help-circle
rss
My experience switching from iOS to GrapheneOS
My mobile operating system of choice is GrapheneOS. I run it on a used Google Pixel 8, as I didn't have enough money for any of the phones in the Google Pixel 9 lineup, which offer a more secure ultrasonic fingerprint scanner. I used to use iOS, but I finally managed to switch. I wanted to share my thoughts on GrapheneOS, problems I had, and the apps that I use. To install apps, I first check if it is available on GrapheneOS's built in app store. If not, it is installed via Accrescent. Because Accrescent is still very small in support, most of my apps are installed via Obtainium. One app however, ProtonVPN, is installed via Aurora Store, because that is the only installation medium that allows me to sign in as a guest. I do have a Proton account, so signing in isn't an issue, but since I plan to use ProtonVPN until I can pay for Mullvad VPN, I might as well get as much anonymity as I can. I don't use the actual Google Play Store, despite claims of it being more secure, mainly due to me required to create a Google account. I only use Aurora Store for ProtonVPN. For apps that are not available for Obtainium but are available on F-Droid, I simply use the F-Droid repo inside of Obtainium. All apps are verified with AppVerifier. For games I have a very small selection. Simon Tatham's Portable Puzzle Collection is a game collection I have been using since before I even knew it was open source. Antimine is a Mines client, which is a classic. I also play a game called Zoysii, which is only available on F-Droid. It passes the time. Code Word is a nicely made Wordle app, with some extra features. Open Sudoku is a nice Sudoku app, however I found that almost all of the available puzzles to install are very easily solvable. 2048 by SecUSo is a decent app to play 2048 that is still maintained, however it currently does not have a dark mode theme. blichess is a fork of lichess that simply adds the option to play over Bluetooth, which I really like. My mobile 2FA app is Aegis, which is really everything you would expect. Audire is an open source frontend for Shazam, which I use for music recognition. I'm sure there are some better apps with different APIs, but Shazam works really really well, and that is what I am looking for in the app. Aves is my photo manager, as it allows for proper photo hiding. It is available through Accrescent, which is nice. It is one of few apps that required me to sign terms and conditions, but it doesn't matter since it doesn't have internet access anyways. It allows me to view extensive details about photos, and even remove metadata in the app. I use AndBible for Bible study, but the project seems to be abandoned and needs lots of improvements. I sincerely hope a good alternative is developed eventually. I would be willing to help out any way I can. For messaging I use SimpleX Chat for my most personal chats, but for mostly everyone I contact them via Molly, which is a hardened version of Signal available on Accrescent. When I am offline, I contact nearby people through Briar over Bluetooth, which is awesome while camping. I don't have any cellular provider, so I occasionally have to make sacrifices in terms of contact. The default GrapheneOS calculator has no dark mode, so I opt for OpenCalc as my default calculator. I tried both Etar and Fossify Calendar as a calendar, and have been much happier with Fossify Calendar. A lot of Fossify projects have been abandoned, sadly, so I may have to switch. I use the default GrapheneOS camera for most of my pictures, but when I need high quality shots I will use Open Camera. It supports HDR and some post processing. The GrapheneOS camera has incredible support for code scanning, such as QR codes and bar codes. I don't plan to use the Pixel Camera, since those apps work just fine for me. To edit photos I use the GrapheneOS gallery, but it is somewhat lacking. I plan to stick with it as they add new features. I have a ClearClipboard app that, simply, clears the clipboard when you open it. It's a small tool but I get very paranoid about clipboard access. I've found that my password manager doesn't reliably autoclear, which I will discuss later. The default GrapheneOS clock app is fine. I wish there was an OLED theme, but it's worked for what I need. DeepL is what I use for translations, because I cannot seem to find an offline translator app. It's very upsetting. For my keyboard I use HeliBoard with the proprietary swipe to type module, and it's great. There are a few weird autocorrect suggestions, such as not recognizing the word "A", but it's honestly not been a huge issue. I use Joplin to take notes. I had issues with Standard Notes when I was on iOS, and had switched to Joplin there. I now can't even imagine why anyone would even try to use Standard Notes, Joplin makes Standard Notes look like a joke. It has all (or at least all I care about) of the paid features of Standard Notes, for completely free. My password manager is KeePassDX, which is honestly exactly what I would want from a password manager. The only issue I've had is that it sometimes disables biometric unlock and makes you unlock it yourself, which is super weird. Besides that, I will be using it until either it dies or I do. For eBook reading I use Librera, but the UI is honestly atrocious. The best eBook reader I have ever used is Apple's stock Books app, and I honestly wish something of that polish existed on Android. Librera will work but it's not nice to use. I have LibreTorrent in case I ever need to torrent something on the go. It's fine, I wish torrent software would include a hard toggle to disable seeding, but it's worked as intended. In a similar category I use LocalSend to transfer between any of my devices. I haven't tried KDE Connect because LocalSend has never caused me problems. The only issues I have encountered were because of strict VPN settings. I eventually plan to use Mullvad VPN, but until I can afford it I am using ProtonVPN as I mentioned. I have no real comments because I have only used ProtonVPN. IVPN is on my radar, but Mullvad VPN is still at the top of my list. IVPN is available via Accrescent. I also have Orbot in case Proton or Mullvad are blocked. Music players have been a struggle for me. All of them have their own various issues. All I really need is a nice way to play mp3 files offline and sort them into playlists. A night timer is nice. Vinyl Music Player is what I use for now, since Fossify Music Player seems to be abandoned. I'm open to some open source alternatives here, since the ones I have tried all have issues. Ideally these should be available by Obtainium. I use Organic Maps for navigation. Support is alright in my city. OsmAnd has a pretty bad UI but it's gotten better. Organic Maps I've heard has a few issues, and OsmAnd has a premium tier, but I don't really care. I am just sticking with Organic Maps. I'm happy with it, so it's fine. I have RadioDroid installed to try it out. It lets you listen to radio stations over WiFi. I'm jealous of Motorola users for their built in AM/FM radio receiver antenna. I might not keep this app, since it's fairly useless when you think about it. Either way, maybe a GrapheneOS phone will come along with a built in antenna. I have Tor Browser installed just in case I ever need to visit an Onion site or use a Gecko based browser. My main browser is Vanadium, and I did try Mull but it doesn't block advertising redirects even with uBlock Origin. Vanadium is fine for now. I have Trail Sense as a compass and emergency survival app. I hope I never have to use it for survival, but at the same time, I hope this app saves my life. It's cool to see how many sensors it utilizes to help you out. Tubular is a fork of NewPipe that has SponsorBlock support. I like it, it's not as polished as I would want but it's plenty usable. I wish it had DeArrow as well, but I'm sure it won't be long until it's added. I use the Fossify Voice Recorder for voice recordings. It's what you would expect, not much to say here. For weather, I use Breezy Weather. For some reason some features were unavailable on the F-Droid version, but after installing with Obtainium I now have plenty of features at my disposal. It's almost as good as the iOS weather app, and has plenty more features. The accuracy where I am is slightly iffy, but it's good enough that I can rely on it. I use a passphrase to lock my phone, and use biometric unlocking to ensure no one can shouldersurf passcodes. GrapheneOS only lets you add up to 4 fingerprints, which is a good enough limit, but I do wish it was higher. If I wanted only 4 fingerprints, I would choose that myself. I backup GrapheneOS using my own USB stick and the built in backup option. Some apps such as SimpleX refuse to be backed up automatically, but I can simply manually export the database and backup that file. Even without any Google frameworks installed, GrapheneOS has been a really seamless and polished experience. The issues I would raise are actually with Android itself, such as weird management of app signing, but overall GrapheneOS has been incredible. GrapheneOS is honestly the minimum every person should expect in terms of privacy and security on their phones, because nothing else even comes close to GrapheneOS in those categories. The gap between iOS and GrapheneOS is absolutely massive, given that so many of the apps I use are Android specific.
fedilink

