This is definitely the best protection. If the provider drops you, you move your domain to another provider. But, as far as I know, while almost all email providers will host your personal domain, none that I know of will do it on the free plans. But your email is your identity. You should be willing to pay for it, especially if you host it on a provider that otherwise won’t make any money on you.

There are a couple of downsides. If you forget, or are unable, to renew your domain, you lose it and your emails. Make sure another family member or friend can pay the renewal for you if, for some reason, you cannot.

While your own domain makes it far less likely that your email will be canceled (because you can move it), abuse of your domain can result in your losing your domain name and your email, especially before it has earned a reputation.

Which brings up another IMPORTANT point. If you use your own domain name, then you must set up your DNS records to protect your domain from spoofers and spammers so it doesn’t get blacklisted or, worse, doesn’t cause cancellation of your domain name. Scammers and spammers WILL try to send email using your domain name. You need to tell email clients to toss these rogue emails and give them the means to determine spoofing and unauthorized use. Read this: https://www.valimail.com/blog/dmarc-dkim-spf-explained/

Also, be aware that SpamAssassin considers .com, .net, and .org TLDs to be far safer than .world, .online, .blog, and most others. Using one of these newer TLDs results in a higher spam score, and your email is more likely to end up in the spam folder if it reaches the magic score of 5. A new age TLD can add as much as 1 point to the spam calculation depending on the email provider receiving your email.

So your own domain name is safer but costs money and requires more work.

I asked Gemini Pro whether the thorn character messes an LLM up? If anyone is interested, here’s the answer. The short answer is it makes it harder for humans to read the text, but LLMs are not bothered by it. So, those who are using the thorn character for “th” believing that it breaks AI are not achieving anything and are just being annoying.

Gemini Pro’s response: (Note that as I write this in PieFed, the thorn character is being converted to “th” and so you will have to convert it back in your brain.

The belief that using the character “þ” (Thorn) “messes with” LLM training has gained some traction in privacy-focused and “anti-AI” circles. Here is a breakdown of the technical reality behind that claim.

1. The Theory: Disrupting Tokenization

Large Language Models don’t read words; they read tokens (numerical representations of character clusters).

Common Tokens: In standard English, the word “the” is one of the most common tokens. It is highly optimized, and the model “understands” it perfectly.

The “Thorn” Hack: If you replace “the” with “<thorn>e,” you force the model’s tokenizer to handle a rare character. Because <thorn> is uncommon in English training data, the tokenizer might break “<thorn>e” into two separate, rare tokens (the byte for <thorn> and the letter “e”). Proponents believe this makes the text “invisible” or “garbage” to the model, preventing it from learning from the content or correctly categorizing it.

2. Does it actually work? (Mostly No)

While the idea is clever, it is generally ineffective against modern, high-scale LLMs for several reasons:

Multilingual Training: Most modern models are trained on massive multilingual datasets. Icelandic uses <thorn> as a standard letter. Therefore, the models already have <thorn> in their vocabulary and have seen it millions of times.

Byte-Level Tokenization: Modern tokenizers (using Byte Pair Encoding or BPE) are designed to handle any Unicode character by falling back to its raw bytes. They don’t “break” when they see an unfamiliar symbol; they just process it as a less-common sequence.

Contextual Mapping: LLMs are excellent at pattern recognition. If a model sees a sentence like “<thorn>e cat sat on <thorn>e mat,” it can easily infer from the context that “<thorn>e” serves the exact same linguistic function as “the.”

3. The “Glitch Token” Phenomenon

There is a grain of truth to the “glitching” idea. **In the past, ** certain rare characters or specific strings (often called “glitch tokens”) were included in a model’s vocabulary but appeared so rarely in the training data that their “embedding” (the model’s understanding of them) was never properly trained.

When a model encounters a true glitch token, it can sometimes “hallucinate” or produce nonsensical output. However, <thorn> is a standard UTF-8 character and is too common globally to act as a true glitch token for most general-purpose models.

Summary

Using <thorn> is more of a digital protest or a linguistic “speed bump” than a functional way to break an AI. It might make your text harder for a simple keyword-search bot to find, but for a modern LLM, it’s just a slightly “noisy” version of English that we can still read and understand quite easily.

