Check out Calyx VPN and Riseup VPN. They are run by voluntary, non-profit organizations. If you need maximum security, consider routing your traffic through Tor, using the Orbot app (it’s not in the main F-Droid repo, you need to add the Guardian Project repo). There’s also Windscribe VPN, but it has limited bandwidth.
You don’t need NetGuard. GrapheneOS has a built in, more reliable firewall. You can access it by going to the settings -> privacy -> permission manager and selecting Network. Also, you can’t use a VPN when using NetGuard, so I recommend dropping NetGuard and using a VPN, as well as the built-in firewall instead.
If you use Nextcloud, there’s either Nextcloud Office (which is actually Collabora Office) or OnlyOffice. As you already mentioned, Cryptpad is another alternative.
What method did you use to deploy it? Did you try this one https://github.com/nextcloud/all-in-one
It fetches an updated list of working instances. It also has a built-in tool that let’s you ping all instances and remove the broken ones. I’m pretty sure this will work well, even if you remove all instances except for safereddit.com. That’s another way you can use it: Just find one working instance and remove all the others.
LibRedirect automates most of that for you. Also, I’ve been using safereddit.com for over 6 months and never had any issues. Just try it out and see if it works for you :)
Unfortunately it’s broken all the time because it gets IP-banned by Google. Perhaps they could implement something like the Invidious smart-ipv6-rotator to prevent this.
They claim not to save your chats and not to use them for improving the AI model. Using GPT-3.5 Turbo through DuckDuckGo is definitely better than using your phone number to sign up for an OpenAI account, so yes, I think it makes sense to use this. But ideally, you could just run an AI model offline on your own hardware, I recently saw a Lemmy comment that explains this very well: https://lemmy.dbzer0.com/comment/10348570
You can also use @db0@lemmy.dbzer0.com’s AI Horde as explained here: https://lemmy.dbzer0.com/comment/9295041
You’re fine, it’s basically just rebranded Mullvad VPN
But at that point, you can just cut out the middle man and use Mullvad directly, I think their clients are much better and offer more features. They also don’t require your email address and you can pay anonymously with crypto.
Btw you can also use normal third-party clients with your custom developer API key, there’s a patched version of Apollo for iOS/iPadOS (you can download it from AltStore using their custom repository, it’s explained on the website) and ReVanced offers a patch for Infinity on Android. The patched Apollo version has a quick guide on how to get an API Key, it works with all apps that support these custom keys though:
- Sign into your Reddit account and go to the link above (reddit.com/prefs/apps)
- Click the “are you a developer? create an app…” button
- Fill in the fields
- Name: anything
- Choose “Installed App”
- Description: anything
- About url: anything
- Redirect uri: apollo://reddit-oauth
- Click “create app”
- After creating the app you’ll get a client identifier which will be a bunch of random characters.
The official instance is hosted at https://redlib.matthew.science
It’s already broken.
Their server is down, but I haven’t seen a Redlib instance get blocked by Reddit. Try another instance like safereddit.com or check out the entire list of instances: https://github.com/redlib-org/redlib-instances/blob/main/instances.md
LibRedirect should also automatically fetch the list and allow you to choose instances you like
Redlib works perfectly, I think they use IPv6 address rotation to evade IP bans
If you don’t need to log in, I would recommend a private frontend like Redlib (fork of Libreddit) together with the LibRedirect browser extension
Unfortunately there are websites that try to detect vpns and block you. Fuck those websites. Don’t encourage them by giving them eyeballs or money.
It’s mostly CDNs like Cloudflare and Akamai that are notorious for blocking VPN and Tor users. Fuck CDNs, they destroy privacy and centralize the internet.
You can just use uBlock Origin with this list to hide the cookie notices: https://www.i-dont-care-about-cookies.eu/abp/
Mulch ain’t the worst, but there are better options. Generally, I would recommend a Firefox-based browser instead of Chromium, because it has full extension support (including adblockers). You can check out this comparison chart, or this one.