Ford Patents In-Car System That Eavesdrops So It Can Play You Ads
cross-posted from: https://lemmy.world/post/19576214 > >Imagine your car playing you an ad based on your destination, vehicle information—and listening to your conversations. > > >Ford has patented a system that, per the filing, would use several different sources of information to customize ad content to play in your car. One such information stream that this hypothetical system would use to determine what sort of ads to serve could be could be the voice commands you’ve given to the car. It could also identify your voice and recognize you and your ad preferences, and those of your passengers. Finally, it could listen to your conversations and determine if it’s better to serve you a visual ad while you’re talking, or an audio ad when there’s a lull in the conversation. > > >If the system described in the patent knew that you were headed to the mall on the freeway based on destination information from the nav system and vehicle speed, it could consider how many ads to serve in the time you’ll be in the car, and whether to serve them on a screen or based through the audio system. If you respond more positively to audio ads, it might serve you more of those—how does every five minutes sound? > > >But what if the weather’s bad, traffic is heavy, and you’re chatting away with your passenger? Ford describes the system using the external sensors to perceive traffic levels and weather, and the internal microphone to understand conversational cadence, to “regulate the number (and relevance) of ads shown” to the occupants. Using the GPS, if it knows you’ve parked near a store, it might serve you ads relevant to that retail location. Got passengers? Maybe you get an audio ad, and they get a visual one. > > >Given how consumers feel about advertising and in-car privacy, it is difficult to imagine an implementation of this system that wouldn’t generate blowback. But again, the patent isn’t describing some imminent implementation; it just protects Ford’s IP that describes a possible system. That said, with the encroachment of subscription-based features, perhaps it’s only a matter of time before you’re accepting a $20/month discount to let your new Ford play you ads on your commute.
fedilink


