord currently stays there forever. I don’t know when, but you can bet your ass they will be investigated for a violation of the GDPR, which hopefully stops that for good.
deleted by creator
I heard the messages even stay when you delete them. At least people claimed they could recover then, don’t know whether that’s actually true.
Nope
If youre just talking to friends directly without joining servers so this might not matter. But discord might require a phone number for verification? Im not sure what triggers it specifically- I dont think its required just for an account though
I’ll give you the most extreme solutions I can think of, and let you decide how much of each you want to enact.
First and foremost: use a secure and privacy friendly OS—Qubes on a burner pc or GrapheneOS on a burner phone—with secure and privacy-friendly networking—use DNS-over-HTTPS, or self-host as much of the infrastructure as you can, consider a VPN, keep the device on an isolated VLAN—use a secure/private web browser like LibreWolf.
General rules of online interaction apply for maintaining privacy within the servers: e.g. don’t talk specifics about your location, your age, your physical appearance, your childhood, your employer, etc.
As with most modern apps, the web app is necessarily less intrusive than the installable binary. Use the web app when you can, and limit your usage to only when you can use the web app on a computer and network you own—privacy enforcing habits are more important than all the software stopgaps in the world.
If you absolutely must use a binary, consider breaking Discord’s TOS and using a modified front-end: I know some people who use Aliucord for Android, and I just this moment learned about GoofCord for desktop
don’t install/run any software without verifying the integrity of the developers/distributors and binaries yourself, or building from source and verifying the code
It’s better to have Discord stealing your browsing data to sell you shit than have some random github malware rootkitting your phone.
Use a Foss client that blocks the client tracking aspects, tor to connect, and only post pgp encrypted messages on it?
Use any matrix client unstead.
Don’t share any personally identifiable information and use the TOR network when using it for additional privacy.
A VPN and the other stuff you mentioned will deal with it