Use Firefox (or a hardened fork like Mull) with uBlock Origin and you’ll never see this BS again
- uBlock Origin saves time and resources
- This is a classic one, but with Mullvad VPN I can pretend to be in any country. When combined with Tailscale, it becomes really OP. With Tailscale, I have a secure, flat network, which allows me to access all my devices from anywhere. Things like LocalSend, KDE connect or other apps that normally require all devices to be in a LAN also work over Tailscale.
- A DNS filter doesn’t just help with protecting your privacy, you can also use it to block/restrict distracting websites that you spend too much time on. NextDNS for example lets me restrict social media websites to only work on certain times of the day.
- Private frontends like Invidious and Piped for YouTube, Redlib for Reddit, SafeTwitch for Twitch (RIP Nitter, Libreddit and Teddit)
- LibRedirect automatically redirects sites like YouTube, Twitch, Reddit and many more to privacy frontends
- Alternative desktop/mobile clients for YouTube and Twitch. For YouTube, FreeTube on desktop, LibreTube/Tubular on Android, Yattee with this guide on iOS, Xtra for Twitch on Android. These all block ads or any other annoyances.
- GrapheneOS makes my life easier in many ways, but I specifically want to mention this one. Since GrapheneOS uses per-connection MAC address randomization by default, I can simply reconnect to a wifi network that wants to restrict my usage. This is so useful on trains/airplanes.
- UnifiedPush/ntfy allows me to send notifications from my server to my phone. For example it notifies me if one of my self-hosted services goes down (through Uptime Kuma), but I can also use this for Signal notifications through the Molly client for Signal (which also improves security and adds a few other cool things).
how does having an account on the device work? For example, Samsungs require a Samsung account and iPhones require an iCloud account. How does it work on non-standard OSes?
On GrapheneOS, you don’t log in to any online account. All your stuff is just locally stored on your device by default. You can install third-party apps to sync your data, but GrapheneOS has no online account/sync system built in.
does GrapheneOS have its own Notes/Drive/Photos/Messages app? If not, how does one go about obtaining these? Related question:
It has the standard Android (non Google) File manager, Gallery and SMS app. These aren’t particularly good though. I recommend Fossify apps, they are completely free and open source, respect your privacy and offer a pretty good user experience. Fossify has a notes app, gallery, file manager, SMS app, phone app (dialer), music player, clock, keyboard, launcher and some other stuff.
how do I sync my notes/photos/files/etc to the “cloud” of GrapheneOS?
GrapheneOS doesn’t have a cloud. You need to find a solution for syncing your data yourself. There’s DAVx5, which uses the WebDAV protocol, Nextcloud, EteSync, PhotoPrism, Immich and many more. They all serve different purposes. DAVx5 works with any WebDAV-compatible server, it lets you sync calendars, contacts and tasks. Nextcloud is a self-hosted replacement for things like Google Drive, it lets you sync files, calendars, contacts, notes, photos, bookmarks, recipies, basically everything you could imagine. Note that the official Nextcloud app only lets you sync files, but there are other Nextcloud-compatible apps on F-Droid that let you use more features of the Nextcloud server. Both PhotoPrism and Immich are self-hosted solutions for syncing your photos, Immich has an official Android app on F-Droid , PhotoPrism only has this unofficial one called Gallery for PhotoPrism. If you’re not into self-hosting, there are still good, private options out there. EteSync allows you to sync your contacts, calendars, tasks and notes, and it uses end-to-end encryption by default. You can self-host it, but you don’t have to. You can just pay them $2/month and they will handle it for you. Personally, I like to self-host my own instance of Etebase, the backend server for EteSync. Other private, cloud-hosted options are Proton for email, calendar and files or Ente for photos (their app is also on F-Droid).
My third question regards the app store of GrapheneOS. I have heard that the sandboxed Play Store is better than FDroid, for instance; what are your thoughts? Do I go for Aurora Store instead? Is there any major difference at all?
Personally, I use Aurora Store if I need to download something from Google Play.
Is it possible to use multiple app stores?
Yes, you’re not bound to one app store, you can use multiple ones.
You can DM me if you have more questions.
The Redlib frontend still works. In my opinion it also provides a much nicer UI than the official Reddit website or even old.reddit.com. This is the list of public instances: https://github.com/redlib-org/redlib-instances/blob/main/instances.md
This is about free VPNs.