Bringing attention to a music player and two eBook readers for Android
I didn't want to make two separate posts for these, so I am combining them into one. The two hardest apps to find for Android were a music player capable of playing local files, and an ebook reader with a nice design. With some help from the community, I was able to find nice apps for both of those. All apps here are available to install via Obtainium. My goal here is to raise awareness for some unknown but high quality apps that I have found. # Music player: [VLC](https://www.videolan.org/vlc/download-android.html) **Credit:** [@HanShan@lemmy.nowhere.moe](https://lemmy.nowhere.moe/u/HanShan), [@thayerw@lemmy.ca](https://lemmy.ca/u/thayerw), [@Corngood@lemmy.ml](https://lemmy.ml/u/Corngood) I have tried plenty of music players, and most of them are either copies of each other, are lacking in features, or are just plain buggy. Despite what I expected, VLC is actually the best choice in this category. Besides being a must-have in general, VLC actually has fantastic support for music management. It has plenty of customization, however I found that the Black theme did not work. Besides that, it has support for folders, creating playlists, playback history, albums, artists, genres, shuffling, queue management, equalizers, sleep timers, playback speed, A-B repeat, and so much more. It is honestly exactly what I was looking for, with a sleek UI and very feature packed. It's nothing like the desktop app. # eBook reader: [Book's Story](https://github.com/Acclorite/book-story) It was a struggle to find an eBook reader with nice usability. I managed to find two that are very promising. One such reader is Book's Story. Book's Story offers a completely offline experience to managing and reading eBooks. It's what I would want if I were to code an eBook reader, with a nice Material design and a minimalistic layout. However, there are things I don't like about it. For starters, it doesn't correctly read my eBooks. That's honestly disappointing, since that means the app is currently dysfunctional, but I am including it in this list because I have high hopes for it. There is also no page turning view, which isn't bad, but it's a feature I look forward to. Overall, I don't currently recommend using this, but in the future I can easily see it becoming one of the best eBook readers out there. # eBook reader: [Myne](https://github.com/Pool-Of-Tears/Myne) Unlike Book's Story, Myne is able to read all of my eBooks just fine. Myne is an even more polished eBook reader, also with support for downloading eBooks from the internet in the app. It too lacks in a page turning view, and doesn't allow you to customize which screen is your default. The second one is slightly annoying because if you are offline and open the app the first thing you see is a 404 page. You can still view your offline ebooks, of course, but it would be nice to select which page is the default. Furthermore, while it was able to read my eBooks well enough, there are still a few minor HTML artifacts visible in the book. If I was able to merge the layout of Book's Story with the design and functionality of Myne, it would become the perfect eBook reader. I'd love to see where both of these projects go, and even in their current state they beat some of the most popular eBook readers in my opinion, such as Librera and KOReader.
fedilink

> The Malaysian Communications and Multimedia Commission (MCMC) has instructed Internet Service Providers (ISPs) to redirect Domain Name Service (DNS) traffic that uses third-party DNS servers back to their own DNS servers > MCMC has blocked a total of 24,277 websites between between 2018 to Aug 1, classified into various categories, which are online gambling (39 per cent), pornography/obscene content (31 per cent), copyright infringement (14 per cent), other harmful sites (12 per cent), prostitution (two per cent) and unlawful investments/scams (two per cent). > “It has been falsely claimed that the measure undertaken by MCMC is a draconian measure. We reiterate that Malaysia’s implementation is for the protection of vulnerable groups from harmful online content.
fedilink

[PSA] If you use Instagram/Facebook/Messenger, check the “off Meta technologies” section. Your other
Even if you don't enter data into Facebook/Meta directly, they may be getting data from other games/music apps/etc. **How to check** - Navigate to the `Accounts Center` menu. - Instagram: open your profile page > 3 bar menu > `Settings` > `Accounts Center` - Messenger: 3 bar menu > gear icon > scroll to bottom > `Accounts Center` - `Your information and permissions` - `Your activity off Meta technologies` There should also be an option for `Manage future activity` --- I use some apps to communicate with family, and clearly my privacy protections weren't as good as I thought they were. I set things up a long time ago, so I imagine something changed since then. I'm considering of either sending the apps to the work profile, or switching to only using them in the browser. If it's because I connected my account to the other service at some point, I don't know how to sever that connection now aside from dropping that other game/app/service
fedilink

