If you are going to spend it on mundane and legal stuff and assuming you live in mostly free country use a trustworthy exchange even if it requires KYC and spend it normally.
Keep in mind once you buy monero even from a KYC exchange they can’t track it afterwards. And this will be the safest option no real risk of getting scammed or stabbed.
If you are thinking about grey area then keep in mind that the moment something touches real world no matter whether you were using Tor, I2P or something else. It can be traced back to you. And if you are a worthwhile target LEA will spend resources to track you down.
There are ways to avoid that like using local monero and all but keep in mind those also involve different set of risks.
#NotAFinancialAdvice #NotALegalAdvice.
Do your homework and don’t get scammed or stabbed.
Other than crypto or cash based prepaid debit cards. There is no other service that will allow you to do financial transactions without doing basic KYC and keeping a record of your transactions required by law in almost all countries. They may claim it’s for legal reasons only and they don’t sell it but can you trust them? And how much do you trust your government to respect your privacy and not subpoena those transactions because they deem them to be unlawful.
There are countries where a government ID is needed from opening a bank account to buying even prepaid Sim cards to LPG, electricity connection and everything in between and this ID requires you to give your all 10 fingerprints, iris scan and photo from all 3 angles. And to top it all off this data is leaked multiple times.
OK First thing GOS team is currently assuming that Pixel 10+ won’t meet their requirements. But for older Pixels it’s tough. Google just stopped sharing vendor blob, device tree, and instead of openly developing AOSP now it is fully behind close doors only releasing source later with full update. But I have hope. I’ve been daily driving custom ROMs for 10+ years and before I could afford Pixel I had cheap phones which also didn’t share any of these things but custom ROMs were very much thriving and they will always. Yes there may be a little more delay for new devices. All the new features may take longer but GOS already has a lot of security and privacy stuff figured out.
I think we should all support however we can to not just GOS but also other Custom ROMs. Because there will always be those who’ll stop society from progressing and all we can do is fight back with donations, our time, and resources.
If you want to run full Foss system then there is pinephone with Linux OS and physical switches to turn off camera and microphone and other stuff. But it is still in very very early stage and it may increase your privacy but it will definitely reduce your security.
I understand camera and microphone access to malicious actor could be a valuable. But if you think your phone’s camera is compromised you have bigger problems.
That being said, graphene OS is considered by far the most secure android OS. It has features to turn off camera, mic, sensors. But more importantly it has a lot of additional security features making it harder for anyone to break in. And that using Graphene is or any other is doesn’t directly make you secure.
Yes I can agree to assume baseband and all the other proprietary firmware is running a malicious code. But they can’t use it to do mass surveillance, because if they do someone will detect it sooner or later. And also this is not the right tool for mass surveillance. 99% people will and have already downloaded apps that track almost everything they do.
And if your threat model requires you to be safe from malicious firmware, then maybe smart phones aren’t for you.
OK so there are 2 main types of particles protons and electrons, well there are neutrons and positrons and few otheres but we will only consider these 2.
Electrons have negative charge and protons have positive charge. This doesn’t indicate anything significant other than they are opposite. Only reason protons are positively charged are is because protons were first discovered by some dude who fired some x ray into a good film with magnets around it. And electrons were discovered later so they got negative charge
Those electrons are much lighter than protons and they are attracted towards protons so they move in from negative voltage (high concentration of electrons) to positive voltage this can be explained if we consider that protons create a field which attracts electrons. This is electric field.
So current is just kind of energy that travels with this Field. There are few more rules that this electric field follows which we have found like the electric field inside a conductor is zero I.e all the electricity you see around you is at the very edge of the wire through which it is travelling.
Then there was that old chap named Maxwell whose laws are followed by all electrically charged particles and you can derive all other laws and equations if you know his 4 equations. I don’t remember them now because I’m too dumb and idiot you can google them. Or better yet duckduckgo them.
You should always verify signature and hash for any software you are installing but also keep in mind that if someone was really trying to send you a malicious download then there’s good chance that they will also deliver you a malicious signing key and hash. And there is really no good solution. If it is critical you can try to get signings keys from different places and with different IPs and maybe even different devices but pick and choose how long do you want to go down this rabbit hole.
It is not about police hijacking IMEI, my bank only provides 2FA with phone number, and the password can be reset using the OTP they send to my phone. I know the bank is terrible but where I live all banks do same thing. So if my phone ever gets stolen they can just remove the sim and put it in another phone and get access to the Bank account. Also did I mention you can also get username from OTP to your phone so, yeah I should probably not use any bank and go live in mountains. But SIM lock helps.