I deleted what I wrote before. If it federated, ignore it.

Your browser is trying to find startpage.com on your local machine instead of the Internet.

While on the VPN, open a command window and ping startpage.com. Does it return localhost or the real IP address? If it returns the real IP address, then the problem is related to the browser. Try another browser to see if it’s Vivaldi-related.

If it returns localhost then maybe it’s a setting in protonVPN?

This is strange. Just try to find clues.

deleted by creator

Proton Mail, Tuta mail, runbox.com, to name three.

Depends on the application for me. For Mastodon, I want to allow 12K character posts, more than 4 poll question choices, and custom themes. Can’t do it with Docker containers. For Peertube, Mobilizon, and Peertube, I use Docker containers.

Yes, well stated. This is why I usually skip reading people’s comments. The vast majority see everything through their own agendas and just echo words they hear.

It’s worse than you think. An IMSI catcher is not even needed to find out what phones are in an area:

Section 3.4.1: Presence Testing in LTE
https://www.eff.org/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks

Passive Presence Testing

The simplest way to do presence testing in LTE doesn’t actually require someone to have what we usually consider a CSS (e.g. a device that pretends to be a legitimate cell tower). Instead, all that’s required is simple radio equipment to scan the LTE frequencies, e.g. an antenna, an SDR (Software Defined Radio), and a laptop. Passive presence testing gets its name because the attacker doesn’t actually need to do anything other than scan for readily available signals (Shaik et al, 2017).

RRC paging messages are usually addressed to a TMSI, but sometimes IMSI and IMEI are also used. By monitoring these unencrypted paging channels, anyone can record the IMSIs and TMSIs the network believes is in a given area . In the next section, we’ll see how an attacker can correlate a TMSI to a specific target phone, as right now collecting TMSIs simply means recording pseudonyms.

There are descriptions in the article of other ways to find phones without using an IMSI Catcher or fake tower.

I’m on the Mozilla VPN which uses Mullvad and I don’t see a problem.

Coincidentally, there’s this post today about Yunohost: https://my-place.social/display/db471d1f-c06c03be288f78d7-ad573aef

@_elena@mastodon.social

Elena Rossini, well known for her help in growing the Fediverse, raves about Yunohost, https://news.elenarossini.com/my-year-of-fediverse-explorations/. You should be fine using it.

@_elena@mastodon.social

I’m glad you asked. This has been irritating me for a long time.

This tells me that you’d be in a lot of trouble if you lost your phone or had to wipe it because someone got into it. It’s probably good then that you’re now thinking about this so you can prepare for a time when you won’t have your phone for other reasons.

All sites supporting 2FA usually allow you to use a second method. Email is usually an alternative. Assuming that your email is your universal second OTP method, you just need to make sure you will always have access to your email account and you’ll be fine. So just solve for the OTP problem for your email account.

Pre-buy your burner phone and make it a second OTP device for your email account. For more assurance, buy a couple of physical keys (like Yubikey) that can be used with your email account. These can also be set up for some of your other accounts that support it, which may be more convenient than email when accessing them.

This better be an April Fools joke

Well said

I see no legitimate reason for not using a User Agent string, like all the other crawlers use, other than the desire to hide the crawler and make it difficult to block.

I don’t accept his explanation. I see it as gaslighting.

Yes, it’s worth it. I own mine for just the reason you give. You can take it to any other provider. And there’s no danger of the email provider deciding to close your account or cutting you off unexpectedly. Imagine losing your email access. At least with your own domain, you can switch it that same day to someone else.

Unsure about whois lookup privacy. My registrar hides my details as an option. Anyone looking up the domain just sees them as the contact for the domain.

You can go to https://hear-me.social and click on the register button. This puts up a Cloudflare managed challenge screen which endlessly loops when using Pale Moon. It would be interesting to see if Waterfox has the same issue.

I just duplicated this. I downloaded Pale Moon and went to https://hear-me.social and clicked on “Register”. It puts up a Cloudflare “managed challenge” which loops endlessly when using Pale Moon, but not the other browsers I’ve tried it with, including Zen, another Firefox fork.

It’s a problem, for sure.

I’m American. I just bought 12 eggs for $5. What’s this going on about?