Help setting up Wi-Fi router
At risk of sounding stupid, I need some pointers on how to set up a Wi-Fi router and make it as private and secure as possible. To sound even more stupid, I don't really know what PiHole is, or why some people route their traffic through a VPN. I suppose my main questions are these: - What Wi-Fi router should I get? - How do I configurate it as somebody who is somewhat privacy-conscious but not very tech-savvy? I don't really know how regular Wi-Fi routers work, what the common worries are, how/if data is at risk of being leaked, and so on. So, any pointers would be appreciated! Feel free to direct me to any privacy guides, as well. Cheers!
fedilink

I want to delete my Google account but i have a specific fear
What if i forget to delete some old accounts associated with the google email address? Will someone be able to take control of them? And my data will be there forever too. What method do you use to find the old accounts to delete? Unfortunately i delete all emails after receiving them.
fedilink

In search for a good VPN
Hi privacy fans :) I've been a lurker in this lemmy-community for a while now and a "fan" of privacy for about 4 years now. Since 4 years, I've been on and of with VPNs. Sometimes I think I dont need one, sometimes I change my mind and start searching for one. The only one I tested (and used) so far, was Mullvad. But now reading about Surfshark, I was wondering, if there might be a better solution or if Mullvad is already the best solution for VPN. What I dont like about Surfshark is, that it is part of North Security and that it is not open-source (or at least I can find any info about that). I hope you guy and gals have some suggestions or recommendation :) Edit: wow... thanks for all of your fast replies. Coming from Reddit, I am used to only shitposting. Thanks for all your input. I will look into all the mentioned VPN hosters, thx 👍
fedilink

Should I use Lemmy+tor(orbot)?
Do someone use lemmy+tor? And what benefits it gives to me?
fedilink


I just started caring about my own privacy. What apps should i get rid of, why and what can i replac
![](https://lemmy.ml/pictrs/image/c80ef4e4-2bf7-421a-b995-2070f0400967.jpeg) ![](https://lemmy.ml/pictrs/image/a7330389-6c1e-4cf6-8796-2b0300f6dcea.jpeg) ![](https://lemmy.ml/pictrs/image/a1f89c5d-7f5a-42e2-8c5b-3b7943819549.jpeg) ![](https://lemmy.ml/pictrs/image/54eb1547-501a-4825-a440-1f38413b0d75.jpeg)
fedilink

I need a new phone but I want to do this right
(Please when answering, assume I’m not a beginner at privacy/programming :) I know where the good stuff at) First off, shameful confession: I’m writing this on a dying yellow iPhone XR I bought second-hand three years ago (189€). I absolutely love the look of it: the screen, build quality, are all amazing. The only problem was the locked ecosystem (sideloading Spotify/Torrent client was sooo hard). I saw the android phone of my mother dying really fast. She currently has a Xiaomi phone that’s ridiculously big for my hands, there’s advertisements in the stocks apps (?!!), the UX is janky and everything. It looks like a bloat, privacy nightmare. So… because it’s impossible to find a jailbreakable phone nowadays I need to buy an android and ideally I would want: - Good screen (vivid colors) - Good build quality (not shitty plastic) - Don’t care about the camera (I don’t want those ridiculously big cameras they make nowadays) - Would want to install either GrapheneOS/LineageOS The things that scare me off: - I really need my bank app and I need it updated so I have to use Google Play Services but I don’t want it to plague my phone with privacy bullshit (I want to be degoogled) The things that excite me: - Customization possibilities - Learning experience - Even more privacy than a de-googled IOS phone :) - F-Droid!! (Maybe I’ll find a beautiful IRC client) - More choices for Mastodon & Lemmy clients - Freedom of free software. - client for open-source git providers :) But to get all of that, I **don’t** want Google, I need shitty apps (non-free software) I have to install: - Instagram (for non-technical friends) - GitHub (job & open-source) - No-Ad Modded Spotify from Balatan - Discord (gamer friends) - Telegram (cryptobros friends) - Steam (because I still love gaming) Any advices? Phone ideas? I’m so lost in this ocean of choice (freedom ✨) My current phone: ![](https://sh.itjust.works/pictrs/image/a11bf993-02f3-49d7-8582-92af6dde5c9e.jpeg) ![](https://sh.itjust.works/pictrs/image/b11b697f-d40b-4d91-8cbd-ffdda2b241ab.jpeg)
fedilink