OK let me add fuel to the fire. here in Andy’s response he says the tweet was from last year which is technically true but it was from December 2024.
Also how can he think that Trump stands for little guys when he has elon musk as his pet monkey
Hyderabad also a fun fact Indian supreme Court has ruled that WA messages are not admissible in court.
Apps were banned only in Jammu and Kashmir
It’s true Indian government has banned Element and other Apps and forced Signal, WhatsApp and other such apps to have a local representative so that they can arrest someone and force their will. But there is one silver lining, it is that these politicians don’t fully understand how open source software works. So just banning Element app doesn’t do much I can switch to schildiChat or just download element source code and change the name and logo and boom I’m back in.
And also most of their app bans are just requests sent to Google play store and Apple App store, You can always download from FDroid or from other sources
and there is no real way they can enforce these stupid laws.
They started going through chats on traffic stops, but there are ways to avoid that also
If you are interested and want to support then you can donate to https://internetfreedom.in/ or if not possible just share the word.
No VPN over Tor means you first connect to Tor and then to VPN. This is highly discouraged because if someone can tie the VPN to you then they can bypass Tor entirely and get what websites you were visiting.
What you are suggesting is Tor over VPN, here you’ll first connect to VPN and then to Tor, this is less risky but still not recommended as using Tor is not illegal in most countries (remember US Navy built it initially and they and many other spy agencies still use it) also there are other better ways to achieve hiding from ISP. bridges were designed specifically for that.
If you don’t use VPN all your traffic will flow through ISP. That doesn’t mean ISP can see your passwords or anything. They can only see which website you’re connecting to given that you are using unencrypted DNS if you are using encrypted DNS with TLS Hello they can only see IP. The claims that VPN protects you from hackers in public WiFi is dead since all websites switched to HTTPS and HSTS.
By using VPN all of these details now won’t be visible to your ISP but they will be visible to VPN provider.
If you live in a place where LEA can’t kick down your door and arrest you for visiting website it deems illegal then using VPN doesn’t give you anything.
Of course even a lot of first world country have strict laws against piracy in that case VPN is good but if you aren’t pirating and live in a free country I’d suggest don’t bother with VPN unless you have other reasons.Another reason could be to access geo restricted content on Netflix and stuff
Another thing to keep in mind, if you are committing/suspected of any crime then LEA will definitely go through your search history, they can get this through your device if you’ve cleaned that up but use google account then they can ask google, or go to ISP and ask this, obviously if you’re in this category then there are better solutions like Tor I2P
There are other extreme examples where a cheap ad friendly VPN with no registration comes in handy. If you want to create a zero knowledge email. Most email provider will block you if you are trying to create account with ProtonVPN or from Tor, but if your route your traffic through Tor and then to an ad friendly VPN they mostly allow it cuz they think you’re a dumb dumb. Note - it is generally not recommended to use VPN over Tor.
I’ve watched few of his videos and they seem OK, but I would never trust a phone like that. I would suggest buy a pixel and flash Graphene OS yourself. It is best for security and privacy.
And as far as Ubuntu touch or any other Linux phone for that. They are currently so bad at security that I wouldn’t daily drive them. If you want to play with them or contribute to them then that’s OK but don’t daily drive them.
This is a misconception. If the sender is outside proton mail the emails arrive in plain text. So it is possible for proton to read those emails. It is just that they pinky promise not read them and immediately encrypted them with your key. But if they wanted to they can read and moreover SMTP means your email has already traveled through multiple MX which could read your email but This is mostly not an issue since most email provider do encrypt with SSL of receiving MX but you might want to check few services use very very outdated softwares. But keep in mind SSL encryption is with Proton’s keys and by necessity they have to first decrypt the SSL encrypted email and then encrypt with your key
I’m not sure about your situation. But I’d recommended setting up Buskill on your laptop/pc it can wipe the luks slots on your drive making it completely unreadable all by just disconnecting a USB (this could be magnetic so if they pull you it’ll get auto triggered) but then again this is only useful if you live in somewhat free country where cops can’t torture you to decrypt/restore your data.
i don’t know why you need extreme privacy. But what I can tell you is it’s OK you can take a break from whatever you are doing that needs this lvl of privacy.
Reporting on bad regime, they’ll still be doing bad stuff once you come back from a break.