Why do you care about privacy?
I'm following several privacy focused communities. Mostly as lurker but in few I'm more active. Every time I see a posts like "how to be more private", I wonder about the reasons behind those questions. What's the reason you want to remain private (don't confuse it with being anonymous)? Could you elaborate on your reasons? Let me start. I worked (and still working) in a highly regulated industry as a software/devops engineer. I've been working with banks, insurance companies, global online payment companies, major credit card vendors, few global corporations. I have seen how data is gathered and (mis)used. Every time someone tells me "I'm sorry but the system..." I know it's the data gathered by the "system" and my profile created based on that data was the reason for "but". This is why I care about the privacy, to prevent companies from taking advantage of my current situation and charge me more.
fedilink

Samsung Gallery app is scanning my photos and creating stories without permission
I am using a Samsung phone and even with all privileges deactivated it creates "stories". This seems illegal. What is your opinion? I know I should use a different OS than stock or even another phone brand but this is what I currently have. ![](https://lemmy.world/pictrs/image/c1880de2-1bfe-4e66-8361-b905db50397b.jpeg) ![](https://lemmy.world/pictrs/image/b409ec3e-b5d2-4025-8725-70946fb0a64e.jpeg)
fedilink

(How) can a modem spy on you?
I'm planning to buy a router and modem and put OpenWrt on it for maximum control and privacy. While I could get a router with an integrated DSL modem, the previous tenants had cable internet so I'm not sure if the DSL connection even works and DSL internet is also more expensive (at least where I live). Fiber optic is not available. The problem is, there is apparently no open firmware for cable modems so I would have to buy a standalone router and a standalone cable modem. I would put OpenWrt on the router and use whatever proprietary firmware came with the modem. So my question is:\ **Can a standalone modem that doesn't do routing, spy on you?**\ If yes a rough explanation how would be appreciated. It seems that modem and router are used interchangeably on the internet (probably because they are mostly combined) so it is really hard to find any information on modems. Here are both Wikipedia articles for reference:\ https://en.wikipedia.org/wiki/Modem \ https://en.wikipedia.org/wiki/Router_(computing)
fedilink

A tool for concealing writing style using LLM
https://github.com/umutcamliyurt/TextCloak
fedilink

Finally resolved: Recovering data after wiping metadata is actually possible, but I need you help wi
I need to ask a small favor from the good people of Lemmy.ml Community. In short, I accidentally wiped the `metadata` partition on my `Poco F3` and now I can't boot into the OS and access my data. I have a lot of pictures, videos and other stuff that I would hate to lose, because of a mistake. But all that is still on the phone, I just can't boot the phone to access it. Thankfully, there is a way to fix this by creating a full backup of the phone with `adb`, then using a **HEX Editor** to manually look through that gigantic file and try to find the files that were in that metadata partition. A huge thanks to [bluet33th](https://xdaforums.com/m/bluet33th.12929753/), a user from [XDA Forums](https://xdaforums.com/m/bluet33th.12929753/), without whom I would be helpless and couldn't do any of this. It might be a bit complicated and manual process, but it is possible. He explained everything in great detail here, so check it out, especially if you are facing the same problem, this will help you tremendously: https://xdaforums.com/t/how-to-recover-data-if-metadata-partition-was-deleted.4686789/ In order to find these files and put them back where they belong, I need your help, because I have to know their names, exact sizes and at least part of their content, so that I can search for it. Because I'm searching for a specific text in a text file that is 128 GB in size. I have already tried this on another Xiaomi phone, to make sure this procedure works on Xiaomi phones and it does, but that phone had `HyperOS` with `Android 14` and since every phone and android version is probably different, in order to be sure, I need this information specifically for `Poco F3` with `Android 13`. It doesn't take long, but if you don't have the time to look inside your `metadata` partition and tell me which files are inside of that partition and their sizes in bytes, you can just make a backup of the `metadata` partition and sent it to me, and I'll do the rest of the work. Here are the steps on how to create a backup: 1) Turn on your phone and boot into `TWRP`, then connect your phone to a PC, type `cmd` inside Windows search and run cmd, then position cmd into your `platform-tools` folder (if you flashed your ROM, you should already have the necessary drivers installed for the next steps to work). For example, if your `platform-tools` folder on Windows is inside `C:\platform-tools`, all you need to type into cmd is: `cd C:\platform-tools` You can also just go inside your `platform-tools` folder and type `cmd` in the address bar and the cmd will start already positioned inside that folder. 2) Then type `adb devices` and you should see your device, if you do, that means that all the drivers are successfully installed and your phone is detected. ![](https://lemdro.id/pictrs/image/c1559fc8-dba6-4818-ae63-dba402cecdf2.png) 3) Type `adb pull /dev/block/by-name/metadata` ![](https://lemdro.id/pictrs/image/e66a05f8-3278-4db4-adb5-9ba607825e29.png) 4) After that, you should see a file named `metadata` inside `C:\platform-tools`. That is the file that I'm looking for and as you can see, it takes just a few minutes to get it. You can skip the next steps (5 and 6), but I'll explain them, just in case someone wants to extract these files for themselves, so that you have them in case something like this happens to you. Of course, you can also proceed to extract the files and tell me their names and sizes. Here is what you need to do: 5) Extract the content of the `metadata` file, you can use a software like `7-Zip`. Go inside that extracted folder, then into `vold > metadata_encryption > key` 6) Inside of that `key` folder, you should see a few files. These are the important files and save them somewhere safe in case you ever need them. Since I don't have them anymore, in order to recreate them, I need to know their exact names and sizes in bytes. You can check the size of every individual file by right clicking on the file and choosing `Properties`. Then look under `Size`, **not** `Size on disk`, and in parenthesis, you should see the size in bytes. ![](https://lemdro.id/pictrs/image/a8f7f59e-3974-4792-8fd2-f976013d1229.png) Please, if you could check the size of every file and write down which file has what size. I would really appreciate it. I'm specifically looking for someone who has a `Poco F3` with `Android 13` and `MIUI`, because I'm not sure if `HyperOS` changed something, so maybe the number of files or their size is different. But feel free to post the information even if you have `HyperOS`, but please mention that, so that I am aware of it. Thanks a lot for your help, it really means a great deal.
fedilink

Can windows see files in the Linux partition?
I cleared up a space on the C drive and installed Linux on that partition. Can Windows see files in my Linux partition? When i installed Linux, i didn't encrypt it but it is password protected. Thanks
fedilink

Some of the LinkedIn Responses are direct and on-point, and also hilariously/depressingly based depending on how you look at it: ![](https://lemmy.ml/pictrs/image/914b410d-7fd4-4e0a-a915-c7ac34222df2.png) ![](https://lemmy.ml/pictrs/image/cf39a1f2-2ba0-41e4-a176-6f5deaf08269.png) EDIT: In hindsight, I think I should've looked into posting this in a different community.. It's closer to a silly "innovation".. soo.. is this considered FUD? I also don't support smoking or vaping, especially among kids. Original title had "privacy-violating" before the "solution".
fedilink

Is there a point in using forkgram instead of telegram pricacy-wise?
Lemmy start by saying I don't trust telegram in termes of privacy (pun intended). But I still use it for specific purposes and I was wondering if there is a point in using a fork privacy-wise? I's assume not since it still uses telegram servers but still curious about an explanation as to why not! Cheers
fedilink

What’s a good option for a secobdary phone number with suffixes?
I'm looking for a service, that replicates the functionality of email aliases, but with phone numbers. I'd imagine having one number (99999) which I then could use with suffixes like 99999-1, 99999-2, ... etc for services like WhatsApp, telegram, 2FA, etc... if such thing even exists.
fedilink

Pros and cons for an extra phone number (dual Sim)
Every time I buy something online, or make an account for an example month bus ticket, they "need" my phone number. I always use alias emails, but I don't have an alias phone number. I know, there are some online phone nr service, but they mostly dosnt work, outside of the US. So I was thinking about getting me a second nr, just for thoese cases were I have to log in. I would by the nr, in cash, and there is nothing data they have to make the nr. But what are your thoughts? What do you see as pros and cons for getting a second nr.? Does it even make sense, when the simcard is in the same phone?
fedilink


How to dump RAW Data from Android to PC?
I'm looking for a way to dump raw data from an entire phone or at least the `sda` block to a PC, using a method other than `adb pull`. When I run `adb pull /dev/block/sda sdaDump.img`, it creates a dump file. To find what I need, I have to search through this raw data using a `Hex Editor`. If the dump comes from a fully functioning phone, I can usually find what I’m looking for because all the data is still intact. However, I accidentally wiped the `metadata` partition on my phone, so the decryption keys/files are gone. Now, because of that, some folders appear empty when checked with TWRP's File Manager, even though the actual files are still there. If I create a dump now, the raw data in the file won't be the same as when the `metadata` was present, and those folders weren't showing as empty. Running `adb pull /dev/block/sda sdaDump.img` now results in a dump where the `Hex Editor` shows zeroes (no data) where these files should be. Is there any alternative method to create a raw data dump of the `sda` block or entire phone storage, that will capture that data as it is (not empty folders, but the data in them), even if it's encrypted? I don't want to create the raw data dump onto the phone storage and then transfer it to a PC, but something that works like `adb pull`, in the sense that it pulls the data from the phone directly onto a PC. Thanks a lot in advance to everyone!
fedilink

Can someone compare PGP (delta chat) with Telegram privacy?
I don’t want to see PGP rejection based on usability. So, to level the field at user level we take Delta Chat, which uses PGP. If I understand that correctly. I have no knowledge of telegram security at all.
fedilink


Chat control is back on the agenda again and the works is kept in secret. [Link to document](https://www.consilium.europa.eu/en/documents-publications/public-register/public-register-search/?DocumentNumber=12319%2F24) [Take Action!](https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/) Edit: [More information about the meeting](https://www.parlament.gv.at/dokument/XXVII/EU/194992/imfname_11404502.pdf)
fedilink

anonymous blog preserving author identifier digital signature or similar
Hello ! I'm wondering if there's some blogging mechanism which would allow some sort of unique digital signature (PGP perhaps) to prevent personification, but which allows non traceable and fully anonymous author. Not looking for blockchain like stuff (apart from the layer Monero adds, blockchains are totally transparent, traceable and non anonymous). Not looking for bigotry, attacking people or anything like that. The idea is to be able to share ideas, even corporate related, without being afraid of retaliations whether at work, corporations or governments. Expressing something at pubic might bring unexpected consequences, particularly if not aligned by the corporation one works on if that's the case, or might provoke AI, bots, or paid/unpaid people looking around, to include anyone in a particular list, without even warning the writer about it. So I was looking if such thing is possible, and if it exists. Social networks of course wouldn't be an option, they're not anonymous, and at contrary can be used to cross-reference and trace people. If such solution doesn't exist, I'm wondering if something based on gnuNet might get close, although gnuNet is not meant to make users anonymous. Or perhaps something based on i2p. Of course the digital signature should be used exclusively for the blog posting, and can't be associated to any real email, host, or whatever... Feedback on the blog posts should also be allowed to anonymous people with their own unique digital signatures. But this is harder, since depending on the technology, not sure if moderation would be allowed, or even if it would make sense, in which case, no blog feedback should be allowed, though no feedback is really a down side for blog posts. Maybe allowing just the original post to remove feedback. Some other down side, but that's unavoidable, is the lack of non on thread feedback, meaning giving feedback through email or any other medium, since if that was available would make the writer non anonymous... If such thing is not available, and eventually based on something like gnuNet or i2p, most probably clients would be needed to write blogs but another one that would offer some sort of RSS/atom functionality for the blog to be accessible from current RSS/atom readers.
fedilink



They are surrounding me… is it time to give up?
During the past few years I was avoiding the increasing number of products or services that required biometric verification, specially face recognition (FR). But the things are getting harder are harder in my country: - The largest e-commerce platform in latin america and the most used in my country requires FR to use it. It was possible to use cash if you buy from its website but since a couple of weeks it's requesting me to identify using it's app. - The telecoms demands FR from now on if you want a new SIM card in case you lost your phone or it's been stolen. - The bank is now pressing me to use their app with FR as a 2fa when using homebanking from its website, something that wasn't necessary up to some weeks ago. - The government is in the same direction as it's moving to digitalizing many burocratic procedures and also requires FR. and the list is increasing quickly. I've never used any private social networks and I've degoogled many years ago, the only non free software that I use is Whatsapp because in some countries in latin america is almost imposible not to use it, you need it even to call to the car towing service. Anybody that is well informed knows the dangers of allowing such an amount of private information now tied to our face be available for hackers now equiped with AI, but frankly it seems a lost cause to fight against something that 99.9% of people dont worry about and give consent to do so to corporations (that sell all your data to whoever wants it) and governments (who use it as a tool of control). I don't know, may be I'm also worring to much and it's not that serious, after all if tens of millions of people do the same the chances of being targeted by hackers is not different of being robbed in the street (at least in latin america) and with the obiquitous surveillance cameras plus the almost unavoidable need of a phone, the government probably know exactly where you are and how you look, so the information may be already available. Perhaps it's time to give up and adapt to the world we now live in.
fedilink

>Pavel Durov's arrest suggests that the law enforcement dragnet is being widened from private financial transactions to private speech. >The arrest of the Telegram CEO Pavel Durov in France this week is extremely significant. It confirms that we are deep into the second crypto war, where governments are systematically seeking to prosecute developers of digital encryption tools because encryption frustrates state surveillance and control. While the first crypto war in the 1990s was led by the United States, this one is led jointly by the European Union — now its own regulatory superpower. >Durov, a former Russian, now French citizen, was arrested in Paris on Saturday, and has now been indicted. You can read the French accusations here. They include complicity in drug possession and sale, fraud, child pornography and money laundering. These are extremely serious crimes — but note that the charge is complicity, not participation. The meaning of that word “complicity” seems to be revealed by the last three charges: Telegram has been providing users a “cryptology tool” unauthorised by French regulators.
fedilink

PSA: Git exposes timezone metadata
Git records the local timezone when a commit is made [1]. Knowledge of the timezone in which a commit was made could be used as a bit of identifying information to de-anonymize the committer. Setting one's timezone to UTC can help mitigate this issue [2][3] (though, ofc, one must still be wary of time-of-day commit patterns being used to deduce a timezone). ::: spoiler References 1. Git documentation. git-commit. "Date Formats: Git internal format". Accessed: 2024-08-31T07:52Z. https://git-scm.com/docs/git-commit#Documentation/git-commit.txt-Gitinternalformat. > It is `<unix-timestamp> <time-zone-offset>`, where `<unix-timestamp>` is the number of seconds since the UNIX epoch. `<time-zone-offset>` is a positive or negative offset from UTC. For example CET (which is 1 hour ahead of UTC) is `+0100`. 2. jthill. "How can I ignore committing timezone information in my commit?". Stack Overflow. Published: 2014-05-26T16:57:37Z. (Accessed: 2024-08-31T08:27Z). https://stackoverflow.com/questions/23874208/how-can-i-ignore-committing-timezone-information-in-my-commit#comment36750060_23874208. > to set the timezone for a specific command, say e.g. `TZ=UTC git commit` 3. Oliver. "How can I ignore committing timezone information in my commit?". Stack Overflow. Published: 2022-05-22T08:56:38Z (Accessed: 2024-08-31T08:30Z). https://stackoverflow.com/a/72336094/7934600 > each commit Git stores a author date and a commit date. So you have to omit the timezone for both dates. > > I solved this for my self with the help of the following Git alias: > > ``` > [alias] > co = "!f() { \ > export GIT_AUTHOR_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ > export GIT_COMMITTER_DATE=\"$(date -u +%Y-%m-%dT%H:%M:%S%z)\"; \ > git commit $@; \ > git log -n 1 --pretty=\"Autor: %an <%ae> (%ai)\"; \ > git log -n 1 --pretty=\"Committer: %cn <%ce> (%ci)\"; \ > }; f" ::: --- Cross-posts: - https://sh.itjust.works/post/24495744 - https://sh.itjust.works/post/24495795
fedilink


All the recent dark net arrests seem to be pretty vague on how the big bad was caught (except the IM admin's silly opsec errors) In the article they say he clicked on a honeypot link, but how was his ip or any other identifier identified, why didnt tor protect him. Obviously this guy in question was a pedophile and an active danger, but recently in my country a state passed a law that can get you arrested if you post anything the government doesnt like, so these tools are important and need to be bulletproof.
fedilink



This is a guide I wrote for Immich's documentation. It features some Immich specific parts, but should be quite easy to adapt to other use cases. It is also possible (and not technically hard) to self-host a protomaps release, but this would require 100GB+ of disk space (which I can't spare right now). The main advantages of this guide over hosting a full tile server are : - it's a single nginx config file to deploy - it saves you some storage space since you're only hosting tiles you've previously viewed. You can also tweak the maximum cache size to your needs - it is easy to configure a trade-off between map freshness and privacy by tweaking the cache expiration delay If you try to follow it, please send me some feedback on the content and the wording, so I can improve it
fedilink

For Android users seeking a privacy-focused browser, [Privacy Guides](https://www.privacyguides.org/en/mobile-browsers/#mull) recommends Mull: >Mull is a privacy oriented and deblobbed Android browser based on Firefox. Compared to Firefox, it offers much greater fingerprinting protection out of the box, and disables JavaScript Just-in-Time (JIT) compilation for enhanced security. It also removes all proprietary elements from Firefox, such as replacing Google Play Services references. >Mull enables many features upstreamed by the Tor uplift project using preferences from Arkenfox. Proprietary blobs are removed from Mozilla's code using the scripts developed for Fennec F-Droid.
fedilink

    Create a post

    A place to discuss privacy and freedom in the digital world.

    Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

    In this community everyone is welcome to post links and discuss topics related to privacy.

    Some Rules

    • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
    • Don’t promote proprietary software
    • Try to keep things on topic
    • If you have a question, please try searching for previous discussions, maybe it has already been answered
    • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
    • Be nice :)

    Related communities

    Chat rooms

    much thanks to @gary_host_laptop for the logo design :)

    • 12 users online
    • 57 users / day
    • 383 users / week
    • 1.5K users / month
    • 5.7K users / 6 months
    • 1 subscriber
    • 2.76K Posts
    • 69.1K Comments
    • Modlog
    Lemmy
    A community of privacy and FOSS enthusiasts, run by Lemmy’s developers

    What is Lemmy.ml

    Rules

    1. No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia. Code of Conduct.
    2. Be respectful, especially when disagreeing. Everyone should feel welcome here.
    3. No porn.
    4. No Ads / Spamming.

    Feel free to ask questions over in: