I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

# About Duck.ai is one of the few online places to chat with AI privately. Self-hosting your own AI model is a better option, but not everybody has the hardware for it. DuckDuckGo has made deals with the model providers to keep your chats private, so it's an easy option to recommend. If you're like me, you probably clear your cookies a lot (or always browse in incognito). This means that any time you visit Duck.ai, you have to set all your settings again. One solution is to set Duck.ai as an exception to your browser data deletion, but that makes me uneasy. After getting fed up setting my preferred settings each time, I wanted to see if I could automate the process. # The Bookmarklet [Bookmarklets](https://www.freecodecamp.org/news/what-are-bookmarklets/) are essentially bookmarks in your bookmarks bar that, when clicked, run your own JavaScript code on whichever page you're visiting. This was a neat trick that some of my classmates used to edit pages when the Inspect Element was disabled on school computers. I wrote a short bookmarklet that will automatically set my preferred settings in Duck.ai: ```javascript javascript:{ const settings = { 'aiChatPromptSuggestions': '{"hideSuggestions":true}', 'aichatPromoDismissal': '{"promosDismissed":"9999-99-99"}', 'duckaiCanUseApproxLocation': 'false', 'duckaiSidebarCollapsed': 'true', 'duckduckgo_settings': '{"description":"Each key is a setting documented in https://duckduckgo.com/duckduckgo-help-pages/settings/params/","kdcm":"6","kdcs":"0"}', 'isRecentChatsOn': '"0"', 'preferredDuckaiModel': '"6"', }; let keys = Object.keys(settings); keys.forEach(key => { const value = settings[key]; localStorage.setItem(key, value); }); location.reload(); } ``` # How To Use (Steps may vary between browsers) 1. Copy-paste the bookmarklet code above (**including** the part that says `javascript:`) 2. Right click on the bookmarks bar in your browser 3. Select "Add page..." 4. In the field that says "URL", paste the code you copied 5. Name the bookmarklet whatever you want, for example: `Debloat Duck.ai` 6. Click "Save" 7. Visit Duck.ai (which redirects to https://duckduckgo.com/?q=DuckDuckGo+AI+Chat&ia=chat&duckai=1) You **must** visit this page before running the bookmarklet, because bookmarklets can only run code on the page you're currently visiting. 8. Click on the bookmarklet you just created. This will run the code. You should now have a distraction free, private chat. # Explanation Duck.ai stores its settings in the browser's "local storage". If you open the Inspect Element (either by right clicking on the page and clicking "Inspect" or by pressing F12) and navigate to `Application > Local Storage > https://duckduckgo.com/` you will see a list of settings and their corresponding values.  By default, these settings are a tad too distracting for my taste. The bookmarklet I made does the following: 1. Hides prompt suggestions 2. Dismisses the promo by setting the shown date to something impossible in the future 3. Disables using approximate location for responses 4. Collapses the sidebar 5. `duckduckgo_settings` doesn't actually do much, and the values there are, in fact, *not* documented on [this page](https://duckduckgo.com/duckduckgo-help-pages/settings/params/) 6. Disables chat history 7. Sets the preferred model to [Mistral Small 3](https://mistral.ai/news/mistral-small-3), which is open source and has low moderation. You can set your preferred settings before running the bookmarklet and edit the bookmarklet code according to your own settings. The code then iterates through these settings, and sets each one. Then, finally, reloads the page to apply the settings. # Updates This project is far too small to make an entire repository for it, so I will try to just update this post with any new code. For example, `duckaiCanUseApproxLocation` is a new setting that was added in the last few days. I hope everyone enjoys this as much as I did! Here is a before and after:  

 This is original content. AI was not used anywhere except for the bottom right image, simply because I could not find one similar enough to what I needed. This took around 6 hours to make. ### Transcription (for the visually impaired) (I tried my best) The background is an iceberg with 6 levels, denoting 6 different levels of privacy. The tip of the iceberg is titled "The Brainwashed" with a quote beside it that says "I have nothing to hide". The logos depicted in this section are: - [Instagram](https://www.instagram.com/) - [Apple](https://www.apple.com/) - [TikTok](https://www.tiktok.com/) - [PayPal](https://www.paypal.com/us/home) - [Google Chrome](https://www.google.com/chrome/) - [CashApp](https://cash.app/) - [WhatsApp](https://www.whatsapp.com/) - [Samsung](https://www.samsung.com/us/) - [Steam](https://store.steampowered.com/) - [Microsoft Windows](https://www.microsoft.com/en-us/windows) - [Ring (Security Camera)](https://ring.com/) - [YouTube](https://www.youtube.com/) - [Amazon](https://www.amazon.com/) - [Discord](https://discord.com/) - [Gmail](https://workspace.google.com/products/gmail/) - [ChatGPT](https://chatgpt.com/) The surface section of the iceberg is titled "As seen on TV" with a quote beside it that says "This video is sponsored by...". The logos depicted in this section are: - [NordVPN](https://nordvpn.com/cybersec-site/) - [Bitdefender](https://www.bitdefender.com/en-us/) - [Incogni](https://incogni.com/) - [Malwarebytes](https://www.malwarebytes.com/) - [Opera GX](https://www.opera.com/gx) - [ExpressVPN](https://www.expressvpn.com/) An underwater section of the iceberg is titled "The Beginner" with a quote beside it that says "I don't like hackers and spying". The logos depicted in this section are: - [Telegram](https://telegram.org/) - [Authy](https://www.authy.com/) - [Brave Browser](https://brave.com/) - [Privacy.com (Virtual Cards)](https://www.privacy.com/) - [DuckDuckGo](https://duckduckgo.com/) - [iMessage](https://support.apple.com/messages) - [Proton Mail](https://mail.proton.me/) - [AdBlock (Browser Extension)](https://getadblock.com/en/) A lower section of the iceberg is titled "The Privacy Enthusiast" with a quote beside it that says "I have nothing I want to show". The logos depicted in this section are: - [Signal (Messenger)](https://signal.org/) - [Tuta](https://mail.tutanota.com/) - [addy.io](https://addy.io/) - [Linux](https://en.wikipedia.org/wiki/Linux) - [Bitwarden](https://bitwarden.com/) - [uBlock Origin](https://ublockorigin.com/) - [Tor and Tor Browser](https://torproject.org/) - [ProtonVPN](https://protonvpn.com/) An even lower section of the iceberg is titled "The Privacy Activist" with a quote beside it that says "Privacy is a human right". The logos depicted in this section are: - [Monero](https://www.getmonero.org/) - [GrapheneOS](https://grapheneos.org/) - [Vanadium (Web Browser)](https://vanadium.app/) - [KeePassDX](https://www.keepassdx.com/) - [SimpleX Chat](https://simplex.chat/) - [Accrescent](https://accrescent.app/) - [SearXNG](https://docs.searxng.org/) - [Aegis Authenticator](https://getaegis.app/) - [OpenWrt](https://openwrt.org/) - [Mullvad VPN](https://mullvad.net/) - An illustration of physical cash The lowest portion of the iceberg is titled "The Ghost". There is a quote beside it that has been intentionally redacted. The images depicted in this section are: - A cancel sign over a mobile phone, symbolizing "no electronics" - An illustration of a log cabin, symbolizing "living in a log cabin in the woods" - A picture of gold bars, symbolizing "paying only in gold" - A picture of a death certificate, symbolizing "faking your own death" - An AI generated picture of a person wearing a black hoodie, a baseball cap, a face mask, and reflective sunglasses, symbolizing "hiding ones identity in public" End of transcription.

# Important As with all of my long-form, well organized, (mostly) grammatically correct posts that I have been writing for over a year, **no AI was used in the making of this post.** Every word I write on my own, and I spend hours writing and editing these posts. One of my posts was removed for being "AI slop", which hurt, because it was one I was most proud of writing. From that incident, I considered no longer posting on Lemmy, but I still felt my work is needed, so here I am again. It's very obvious that there are human mistakes and human additions to my posts that cannot be replicated by AI. It was not the first time one of my posts has been accused of being written AI, but I want it to be the last. There are people who enjoy writing and will put in the work to actually write a piece, such as me. I will prove that I am human by any means necessary. The content I write is not designed to be short, nor is it designed to be summarized in a short manner. If you are not someone who enjoys reading long text, or prefers reading text with a more condensed meaning, this is not for you. I am also trying out increasing the number of references I use during the post, which is different from my usual style of only referencing more uncommon topics. Thank you for your understanding. # Introduction For the sake of people with whom I still keep in touch, I will avoid referencing too many anecdotes while writing this. These individuals have taken great strides in both privacy and security, even if they have a long way to go. It is not my place to publicly degrade these individuals and their experiences, especially knowing that they are reading this. It was wrong of me to have done this in the past, especially without permission. The topic of this post will, however, cover some common experiences I have observed between numerous individuals, rather than singling out the stories of singular individuals. These stories will be used scarcely and only to help clarify the points I am making through examples. # Threat Model & Privacy Journey My privacy journey officially started around 6 years ago as of writing this. It was when I was first introduced to the [privacy risks of Google](https://en.wikipedia.org/wiki/Privacy_concerns_with_Google), as well as the privacy benefits of [Firefox](https://www.mozilla.org/en-US/firefox/new/) and [Tor Browser](https://www.torproject.org/). In the 6 years that I have spent learning about privacy, my preferences have changed between different extremes. I used to be a die-hard user of Firefox-based browsers such as [Mullvad Browser](https://mullvad.net/en/browser), and wouldn't dare use a [Chromium](https://www.chromium.org/Home/)-based browser. I became obsessed with [browser fingerprinting](https://coveryourtracks.eff.org/learn), and Firefox-based browsers seemed to be the only way to mitigate it. Slowly, though, my views shifted. I became more security-oriented, and became concerned with the [security of Firefox](https://madaidans-insecurities.github.io/firefox-chromium.html). (That topic is a whole can of worms that I have [covered in the past](https://lemmy.ml/post/21367269). Please don't fight about this in the comments.) Eventually, I switched to Chromium-based browsers such as [Vanadium](https://github.com/GrapheneOS/Vanadium) and [Trivalent](https://github.com/secureblue/Trivalent). Even though I used to be polarized, I eventually switched sides as my [threat model](https://en.wikipedia.org/wiki/Threat_model) changed. That's where this discussion begins. I have never, in the 6 years I have researched privacy, made a proper threat model. This should not immediately discredit me. I have come to learn that a threat model is a good idea in *most cases* for *most people*, and if you haven't made a threat model already, [you should](https://www.privacyguides.org/en/basics/threat-modeling/). I have tried many times before to define a concrete threat model, without success. The reason I have not been able to is because of how my privacy journey went about. When I began my privacy journey, I had a goal in mind: "Make myself as private as I reasonably can first, and then work backwards to see what I am actually fine with doing." It's not a bad goal, just an incredibly tedious and difficult one. You first become very experienced in privacy by learning hands-on, and then you are able to make rational decisions after gaining experience and knowledge. Of course, I never reached the point where I was *fully* private. Such a thing is not possible. Instead, I accidentally "ignored" some areas of privacy, or didn't push further in areas that became too inconvenient. I essentially did a [depth-first search](https://en.wikipedia.org/wiki/Depth-first_search) to determine my threat model. Once I was reasonably satisfied with my state of privacy, I worked backwards to restructure my digital life in a more convenient way with my newfound experience and knowledge. The way I discovered my threat model is extremely difficult and will bring you to extremely low points past [privacy fatigue](https://psychologyfor.com/privacy-fatigue-mental-health-damaged-by-social-media/). I would never recommend anyone go through what I went through, which is the main reason I have devoted my time to ease the privacy journeys of others. One thing I made sure to prevent while learning about privacy is forgetting where I came from and how I got where I am today. This comic illustrates why:  I want to remember all the pitfalls and mistakes I went through, that way I can present easy solutions and workarounds for those just starting their privacy journeys. Even still, I occasionally have to remind myself that not everybody knows what [2FA](https://en.wikipedia.org/wiki/Multi-factor_authentication) is, even though I have gotten so used to using it as a part of day to day life. As my threat model has changed, so too has the advice I have given. # Convenience vs. Everything Convenience makes a lot of rich people a lot of money. If you can make something as convenient and addictive as possible, you gain the undivided attention of someone, and can dictate a lot about that person's life. [Privacy](https://en.wikipedia.org/wiki/Privacy), [security](https://en.wikipedia.org/wiki/Security), [autonomy](https://en.wikipedia.org/wiki/Autonomy), and a few other categories are all subcultures of the same concept: freedom, especially digitally. The subcultures often overlap because they are all sides of the same coin. Digital freedom is a broad topic, but being free digitally means breaking the chains of digital addiction and taking control over where you place your attention. For that reason, digital freedom will inherently feel less convenient. Giving yourself control over your digital life means that, in some cases, you will end up doing more work to manage it properly, but it means that you dictate how it functions, rather than being handheld by questionable entities. In other ways, however, digital freedom is far more convenient. Take a [password manager](https://en.wikipedia.org/wiki/Password_manager), as an example. Many people are prone to reusing the same, weak, memorized password for a multiple accounts. That means if an unsavory party gains access to one account (which is more common the more accounts you have), all of your accounts are compromised. Furthermore, remembering and typing passwords is cumbersome and prone to error. A password manager is incredibly convenient because it fixes those problems. It generates strong passwords for you, changes passwords for every account, stores them all securely so you don't need to remember them, and even types the passwords for you. This is one area where digital freedom is more convenient. It's often thought that convenience and digital freedom are at whits with each other, but it simply isn't true. You trade convenience in some areas to gain convenience in others. Privacy activists can function the same as those who don't care about privacy, the difference is how they go about it. # The Privacy Hump "The first step is always the hardest" is a phrase used to encourage taking the first step towards a goal, because it gets easier after the first step. For privacy, this phrase is complicated. Some steps towards privacy, such as switching your web browser, are very easy, can be done in under a minute, and have a large benefit in privacy. These steps can be first steps, and are not hard at all. Other steps, such as fully switching to a password manager, are tedious and can get very messy very quickly. I had the displeasure of working for a company that stored *all* passwords in [plaintext](https://en.wikipedia.org/wiki/Plaintext) on a shared document. I immediately got to work transitioning these passwords to a proper password manager with proper [access control](https://en.wikipedia.org/wiki/Access_control), but it was an unpleasant and tedious task. Many of the passwords were incorrect, had multiple entries, or had unclear login pages. One login page was described only by the location of the [browser bookmark](https://en.wikipedia.org/wiki/Bookmark_(digital)) on the computer of the secretary. Even if a password manager is a tedious task at first, once your accounts are transitioned to a password manager it becomes infinitely easier to manage and use. These first steps can be the hardest, but provide even greater privacy and security benefits. With that, I've found that privacy has a "hump". The first steps are easy and can hook you on privacy, and once you are in a comfortable place with privacy the steps become equally as easy, but in between those points in a privacy journey are the hardest. # Conclusion If privacy were more widespread (and it is becoming increasingly more common), there would be no need for a "privacy journey", because privacy would be the default. Unfortunately, that utopian society currently resides only in the daydreaming minds of authors and privacy activists. I could add more to this post, but I don't want it to become unbearably long. If you want key takeaways while missing plenty of the interesting portions of this post, I will not deny you the satisfaction: - I don't write using AI, even if my writing style is similar - Privacy journeys are long and difficult at times - Privacy is convenient in some ways, but not in others - The hardest part of privacy comes towards the middle of the journey If you decided to read this post in its entirety, then thank you. As always, I had plenty of fun writing this. I hope it helps at least one person. Cheers!

Google is somehow the only company that is able to completely ruin a *calculator* app. Even before installing, Google outs themselves with how much data they collect: - **App info and performance:** Crash logs and Diagnostics - **Personal info:** Email address - **Device or other IDs** - **App activity:** App interactions And of course the encouraging message: > **Data can’t be deleted** > > The developer doesn’t provide a way for you to request that your data be deleted As soon as you try to install it, the app requests network access. I'm glad to be using [GrapheneOS](https://grapheneos.org/) where this can be restricted. The app doesn't crash on launch, which is a new concept for Google, since most of their apps won't even start without Google Play Services installed. Maybe that means the *calculator* app can calculate 1+1 without requiring installing the most invasive software known to man, right? Of course it can't. It crashes the moment you press the plus sign. Thank you, Google, for requiring Google Play Services for your calculator app to do *basic addition*. You know what calculator doesn't require Google Play services to do math?  In all seriousness, [OpenCalc](https://github.com/Darkempire78/OpenCalc) is a near 1:1 match to Google Calculator, so I suggest anyone use that instead. The cherry on top is Google's calculator app is bundled with a privacy policy, which on its own is a treat to read through: https://policies.google.com/privacy Congratulations, Google, you can spy on *math* now.

I am going to show what it would look like if a society had no privacy whatsoever, and then compare it to a society where privacy is a top priority. I am going to show that what little privacy we have in countries such as the United States is the thread holding those countries together, and without it society crumbles. I am going to show that privacy is essential for a free society to function properly, and also help you appreciate the privacy you may not know you have. Let's begin. # A Privacyless Society ### "Our" Personal Life Privacy, by definition, is the ability to control your data. That means controlling what data is shared, who it is shared with, how long it is shared for, when it is shared, and by what medium it is shared. If you have no privacy, that means you lose the ability to obscure any of your data. **All** of your data is shared with **everyone** **Personal information:** full name, birthday, address, occupation, social security number, etc. **Documents:** birth certificate, driver's license, passport, ID, etc. **Biometrics:** Facial scans, fingerprints, handprints, retinal scans, DNA, etc. **Digital information:** The content of all emails, every post made online, bank account balance, spending habits, social graphs, all pictures, all ~~private~~ instant messages, every show you watch, etc. **Other information:** health and workout data, past relationships, every word you say, every thought you think, likes and dislikes, every place you visit, every waking second of your life, etc. All of that data becomes available for anyone to use. As you can imagine, this data would quickly be used for mass government control. Anyone who thinks out of line would be punished. Without privacy, you would also no longer be allowed to obscure personal belongings. All carrying devices such as backpacks and bags would need to be transparent. Since clothing counts as a carrying device, it would need to be transparent or nonexistent. Yes, you heard me right, everyone would be mandated to be completely nude. The French TV series [Nu](https://www.imdb.com/title/tt7420880/) carries this idea, where a society has been "[frog boiled](https://en.wikipedia.org/wiki/Boiling_frog)" into giving up all privacy, and all clothes. One man has slipped into a coma during this transitionary period, and is disillusioned with the society. ### Access Control With all data becoming public, you may wonder "Why even have passwords anymore?" To put it simply, even if all your data is public, you still wouldn't want someone impersonating you or posting on your social media. It's the same as how you wouldn't want anyone accessing your bank account, even if transactions are public. This falls under the topic of security. Without privacy, security would become a citizen's most valuable tool. This begins to show you a hierarchy in personal freedom. Security is the foundation, privacy is layered on top of that, and only then should convenience be added. Unfortunately, in today's world, convenience comes first. Breaches would become much less common as security is prioritized. The use of password managers, [multi-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication), [time-based one-time passwords](https://en.wikipedia.org/wiki/Time-based_one-time_password), [passkeys](https://en.wikipedia.org/wiki/WebAuthn), and [hardware security keys](https://en.wikipedia.org/wiki/Security_token) would become common. However, because all biometric data is public, the "[rule of three](https://en.wikipedia.org/wiki/Multi-factor_authentication#Authentication_factors)" for multi-factor authentication can't be completely satisfied. Documents such as your birth certificate or passport can still be used to verify your identity, as long as the physical composition can't be counterfeit. The information itself becomes useless, and so all identification using the documents must be done in person. ### Autonomy This society has no privacy for individuals, but even if you tried to enforce transparency in higher powers, those powers *literally* have all the power. Governments and companies would hide behind closed doors, and cover up any misconduct. These powers would use the trivially available data collection to control every member of the public, and manipulate their decisions. Good news: Elections will take place almost instantly because all individual preferences are made public. Bad news: The election is rigged so it doesn't matter who you voted for. The control over the public would stop at nothing, until we all are turned into mindless work drones. If you control every aspect of the population, then many pieces of a society are removed entirely. The public never makes any money, so there's no reason for taxes or rent to exist. The only transactions taking place would be between different companies and the government. Homelessness is solved by cramming everybody into government issued bunkers for maximum efficiency. [Soylent](https://soylent.com/) becomes the largest company in the world, providing the only food for every citizen. The only people with any real autonomy would be refugees that are somehow evading the global satellite surveillance cameras, high ranking government officials, and CEOs drifting on their mega yachts. Death and birth rates would hit an all time high as humans become a disposable asset. The most common cause of death becomes [black lung disease](https://en.wikipedia.org/wiki/Black_lung_disease) from the increase of workers mining coal. Trees may or may not be planted depending on how near-sighted the powers are. As society shifts, some terms take on new meanings, such as "self-driving cars" adapting to the meaning of "cars you drive yourself". The powers would eventually find [neurotechnology](https://en.wikipedia.org/wiki/Neurotechnology) to be the most efficient means of control. Installation would become mandated for the public, and manipulation tactics such as peer pressure would force everyone into submission. The device would kill a person at the first sign of corruption. People would be selectively bred and genetically modified to minimize the risk of defiance. The point is, your data is valuable as a means of manipulating you. The more data you give, the more effective the manipulation is. Major influential powers use manipulation to gain more power, and all of society crumbles into an authoritarian regime. One day, though, throwing disposable humans at a problem will fail, and it will lead to the extinction of our planet(s). ### A day in the life I want to end this section by outlining a day in the life of a privacyless society. This is meant to be somewhat lighthearted and humorous. **Choose your character:** - Disposaperson - CEO - Government official **If you chose `Disposaperson`**: You are Disposaperson #42069. You wake up at 7:00 AM in bunker #42, shared by you and your [ordinally](https://en.wikipedia.org/wiki/Ordinal_number) closest friends. You got a restful 6 hours of sleep. It's election day, so you were treated to 2 extra hours of sleep than normal. You should be in peak mental condition when making big decisions, after all. Speaking of which, you take your mandated 30 minute brain activity period, to make sure you are still able to function mentally. You scroll through Dreamscape, a new app that lets you watch the nightly dreams of each Disposaperson. As you are scrolling, you land on a deleted video. 'This dream has been removed under suspicion of defying government powers.' *Thats good.* you think to yourself. *Our government is protecting us from misinformation.* "I agree," your bunkmate says, while listening in on your thoughts. You scroll past the occasional ad reminding you to work hard and follow the rules. Once your mandated 30 minute brain activity period is up, your bunker marches in an organized fashion to the cafeteria. The Disposaperson in front of you accidentally stumbles, and is immediately killed. You step over the corpse, just as you have been trained how to do since childhood. Once in the cafeteria, you take your seat and suck government issued Soylent out of tubes. You feel happy that food is free and doesn't make a mess. You feel euphoric, even, and not just because of the serotonin injected into the food. You're definitely going to cast your vote to the leader promising to increase the frequency of this Soylent flavor by 5%. Listening to everyone else's thoughts, you can tell everyone is in unanimous agreement. *I'm so glad everyone can agree on everything. World peace has been achieved.* After your daily meal, you have been assigned to work in sector 12. *It's nice to finally be mining coal instead of planting trees. Doesn't everybody know planting trees is bad for the environment? Where else would the government put bunker 9736?* Once in the mines, you take a nice breath of the black air. You're encouraged to breathe as much as possible during the beginning as an adjustment period. You love mining coal because it benefits everybody. You're so fortunate to be living on a planet with so many natural resources to use up. Your first planet, Earth, didn't have this much coal. You're so glad the government blew that planet up to reduce the number of depleted planets floating through space. You check the mine's digital leaderboard. You are in the top 1% of coal miners today. You are happy at your work. After all, any lower on the leaderboard and you would be killed off to purify the gene pool. Only the best of the best should be working. Once mining is complete, it's time for the election to be polled. It only takes a few nanoseconds. *Oh good!* you think. *5% more Roast Beef Soylent! I wonder what "Beef" is anyways...* After that last thought, you feel yourself slowly drifting to sleep. The only words in your head: 'Defiance detected.' **If you chose `CEO`:** Your name is... what was your name your birth parent gave you? You can't remember, but it doesn't matter. Your servants call you "Master" anyways. You wake up on the sunny beaches on your own private island on your own private planet. You had a restful 14 hours of sleep. Your smart watch alerts your personal Disposapeople that you are awake. Disposaperson #1337 brings you your breakfast: scrambled eggs, fresh milk, and sizzling bacon. You get flashbacks to the time one of your Disposapeople tried to bring you oatmeal. You hate oatmeal. It's too similar to the food those Disposapeople eat, even though you are the CEO of Soylent. You don't thank your personal disposaperson, and eat your meal. You have a nice life, after Soylent became the leading company in the galaxy. It's nice to have all your work done for you. You check your profits for the day. You get angry after you see that they are only up by 756%. You'll have to pull some strings with your government connections later to only keep the top 1% of coal miners. That should raise your profits, and encourage those workers to work harder and follow the rules. Haven't they seen the ads? You are almost done with your meal when your spouse barges in. Your spouse urgently tells you to come quick. Your spouse tells you that your child has been infected with a deadly disease. You ask how that could have happened. The doctor informs you that your child likely caught it from a contagious Disposaperson who had been in the mines. Outraged, you know that the only solution is to cut the number of workers in the mines. You make a few phone calls and order any miner not in the top 1% to be disengaged immediately. You and your spouse can now rest easy knowing that no more of those workers will be infecting your family anymore. Plus, your profits are up by 1,058%! **If you chose `Government official`:** Your name is Steve. You are the government official in charge of planet C-137. Today is election day, so you have to put on a good show to make it seem like there is competition. You make sure the news is convincing as many people as possible, and you partner with Soylent to launch an ad campaign. "Work hard, and follow the rules." You like it, it's catchy. Your assistant informs you that the planet needs to cut back on planting trees, otherwise there will be no room for bunker 9736. You thank her for informing you. They say being polite to your assistants increases the chances of winning an election, after all. You check the numbers. *Good.* you think. *Bunker #42 is unanimous.* An alert pops up: 'Potential defiance detected in worker #42069' You scan the worker to check if the it is voting for you. The worker isn't fully confident. You decide to feed the worker its favorite flavor of Soylent, and promise to increase production of that flavor by 5%. It's convenient to know every worker's preferences. *That should do it* you think. You tell your assistant to disengage that worker once the election is complete, just to be sure. You tried Soylent once. It was the worst thing you've ever tasted, but you had to put on a good face, or else the CEO of Soylent wouldn't have partnered with you. The phone rings. You pick up the phone. It's the CEO of Soylent. The CEO tells you that you have to disengage any coal worker not in the top 1%. You remind the CEO that it's already at 2%. The CEO tells you it's urgent. You need Soylent to vote for you in the election, so you give in under the pressure. You order your assistant to disengage any coal workers not in the top 1%. You turn on the TV to watch the workers from the satellite cameras. You couldn't imagine what it would be like if anyone could hide their actions. Only criminals would do that. It's finally time to cast the votes. You push a button, and the votes are collected almost instantly. You won the election, you should be happy... Why aren't you happy? # A Private Society Let's compare that dystopia to a private society. In this society, privacy is a fundamental human right. ### Your Personal Life Your information is yours, and stays yours. Personal information is never collected. There's no reason to collect it, because you never need to [identify yourself using personal data](https://nbtv.substack.com/i/161144684/myth-to-prove-who-you-are-you-have-to-hand-over-sensitive-data). If you want to rent a house, you just start paying for it. If you try to stop paying rent, the house gets seized. No identity required. Healthcare is either free or a very small price that you pay for on the spot. No identity required. Voting is done in closed buildings so nobody can try going to the back of the line to vote a second time. No identity required. You buy a car by paying on the spot. Budgeting money and saving up is a common practice. No identity required. People are civil. If you get in an accident, you pay each other's medical bills. No identity required. If you want to board a plane, you pay for a ticket and board. No identity required. When you get a job, you work and get paid at the end of the day. No income taxes, no background checks. If there are references on your résumé (which are not required), jobs can call those references as a "background check". No identity required. No taxes at all. There's no way to enforce it without tracking income, and there are plenty of other ways to fund the government. No identity required. Education is either free or you pay for an access card to the building. If you stop the payments, the access card is revoked. No identity required. Immigration is something that can be done while respecting privacy, but it's apparently a controversial topic, so I will avoid talking about it. I will leave this as an exercise for the reader. Stores can prevent theft in many different ways without surveillance cameras. Some examples are putting products in lock boxes to be unlocked at checkout, or vending machines. I'd love to hear some of your clever ideas for this. Your data remains yours. No more online accounts to read an article about bigfoot. No more "send us a picture to verify your age". No more surveillance cameras. No identity requirements. All communications are private by design. Aliases are common. Also, you can wear clothes. ### Security Breaches hit near zero as security becomes a requirement. Software is mandated to be open source, and government used software is required to be heavily audited. People use proper multi-factor authentication in day to day life. Funds are kept secure by using anonymous digital currencies or cash. ATMs to swap these are around every corner. Centralized banking exists, but is used less commonly. The ones that exist are closely regulated to make sure they use good privacy practices. Companies are regulated in the same way. Innovations in physical locks skyrocket, since cameras are no longer strapped to your doorbells. People realize surveillance isn't safety, and that they can get hacked quite easily. Those who do have surveillance systems use a closed circuit to host it locally. Laws are in place so these cameras only record the *owner's* property. Not the sidewalk, not the road, not the neighbors. Notices must be clearly posted outside. Self hosting becomes widespread, with the most common tool to self host being blockchain miners. Those servers can double as heating systems in the winter. [This person](https://feddit.uk/u/PrettyFlyForAFatGuy) tried mining cryptocurrencies to heat his apartment, but the post with the results got deleted. The society runs on a full mesh network. This ensures that internet is free and not tracked or censored. ### Powers Companies and governments are fully transparent, so any misconduct is easy to spot and fix. Individuals have privacy, but businesses and corporations do not. This society prioritizes individual privacy, but also transparency. If misinformation spreads, it is neither the government's nor a company's job to censor it. People will learn to spot misinformation on their own. Open source software is mandated for use in the government. The government takes security very seriously. National security is not kept by obscuring actions, but by putting real protections in place. Without being able to sell your data, companies charge for products and services, not software. This not only encourages self hosting, but provides a better business model for things that cannot be self hosted. Things like VPNs, cloud storage, streaming services, etc. are open source but paid. Essentially, you pay with money, not data. People are not controlled by any entity, and so they can think freely and express freely. Of course, free speech always has social consequences, but it is still free speech. # Conclusion I could flesh out a lot of the fine details, but you get the picture. Society can function and thrive with privacy, and you need privacy for a free society. It really helps you appreciate the privacy we have today, and helps you realize how our privacy is slowly being eroded. It's a fun thought experiment to see some creative solutions to work around some of the challenges with privacy. We should have privacy as an essential baseline, and work around the problems, rather than defaulting to "more cameras in schools!". Can an AI camera stop a bullet? Anyways, thanks for reading! My mandated 30 minute brain activity period is over, so I have to go. P.S. I've undoubtedly made some pretty stupid mistakes while writing this, but I wrote this in good faith. Edit: Typo

I'm making this post to share some interesting less talked about things about privacy, security, and other related topics. This post has no direct goal, it's just an interesting thing to read. Anyways, here we go: I made [a post](https://lemmy.ml/post/26453687) about [secureblue](https://secureblue.dev/), which is a Linux distro\* (I'll talk about the technicality later) designed to be as secure as possible without compromising too much usability. I really like the developers, they're one of the nicest, most responsible developers I've seen. I make a *lot* of bug reports on a wide variety of projects, so they deserve the recognition. Anyways, secureblue is a lesser known distro\* with a growing community. It's a good contrast to the more well known alternative\*\* [Qubes OS](https://www.qubes-os.org/), which is not very user friendly at all. \* Neither secureblue, nor Qubes OS are "distros" in the classical sense. secureblue modifies and hardens various [Fedora Atomic](https://fedoraproject.org/atomic-desktops/) images. Qubes OS is not a distro either, as they [state themselves](https://www.qubes-os.org/faq/#is-qubes-just-another-linux-distribution). It's based on the [Xen Hypervisor](https://xenproject.org/projects/hypervisor/), and virtualizes different Linux distros on their own. \*\* Qubes OS and secureblue [aren't exactly comparable](https://github.com/secureblue/secureblue.dev/issues/52#issuecomment-2672528390). They have different goals and deal with security in different ways, just as no [threat model](https://www.privacyguides.org/en/basics/threat-modeling/) can be compared as "better" than any other one. This all is without mentioning secureblue [can be run inside of Qubes OS](https://github.com/QubesOS/qubes-issues/issues/9755), which is a whole other ballpark. secureblue has the goal of being the most secure option "for those whose first priority is using Linux, and second priority is security." secureblue "does not claim to be the most secure option available on the desktop." (See [here](https://secureblue.dev/#who-is-secureblue-for)) Many people in my post [were confused](https://lemmy.ml/post/26453687/16931157) about that sentence and wondered what the most secure option for desktop is. Qubes OS is one option, however the secureblue team likely had a different option in mind when they wrote that sentence: Android. secureblue quotes [Madaiden's Insecurities](https://madaidans-insecurities.github.io/) on [some places](https://secureblue.dev/articles/userns) of their website. Madaiden's Insecurities holds the view that [Linux is fundamentally insecure](https://madaidans-insecurities.github.io/linux.html) and [praises Android](https://madaidans-insecurities.github.io/android.html) as a much better option. It's a hard pill to swallow, but Madaiden's Insecurities does make valid criticisms about Linux. However, Madaiden's Insecurities makes no mention of secureblue. Why is that? As it turns out, Madaiden's Insecurities [has not been updated in over 3 years](https://github.com/madaidans-insecurities/madaidans-insecurities.github.io/commits/master/). It is still a credible source for some occasions, but [some recommendations](https://madaidans-insecurities.github.io/security-privacy-advice.html) are outdated. Many people are strictly anti-Google because of Google's extreme history of privacy violations, however those people end up harming a lot of places of security in the process. The reality is, while Google is terrible with privacy, Google is fantastic with security. As such, many projects such as [GrapheneOS](https://grapheneos.org/) use [Google-made devices](https://grapheneos.org/faq#supported-devices) for the operating system. GrapheneOS [explains their choice](https://grapheneos.org/faq#future-devices), and makes an important note that it would be willing to support other devices as long as it met their security standards. Currently only Google Pixels do. For those unfamiliar, GrapheneOS is an open source privacy and security focused custom Android distribution. The [Android Open Source Project](https://source.android.com/) (AOSP) is an open source project developed by Google. Like the Linux kernel, it provides an open source base for Android, which allows developers to make their own custom distributions of it. GrapheneOS is one such distribution, which "[DeGoogles](https://en.wikipedia.org/wiki/DeGoogle)" the device, removing the invasive Google elements of the operating system. Some Google elements, such as [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) can be optionally installed onto the device in a non-privileged way (see [here](https://grapheneos.org/faq#google-services) and [here](https://grapheneos.org/usage#sandboxed-google-play)). People may be concerned that Google Pixels can still spy on them at a hardware level even with GrapheneOS installed, but that [isn't the case](https://discuss.grapheneos.org/d/10029-intel-management-engine-equivalent-on-pixels). With that introduction of secure Android out of the way, let's talk about desktop Android. Android has had a hidden option for [Desktop Mode](https://discuss.grapheneos.org/d/9775-pixel-8-desktop-mode-guide-and-personal-experience) for years now. It's gotten much better since it was first introduced, and with the recent release of Android 15 QPR2, Android has been given [a native terminal](https://grapheneos.org/releases#2025030900) application that virtualizes Linux distros on the device. GrapheneOS is [making vast improvements](https://grapheneos.org/releases#2025031300) to the terminal app, and there are many improvements to come. GrapheneOS will also [try to support](https://discuss.grapheneos.org/d/17691-grapheneos-for-the-new-pixel-laptop) an upcoming Pixel Laptop from Google, which will run full Android on the desktop. All of these combined means that Android is one of, if not the, most secure option for desktop. Although less usable than some more matured desktop operating systems, it is becoming more and more integrated. By the way, if you didn't know, [Android is based on Linux](https://en.wikipedia.org/wiki/Android_(operating_system)). It uses the Linux kernel as a base, and builds on top of it. Calling Qubes OS a distro would be like calling Android and Chrome OS distros as well. Just an interesting fact. So, if Android (or more specifically GrapheneOS) is the most secure option for desktop, what does that mean in the future? If the terminal app is able to virtualize Linux distros, secureblue could be run inside of GrapheneOS. GrapheneOS may start to become a better version of Qubes OS, in some respects, especially with the upcoming [App Communication Scopes](https://grapheneos.social/@GrapheneOS/111359936037411368) feature, which further sandboxes apps. However, there is one bump in the road, which is the potential for [Google to be broken up](https://apnews.com/article/google-search-antitrust-case-59114d8bf1dc4c8453c08acaa4051f14). If that happens, it might put GrapheneOS and a lot of security into a weird place. There might be consequences such as Pixels not being as secure or not supporting alternative Android distributions. Android may suffer some slowdowns or halts in development, possibly putting more work on custom Android distribution maintainers. However, some good may come from it as well. Android may become more open source and less Google invasive. It's going to be interesting to see what happens. Speaking of Google being broken up, what will happen to Chrome? I largely don't care about what happens to *Chrome*, but instead what happens to *[Chromium](https://www.chromium.org/Home/)*. Like AOSP, Chromium is an open source browser base developed by Google. Many browsers are based on Chromium, including [Brave Browser](https://brave.com/) and [Vanadium](https://grapheneos.org/features#vanadium). Vanadium is a hardened version of Chromium developed by GrapheneOS. Like what GrapheneOS does to Android, Vanadium removes invasive Google elements from the browser and adds some privacy and security fixes. Many users who run [browser fingerprinting tests](https://coveryourtracks.eff.org/) on Vanadium report it having a **nearly** unique fingerprint. Vanadium does actually include fingerprint protections (see [here](https://grapheneos.org/features#vanadium) and [here](https://grapheneos.org/usage#web-browsing)), but not enough users use it for it to be as noticeable as the [Tor Browser](https://www.torproject.org/). "Vanadium will appear the same as any other Vanadium on the same device model, and we don't support a lot of device models." (see [here](https://discuss.grapheneos.org/d/4242-brave-vs-vanadium/11)) There's currently a battle in the browser space between a few different groups, so mentioning any browser is sure to get you involved in a slap fight. The fights usually arise between these groups: - The group that is strictly anti-Google and uses Firefox-based browsers - The security focused group that recognizes that [Firefox is insecure](https://madaidans-insecurities.github.io/firefox-chromium.html) and opts for privacy enhanced versions of Chromium - The political group that only care about the politics behind an organization rather than the code itself (examples: [Firefox Terms of Use update](https://blog.mozilla.org/en/products/firefox/firefox-news/firefox-terms-of-use/), [Brave Browser including a crypto wallet](https://brave.com/wallet/)) For that last one, I would like to mention that [Firefox rewrote the terms after backlash](https://techcrunch.com/2025/03/03/mozilla-rewrites-firefoxs-terms-of-use-after-user-backlash/), and users have the ability to [disable bloatware in Brave](https://www.privacyguides.org/en/desktop-browsers/#brave). Since Brave is open source, it is entirely possible for someone to make a fork of it that removes unwanted elements by default, since Brave is [another recommended browser](https://discuss.grapheneos.org/d/4242-brave-vs-vanadium/2) by the GrapheneOS team for security reasons. Another interesting Chromium-based browser to look at is secureblue's [Trivalent](https://github.com/secureblue/Trivalent), which was inspired by Vanadium. It's a good option for users that use Linux instead of Android as a desktop. Also, about crypto, why is there a negativity around it? The reason is largely due to its use in crime, use in scams, and use in investing. However, not all cryptocurrencies are automatically bad. The original purpose behind cryptocurrency was to solve [a very interesting problem](https://youtu.be/bBC-nXj3Ng4). There are some cryptocurrencies with legitimate uses, such as [Monero](https://www.getmonero.org/), which is a cryptocurrency designed to be completely anonymous. Whether or not you invest in it is your own business, and unrelated to the topics of this post. Bitcoin themselves even admit that [Bitcoin is not anonymous](https://bitcoin.org/en/you-need-to-know#anonymous), so there is a need for Monero if you want fully decentralized, anonymous digital transactions. On the topic of fully decentralized and anonymous things, what about secure messaging apps? Most people, even GrapheneOS and [CISA](https://www.bleepingcomputer.com/news/security/cisa-urges-switch-to-signal-like-encrypted-messaging-apps-after-telecom-hacks/), are quick to recommend [Signal](https://signal.org/) as the gold standard. However, another messenger comes up in discussion (and my personal favorite), which is [SimpleX Chat](https://simplex.chat/). SimpleX Chat is recommended by GrapheneOS occasionally, as well as [other credible places](https://www.privacyguides.org/en/real-time-communication/). [This spreadsheet](https://privacyspreadsheet.com/messaging-apps) is my all time favorite one comparing different messengers, and SimpleX Chat is the only one that gets full marks. Signal is a close second, but it isn't decentralized and it requires a phone number. Anyways, if you do use Signal on Android, be sure to check out [Molly](https://molly.im/), which is a client (fork) of Signal for Android with lots of hardening and improvements. It is also available to install from [Accrescent](https://accrescent.app/). Accrescent is an open source app store for Android focused on privacy and security. It is one of the default app stores available to install directly on GrapheneOS. It plans to be an alternative to the [Google Play Store](https://en.wikipedia.org/wiki/Google_Play), which means it will support [installing proprietary apps](https://accrescent.app/faq#open-source). Accrescent is [currently in early stages](https://accrescent.app/faq#status) of development, so there are only a handful of apps on there, but [once a few issues](https://github.com/accrescent/parcelo/issues/635) are fixed you will find that [a lot of familiar apps](https://github.com/simplex-chat/simplex-chat/issues/5012) will support it quickly. Many people have high hopes for Accrescent, and for good reason. Other app stores like [F-Droid are insecure](https://privsec.dev/posts/android/f-droid-security-issues/), which pose risks such as [supply chain attacks](https://en.wikipedia.org/wiki/Supply_chain_attack). Accrescent is hoped to be (and currently is) one of the most secure app stores for Android. The only other **secure** app store [recommended by GrapheneOS](https://discuss.grapheneos.org/d/2919-play-store-is-the-best-source-for-apps-on-grapheneos) is the Google Play Store. However, using it can harm user privacy, as it is a Google service like any other. You also need an account to use it. Users of GrapheneOS recommend making an anonymous Google account by creating it using fake information from a non-suspicious (i.e. not a VPN or Tor) IP address such as a coffee shop, and always use a VPN afterwards. A lot of people aren't satisfied with that response, since the account is still a unique identifier for your device. This leads to another slap fight about [Aurora Store](https://aurorastore.org/), which allows you to (less securely) install Play Store apps using a randomly given Google account. The difference between the Play Store approach and the Aurora Store approach is that Aurora Store's approach is [k-anonymous](https://en.wikipedia.org/wiki/K-anonymity), rather than... "normal" anonymity. The preference largely comes down to threat models, but if you value security then Aurora Store is not a good option. Another criticism of the Play Store is that it is proprietary. The view of security between open source software and proprietary software has [shifted significantly](https://www.privacyguides.org/en/basics/common-misconceptions/#open-source-software-is-always-secure-or-proprietary-software-is-more-secure). It used to be that people viewed open source software [as less secure](https://www.reddit.com/r/opensource/comments/13rmz38/how_do_i_counter_open_source_is_less_secure_due) *because* the source code is openly available. While technically it's easier to craft an attack for a known exploit if the source code is available, that doesn't make the software itself any less secure. The view was then shifted to open source software being *more* secure, because anyone can audit the code and spot vulnerabilities. Sometimes this can help, and many vulnerabilities have been spotted and fixed faster due to the software being open source, but it isn't always the case. Rarely do you see general people looking over every line of code for vulnerabilities. The reality is that, just because something is open source, doesn't mean it is automatically more or less secure than if it were proprietary. Being open source simply provides integrity in the project (since the developers make it as easy as possible to spot misconduct), and full accountability towards the developers when something goes wrong. Being open source is obviously better than being proprietary, that's why many projects choose to be open source, but it doesn't have to be that way for it to still be secure. Plus, the workings of proprietary code *can technically* be viewed, since some code can be [decompiled](https://en.wikipedia.org/wiki/Decompiler), [reverse engineered](https://en.wikipedia.org/wiki/Reverse_engineering), or simply read as [assembly instructions](https://en.wikipedia.org/wiki/Assembly_language), but all of those are difficult, time consuming, and might get you sued, so it's rare to see it happen. I'm not advocating for the use of proprietary software, but I am advocating for less hate regarding proprietary software. Among other things, proprietary software has some security benefits in things like drivers, which is why projects like [linux-libre](https://en.wikipedia.org/wiki/Linux-libre) and [Libreboot](https://libreboot.org/) are worse for **security** than their counterparts (see [coreboot](https://www.coreboot.org/)). Those projects still have uses, especially if you value software freedom over security, but for security alone they aren't as recommended. Disclaimer before this next section: I don't know the difference in terminology between "Atomic", "Immutable", and "Rolling Release", so forgive me for that. Also, on the topic of software freedom, stop using [Debian](https://www.debian.org/). Debian is [outdated and insecure](https://www.privacyguides.org/en/os/linux-overview/#release-cycle), and I would argue less stable too. Having used a distro with an [Atomic release cycle](https://www.privacyguides.org/en/os/linux-overview/#traditional-vs-atomic-updates), I have experienced far *less* issues than when I used Debian. Not to mention, if you mess anything up on an Atomic distro, you can just rollback to the previous boot like nothing happened, and still keep all your data. That saved me when I almost bricked my computer motifying `/etc/fstab/` by hand. Since fixes are pushed out every day, and all software is kept as up to date as possible, Atomic distros I argue give more stability than having an outdated "tried and tested" system. This is more an opinion rather than factually measured. Once I realized the stable version of Debian uses Linux kernel 6.1, (which is 3 years old and has had [actively exploited vulnerabilities](https://arstechnica.com/security/2024/05/federal-agency-warns-critical-linux-vulnerability-being-actively-exploited/)), and the latest stable version of the kernel is 6.13, I switched pretty quick for that reason among others. Now, many old kernel versions [are still maintained](https://en.wikipedia.org/wiki/Linux_kernel_version_history), and the latest stable version of Android uses kernels 6.1 and 6.6 (which are still maintained), but it's still not great to use older kernel versions regardless. It isn't the only insecurity about Debian. I really have nothing more to say. I know I touched on a lot of *extremely* controversial topics, but I'm sick of [privacy being at odds with security](https://lemmy.ml/post/26582422), as well as other groups being at odds with each other. This post is sort of a collection of a lot of interesting privacy and security knowledge I've accrued throughout my life, and I wanted to share my perspective. I don't expect everybody to agree with me, but I'm sharing this in case it ever becomes useful to someone else. Thanks for taking the time to read this whole thing, if you did. I spent hours writing it, so I'm sure it's gotten very long by now. Happy Pi Day everyone!

This post is long and kind of a rant. I don't expect many to read the whole thing, but there's a conclusion at the bottom. On the surface, recommended security practices are simple: - Store all your credentials in a password manager - Use two factor authentication on all accounts However, it raises a few questions. - Should you access your 2FA codes on the same device as the password manager? - Should you store them in the password manager itself? This is the beginning of where a threat model is needed. If your threat model does not include protections against unwanted access to your device, it is safe for you to store access your 2FA codes on the same device as your password manager, or even in the password manager itself. So, to keep it simple, say you store your 2FA in your password manager. There's a few more questions: - Where do you store the master password for the password manager? - Where do you store 2FA recovery codes? The master password for the password manager could be written down on a piece of paper and stored in a safe, but that would be inconvenient when you want to access your passwords. So, a better solution is to just remember your password. Passphrases are easier to remember than passwords, so we'll use one of those. Your 2FA recovery codes are something that are needed if you lose access to your real 2FA codes. Most websites just say "Store this in a secure place". This isn't something you want to store in the same place as those (in this case our password manager), and it's not something you will access often, so it's safe to write it down on a piece of paper and lock it in a safe. Good so far, you have a fairly simple system to keep your accounts safe from some threats. But, new problems arise: - What happens if you forget your master passphrase? - What happens if others need access to your password manager? The problem with remembering your passphrase is that it's possible to forget it, no matter how many times you repeat it to yourself. Besides naturally forgetting it, things like injuries can arise which can cause you to forget the passphrase. Easy enough to fix, though. We can just keep a copy of the passphrase in the safe, just in case we forget it. If someone else needs to access certain credentials in your password manager, for example a wife that needs to verify bank information using your account, storing a copy of the password is a good idea here too. Since she is a trusted party, you can give her access to the safe in case of emergencies. The system we have is good. If the safe is stolen or destroyed, you still have the master passphrase memorized to change the master passphrase and regenerate the 2FA security codes. The thief who stole the safe doesn't have your password manager's data, so the master passphrase is useless. However, our troubles aren't over yet: - How do you store device credentials? - How do you keep the password manager backed up? Your password manager has to have some device in order to access it. Whether it's a phone, computer, tablet, laptop, or website, there needs to be some device used to access it. That device needs to be as secure as your password manager, otherwise accessing the password manager becomes a risk. This means using full disk encryption for the device, and a strong login passphrase. However, that means we have 2 more passwords to take care of that can't be stored in the password manager. We access those often, so we can't write them down and store them in the safe, Remembering two more passphrases complicates things and makes forgetting much more likely. Where do we store those passphrases? One solution is removing the passwords altogether. Using a hardware security key, you can authenticate your disk encryption and user login using it. If you keep a spare copy of the security key stored in the safe, you make sure you aren't locked out if you lose access to your main security key. Now to keep the password manager backed up. Using the 3-2-1 Backup Strategy. It states that there should be at least 3 copies of the data, stored on 2 different types of storage media, and one copy should be kept offsite, in a remote location (this can include cloud storage). 2 or more different media should be used to eliminate data loss due to similar reasons (for example, optical discs may tolerate being underwater while LTO tapes may not, and SSDs cannot fail due to head crashes or damaged spindle motors since they do not have any moving parts, unlike hard drives). An offsite copy protects against fire, theft of physical media (such as tapes or discs) and natural disasters like floods and earthquakes. Physically protected hard drives are an alternative to an offsite copy, but they have limitations like only being able to resist fire for a limited period of time, so an offsite copy still remains as the ideal choice. So, our first copy will be on our secure device. It's the copy we access the most. The next copy could be an encrypted hard drive. The encryption passphrase could be stored in our safe. The last copy could be a cloud storage service. Easy, right? Well, more problems arise: - Where do you store the credentials for the cloud storage service? - Where do you store the LUKS backup file and password? Storing the credentials for the cloud storage service isn't as simple as putting it in the safe. If we did that, then anyone with the safe could login to the cloud storage service and decrypt the password manager backup using the passphrase also stored in the safe. If we protected the cloud storage service with our security key, a copy of that is still in the safe. Maybe we protect it with a 2FA code, and instead of storing the 2FA codes in the password manager, we store it on another device. That solves the problem for now, but there are still problems, such as storing the credentials for that new device. When using a security key to unlock a LUKS partition, you are given a backup file to store as a backup for emergencies. Plus, LUKS encrypted partitions still require you to setup a passphrase, so storing that still becomes an issue. # Conclusion I'm going to stop here, because this post is getting long. I could keep going fixing problems and causing new ones, but the point is this: **Security is a *mess*!** I didn't even cover alternative ways to authenticate the password manager such as a key file, biometrics, etc. Trying to find "perfect" security is almost impossible, and that's why a threat model is important. If you set hard limits such as "No storing passwords digitally" or "No remembering any passwords" then you can build a security system that fits that threat model, but there's currently no security system that fits all threat model. However, that doesn't let companies that just say "Store this in a secure place" off the hook either. It's a hand wavy response to security that just says "We don't know how to secure this part of our system, so it's your problem now". We need to have comprehensive security practices that aren't just "Use a password manager and 2FA", because that causes people to just store their master passphrase on a sticky note or a text file on the desktop. The state of security is an absolute mess, and I'm sick of it. It seems that, right now, security, privacy, convenience, and safety (e.g. backups, other things that remove single points of failure) are all at odds with each other. This post mainly focused on how security, convenience, and safety are at odds, but I could write a whole post about how security and privacy are at odds. Anyways, I've just outlined one possible security system you can have. If you have one that you think works well, I'd like to hear about it. I use a different security system than what I outline here, and I see problems with it. Thanks for reading!

cross-posted from: https://lemmy.ml/post/26453685 > Not many people have heard about secureblue, and I want to spread the word about it. secureblue provides hardened images for [Fedora Atomic](https://fedoraproject.org/atomic-desktops/) and [CoreOS](https://fedoraproject.org/coreos/). It's an operating system "for those whose first priority is using linux, and second priority is security." > > secureblue provides exploit mitigations and fixes for multiple security holes. This includes the addition of [GrapheneOS](https://grapheneos.org/)'s [hardened_malloc](https://github.com/GrapheneOS/hardened_malloc), their own hardened Chromium-based browser called [Trivalent](https://github.com/secureblue/Trivalent), [USBGuard](https://usbguard.github.io/) to protect against USB peripheral attacks, and [plenty more](https://secureblue.dev/features). > > secureblue has definitely matured **a lot** since I first started using it. Since then, it has become something that could reasonably be used as a daily driver. secureblue recognizes the need for usability alongside security. > > If you already have Fedora Atomic (e.g. Secureblue, Kinoite, Sericea, etc.) or CoreOS installed on your system, you can easily rebase to secureblue. The [install instructions](https://secureblue.dev/install) are really easy to follow, and I had no issues installing it on any of my devices. > > I'd love more people to know about secureblue, because it is fantastic if you want a secure desktop OS!

A couple years ago when I was first interested in privacy I stumbled across a privacy website that I found very cool. I regret not saving it, but I'm certain it's not lost. I only remember this about the website: - It had [this song](https://youtu.be/VhTzaSuryVM) as its background music - The website was for educating about privacy, and you would "unlock" new knowledge as you went - Some of that knowledge was in a "cave" where some dark stories and articles surfaced - One of the interactive segments was about "What do you think step counter data could reveal about you?" and the answer was things like religion (if your step count increased on certain days such as Sunday or Tuesday which correlates with some religions), rough location (based on which times you walked), etc. That's all I remember. Thank you so much to anyone who can help me find it!

After about 2 and a half years of battling for my privacy, I'm finally at a place where I can step back and be happy. Technically the seed of privacy was planted 5 years ago, but it hadn't become a goal yet. I used to use Windows 7 (even 10 and 11, eventually), an iPhone 6, Gmail, Google Hangouts (anyone else remember when it was called that?) and Discord as my main messengers, Snapchat, Instagram, Spotify, Netflix, Reddit, ChatGPT, Chrome, Google, Avast and Avast VPN, YouTube, Authy, and so, so much more. I am so fortunate to be able to be where I'm at now. I use [Fedora](https://fedoraproject.org/) ([Silverblue](https://fedoraproject.org/atomic-desktops/silverblue/). I tried [secureblue](https://github.com/secureblue/secureblue) but it was too strict for my taste), a Pixel 8 running [GrapheneOS](https://grapheneos.org/), [Proton Mail](https://mail.proton.me/) + [addy.io](https://addy.io/) (although I try to use email as little as possible), [Signal](https://signal.org/) and [SimpleX Chat](https://simplex.chat/), a "self-hosted" music library, some [*cheaper*](https://wiki.dbzer0.com/piracy/megathread/movies-and-tv/) ways to stream movies, [Lemmy](https://join-lemmy.org/) (duh), [HuggingChat](https://huggingface.co/chat/) (because I don't have the hardware to run my own model quite yet), [Tor Browser](https://www.torproject.org/) and another (I want to avoid arguments about my browser choice), [SearXNG](https://docs.searxng.org/), [Proton VPN](https://protonvpn.com/) (until I can get [Mullvad VPN](https://mullvad.net/en) paid for), [FreeTube](https://freetubeapp.io/), [Aegis Authenticator](https://getaegis.app/), and [a plethora of other software](https://github.com/An-anonymous-coder/Open-Source-Everything). I got quite lucky with device compatibility. My computer and laptop just so happen to be compatible with every distro I've tried, and I've sure dragged them through hell to find the one I want. I'm blessed to have been able to snag a decent phone for GrapheneOS, and so glad to have automated the *transition* from Spotify. It's been a good run. I'm glad to finally be satisfied with where I'm at. I started to see the fruit of my labor months ago. Now I can rest easy and do my part to help others become more privacy aware. I'd love to hear your story too, maybe mine isn't far off! Bonus story: The straw that broke the camel's back that caused me to fully switch to Linux was Windows 11's [Efficiency Mode](https://devblogs.microsoft.com/performance-diagnostics/reduce-process-interference-with-task-manager-efficiency-mode/). It's a cute feature that throttles the performance of programs to save on carbon emissions... and (at the time) you couldn't disable it. You could disable it per-process, but it would re-enable itself shortly after. ChatGPT was becoming quite popular at the time, but Efficiency Mode slowing down the browser made it nearly unusable. I did look for ways to permanently disable it, but either I wasn't experienced enough or it didn't exist yet. Well, no way except to replace Windows altogether!

All of us have made privacy mistakes at some point in our privacy journeys. In an effort to help those earlier on in that journey, please share some of the mistakes you've made, and how you could have prevented it.

I use an RSS reader to curate my Lemmy feed, which means I see every post, including deleted ones. Every so often, posts will crop up with pessimistic content such as "Why try anymore?" etc. Most of the time these are a result of privacy burnout, where the individual has a threat model that is too strict for their own tolerance. We all wish we have perfect privacy. We all wish the world could be more pro-privacy than anti-privacy. One day, that may be the case. For now, we have to accept that nobody can be completely private. **Privacy is a spectrum**, and doing what you can to minimize data collection goes a long way. You can't become private overnight, so taking small steps like these means you can grow a strong foundation for future privacy. Privacy takes time, so take it as slow as you need to. Even if a company already has your data or another means to track you, by minimizing you are making it harder for them to extract that data, and it increases the odds that your data becomes stale. By caring about privacy to begin with, you're showing companies and other people that the data collection is not ok. I've been a privacy activist for years now, and I will also face periods of privacy burnout. I handle it by stopping, taking a step back, and reevaluating my threat model. It's good to take breaks like those, because it means you don't push yourself past your limits and become burnt out. It's really easy to get caught up in the "breaking news" of privacy, too. This is more of a personal stance, but getting caught up in politics and news often leads to stress and makes it harder to make real progress. (This is one of the reasons I use an RSS reader, I can curate my information without stressful headlines.) You don't need to use the most private software or jump ship the moment anything goes wrong. If you feel you need to switch, do it when you have time and when it won't cause problems elsewhere. Take a look at how far you've come, and realize that even if you're not where you want to be yet, you've taken steps to get there. Every person who starts to care about privacy, even you, is one more person to help make the world a more privacy respecting place. It may not seem like you make that much of a difference, but it's not just you. You and everybody else who cares about privacy makes a huge difference. Don't give up now. Privacy is an uphill battle by design, but the payoff is worth it. Good luck!

Happy Christmas and Merry Hanuka! If you're struggling to find something to buy your privacy enthusiast friend for the holidays, I have some gift ideas. As with any gift, not everyone will need these, but it can give you a good idea of what to look for. Feel free to submit your own suggestions, as well! No affiliate links, no sponsors, no favorites. All prices are in USD. If a price is something like "$X.99" or "$X.49" or "$X39" I have rounded it up by one digit. --- # Subscriptions Some privacy tools come at a cost, and not all open source software can be used for free! --- ### [Addy.io](https://addy.io/) Addy.io is an email aliasing service. **[Pricing](https://addy.io/#pricing)** Lite: $1 / month Pro: $3 / month --- ### [Bitwarden](https://bitwarden.com/) Bitwarden is a cloud-synced password manager. **[Pricing](https://bitwarden.com/pricing/)** Personal Premium: $10 / year Personal Families: $40 / year Business Teams: $48 / user / year Business Enterprise: $72 / user / year --- ### [Calyx Institute Internet Membership](https://calyxinstitute.org/membership/internet) The Calyx Institute Internet Membership provides you with a privacy respecting cellular hotspot. **[Pricing](https://calyxinstitute.org/membership/internet)** Contributor Yearly: $500 / year for first year, $400 / year thereafter Contributor Quarterly: $150 / 3 months Contributor Plus: $600 / year for first year, $500 / year thereafter Sustainer Yearly: $750 / year for first year, $500 / year thereafter Sustainer Quarterly: $175 / 3 months --- ### [JMP](https://jmp.chat/) JMP is an open source phone number provider. **[Pricing](https://jmp.chat/pricing/USD#US)** Plan (USD): $5 / month + additional usage costs --- ### [Mullvad VPN](https://mullvad.net/en/vpn) Mullvad VPN is a virtual private network. **[Pricing](https://mullvad.net/en/pricing)** 1 month: $5.28 / month Physical vouchers are also available through [resellers](https://mullvad.net/en/help/partnerships-and-resellers). --- ### [MySudo](https://anonyome.com/individuals/mysudo/) (PROPRIETARY) MySudo is a **proprietary** aliasing software. I could not find any open source option for aliasing phone numbers, especially this cheap. **[Pricing](https://anonyome.com/individuals/mysudo-plans/)** SudoGo: $1 / month or $10 / year SudoPro: $5 / month or $50 / year SudoMax: $15 / month or $150 / year --- ### [Privacy.com](https://privacy.com/) (PROPRIETARY) Privacy.com is a **proprietary** financial transaction masking and aliasing tool. There are other options such as [Revolut](https://www.revolut.com/) (open source), but Privacy.com seems to be the one that works best in the United States. Consider your threat model while using these tools. **[Pricing](https://privacy.com/pricing)** Plus: $5 / month Pro: $10 / month Premium: $25 / month --- ### [Proton](https://proton.me/) Proton is a software suite that includes email, VPN, cloud storage, password manager, calendar, and wallet. Their pricing is extremely convoluted and difficult to navigate. **Pricing** [Proton Unlimited](https://proton.me/pricing) 1 month: $13 / month [Proton Unlimited](https://proton.me/pricing) 12 months: $10 / month [Proton Duo](https://proton.me/family): $15 / month [Proton Family](https://proton.me/family): $24 / month [Mail Plus](https://proton.me/mail/pricing) 1 month: $5 / month [Mail Plus](https://proton.me/mail/pricing) 12 months: $4 / month [Drive Plus](https://proton.me/drive/pricing) Monthly: $5 / month [Drive Plus](https://proton.me/drive/pricing) Yearly: $4 / month [Proton VPN Plus](https://protonvpn.com/pricing) 1-month plan: $10 / month [Proton VPN Plus](https://protonvpn.com/pricing) 1-year plan: $5 / month [Proton VPN Plus](https://protonvpn.com/pricing) 2-year plan: $4.50 / month [Pass Plus](https://proton.me/pass/pricing) Monthly: $5 / month [Pass Plus](https://proton.me/pass/pricing) Yearly: $3 / month [Proton Business Suite](https://proton.me/business/plans) Monthly: $15 / user / month [Proton Business Suite](https://proton.me/business/plans) Yearly: $13 / user / month [Mail Essentials](https://proton.me/business/plans) Monthly: $8 / user / month [Mail Essentials](https://proton.me/business/plans) Yearly: $7 / user / month [Mail Professional](https://proton.me/business/plans) Monthly: $11 / user / month [Mail Professional](https://proton.me/business/plans) Yearly: $10 / user / month [VPN Essentials](https://proton.me/business/plans) Monthly: $9 / user / month [VPN Essentials](https://proton.me/business/plans) Yearly: $7 / user / month [VPN Professional](https://proton.me/business/plans) Monthly: $12 / user / month [VPN Professional](https://proton.me/business/plans) Yearly: $10 / user / month [Pass Essentials](https://proton.me/business/plans) Monthly: $5 / user / month [Pass Essentials](https://proton.me/business/plans) Yearly: $2 / user / month [Pass Professional](https://proton.me/business/plans) Monthly: $7 / user / month [Pass Professional](https://proton.me/business/plans) Yearly: $3 / user / month [Drive Professional](https://proton.me/business/plans) Monthly: $10 / user / month [Drive Professional](https://proton.me/business/plans) Yearly: $6 / user / month --- # Hardware Not everything is digital. Hardware is the foundation for privacy, after all! --- ### Dumb Television Smart TVs are *so* last century... and this century... and the next century... Enjoy the luxury of buying a "dumb TV" while it lasts, because your TV doesn't need to spy on you! There's no best option here. You might need to purchase a large monitor instead of a TV. --- ### [Google Pixel](https://store.google.com/category/phones) Google Pixel phones are one of the most secure devices, especially when you run a security/privacy focused custom Android distribution such as [GrapheneOS](https://grapheneos.org/). Other phones exist for this category, but the Google Pixel is a good baseline. Prices here are based on what are actively being sold on Google's own website. **Some things to look out for when installing a custom Android distribution:** - Make sure the custom Android distribution you want to install supports being installed on the device you get. [GrapheneOS](https://grapheneos.org/), for example, only supports Google devices. - Make sure the device you purchase allows [unlocking the bootloader](https://en.wikipedia.org/wiki/Bootloader_unlocking). - Make sure the custom Android distribution you want to install supports **locking** the bootloader after installation for the device you get. Some devices do not allow relocking the bootloader, and in some cases this can brick the device. Google Pixels generally have the best support for this. - Make sure the device you purchase is [carrier unlocked](https://en.wikipedia.org/wiki/SIM_lock) or the carrier allows OEM unlocking/bootloader unlocking. Some carriers (most notoriously Verizon) will disable this functionality to maintain a monopoly and will refuse to lift the restriction. Second hand sellers are often unaware of this and will mistakenly list the device as "carrier unlocked" when it is in fact not. **Pricing** [Refurbished Pixel 6](https://store.google.com/config/refurbished_pixel_6) 128GB: $340 [Refurbished Pixel 6](https://store.google.com/config/refurbished_pixel_6) 256GB: $390 [Refurbished Pixel 6 Pro](https://store.google.com/config/refurbished_pixel_6_pro) 128GB: $540 [Refurbished Pixel 6a](https://store.google.com/config/refurbished_pixel_6a): $250 [Refurbished Pixel 7](https://store.google.com/config/refurbished_pixel_7) 128GB: $430 [Refurbished Pixel 7](https://store.google.com/config/refurbished_pixel_7) 256GB: $480 [Refurbished Pixel 7 Pro](https://store.google.com/config/refurbished_pixel_7_pro) 128GB: $630 [Refurbished Pixel 7 Pro](https://store.google.com/config/refurbished_pixel_7_pro) 256GB: $680 [Refurbished Pixel 7 Pro](https://store.google.com/config/refurbished_pixel_7_pro) 512GB: $780 [Pixel 7a](https://store.google.com/config/pixel_7a): $500 [Pixel 8](https://store.google.com/config/pixel_8) 128GB: $700 [Pixel 8](https://store.google.com/config/pixel_8) 256GB: $760 [Pixel 8 Pro](https://store.google.com/config/pixel_8_pro) 128GB: $1,000 [Pixel 8 Pro](https://store.google.com/config/pixel_8_pro) 256GB: $1,060 [Pixel 8 Pro](https://store.google.com/config/pixel_8_pro) 512GB: $1,180 [Pixel 8 Pro](https://store.google.com/config/pixel_8_pro) 1TB: $1,400 [Pixel 8a](https://store.google.com/config/pixel_8a) 128GB: $400 [Pixel 8a](https://store.google.com/config/pixel_8a) 256GB: $460 [Pixel 9](https://store.google.com/config/pixel_9) 128GB: $650 [Pixel 9](https://store.google.com/config/pixel_9) 256GB: $750 [Pixel 9 Pro](https://store.google.com/config/pixel_9_pro) 128GB: $850 [Pixel 9 Pro](https://store.google.com/config/pixel_9_pro) 256GB: $950 [Pixel 9 Pro](https://store.google.com/config/pixel_9_pro) 512GB: $1,070 [Pixel 9 Pro](https://store.google.com/config/pixel_9_pro) 1TB: $1,300 [Pixel 9 Pro XL](https://store.google.com/config/pixel_9_pro) 128GB: $950 [Pixel 9 Pro XL](https://store.google.com/config/pixel_9_pro) 256GB: $1,050 [Pixel 9 Pro XL](https://store.google.com/config/pixel_9_pro) 512GB: $1,170 [Pixel 9 Pro XL](https://store.google.com/config/pixel_9_pro) 1TB: $1,400 [Pixel 9 Pro Fold](https://store.google.com/config/pixel_9_pro_fold) 256GB: $1,500 [Pixel 9 Pro Fold](https://store.google.com/config/pixel_9_pro_fold) 512GB: $1,620 --- ### [OpenWrt One](https://openwrt.org/toh/openwrt/one) OpenWrt One is the first router designed specifically to run [OpenWrt](https://openwrt.org/start). It's not the only supported device, and there are other open source router firmware projects, but this is a good out-of-the-box choice. **Pricing** This can currently only be purchased from unofficial resellers for $90. --- ### [Qubes OS certified hardware](https://www.qubes-os.org/doc/certified-hardware/) [Qubes OS](https://www.qubes-os.org/) is likely the most hardened Linux distro available. They have their own list of certified hardware that comes with Qubes OS preinstalled. Those devices aren't the only ones capable of running Qubes OS. You can also check out the [Hardware compatibility list](https://www.qubes-os.org/hcl/) and [Community-recommended computers](https://forum.qubes-os.org/t/community-recommended-computers/5560). These computers can run more than just Qubes OS, but if it's good enough to be certified by them, it will likely run anything else just as securely! **Pricing** [NitroPad V56](https://shop.nitrokey.com/shop/nitropad-v56-684): Lowest $1,565.58 [NovaCustom V56 Series 16.0 inch coreboot laptop](https://novacustom.com/product/v56-series/): Lowest $1,256.40 [NitroPC Pro 2](https://shop.nitrokey.com/shop/nitropc-pro-2-523): Lowest $1,614.73 [Star Labs StarBook](https://starlabs.systems/pages/starbook): Lowest $863.00 [NitroPC Pro](https://shop.nitrokey.com/shop/product/nitropc-pro-523): Lowest $1,614.91 [NovaCustom NV41 Series](https://novacustom.com/product/nv41-series/) Lowest $930.60 [Dasharo FidelisGuard Z690](https://3mdeb.com/shop/open-source-hardware/dasharo-fidelisguard-z690-qubes-os-certified/): Lowest $994.28 [NitroPad T430](https://shop.nitrokey.com/shop/product/nitropad-t430-119): Lowest $737.79 [NitroPad X230](https://shop.nitrokey.com/shop/product/nitropad-x230-67): Lowest $737.79 [Insurgo PrivacyBeast X230](https://insurgo.ca/produit/qubesos-certified-privacybeast_x230-reasonably-secured-laptop/): $1,341.46 --- ### [Raspberry Pi](https://www.raspberrypi.com/) Raspberry Pis are miniature computers that are very useful for setting up proxy servers. **[Pricing](https://www.raspberrypi.com/products/)** There's endless configurations, but the most recent Raspberry Pi model is the Raspberry Pi 5. There are multiple resellers of this, and the cheapest one is the [$50 Raspberry Pi 5 2GB](https://www.raspberrypi.com/products/raspberry-pi-5/?variant=raspberry-pi-5-2gb) --- ### Self-hosting hardware A privacy enthusiast's best tool is being able to self-host certain things. There is no single device to self-host, but some ideas are: - A server rack for general self-hosting - A powerful GPU for self-hosting AI - A self-hosted home automation kit --- # Hardware Accessories What is a piece of hardware without a few accessories? Modularity is always a benefit of modern technology. --- ### Camera covers From laptops to webcams to phones, cameras are everywhere. If you don't fully trust the device you use and want some peace of mind, having an accessory to obscure the lenses of your cameras is a good thing to have. There are lots of options here depending on *which* camera you want to cover. Some phone cases even offer a sliding camera cover. --- ### CD/DVD/Blue-ray drives Some CD/DVD/Blue-ray drives can allow you to *preserve* the physical DVDs that you have bought and paid for, that may soon be end-of-life. These devices allow you to read the contents of the disk, and save a digital copy of it for archival purposes. There is no best-option here, so look around to find one that fits. --- ### Data storage devices Data storage devices are useful for many things such as backups, installing operating systems, booting live operating systems, data transfer, and more. The market here is huge and convoluted, so learn about different types of drives, different connectors, different connector versions (such as [USB](https://en.wikipedia.org/wiki/USB)), etc. before making an educated decision. --- ### Hardware security keys Hardware security keys allow your accounts to be locked with a physical form of multi-factor authentication. Many organizations sell these, and some of them even provide open source hardware/software. Here are a few common brands: - [Nitrokey](https://www.nitrokey.com/products/nitrokeys) - [OnlyKey](https://onlykey.io/) - [SoloKeys](https://solokeys.com/) - [YubiKeys](https://www.yubico.com/products/) --- ### Microphone blocker Microphone blockers come in all shapes and sizes, but they all serve the same function: making sure your microphone is not able to hear anything. The effectiveness of some of these are debatable, given that most phones have multiple microphones, but it can be a fun gift nonetheless. --- ### Privacy screen protector Privacy screen protectors are films that you apply over your screens to restrict viewing angles. This means that if someone were to look at your phone while standing next to you, they likely wouldn't be able to see what you're doing. These screen protectors are also available for laptops, smart watches, and other screens. When buying these, make sure of the following: - The screen protector supports fingerprint unlock for relevant devices. - The screen protector actually works well. - The screen protector will actually protect the device as a screen protector. - The screen protector fits correctly for the device you're getting. - The cameras will still work after the screen protector is applied to relevant devices. --- ### Wired headphones Bluetooth can pose a privacy risk, and that is especially true when you need to play sensitive audio. One time I was in a hallway with my Bluetooth earbuds in, connected to my phone but not playing anything, when suddenly I heard a grainy piano song. My phone wasn't playing anything, and eventually the music just cut out. To this day I have no idea how it happened, but it does mean you should be careful with wireless headphones. Wires can be annoying, but being able to fully turn off Bluetooth can give you peace of mind knowing that your audio stays inside the wire. Having high quality wired headphones can be a blessing, and even provide a better listening experience. It's worth looking at many brands, but Google still sells USB-C wired earphones and headphones from a few different brands. Here are a few: [Google Pixel USB-C™ earbuds](https://store.google.com/product/usb_c_earbuds): $30 [AIAIAI Pipe 2.0 USB-C Earphones](https://store.google.com/product/pipe_usb_c_earphones): $40 [AIAIAI Tracks 2.0 Headphones](https://store.google.com/product/tracks_usb_c_headphones): $60 --- # Currency Anonymous payments are growing more and more difficult, so if you aren't sure what to buy, these are well appreciated options. --- ### Cash Cash is one of the most anonymous methods of payment, and can be a privacy enthusiast's gold. Multiple small bills ($1, $5, etc.) are appreciated more than a few large bills ($20, $50, etc.) because many places do not accept cash in large bills. You can also gift some rare or interesting cash, such as $2 bills, half dollars, silver dollars, dollar coins, etc. --- ### Cryptocurrency Getting cryptocurrency, especially anonymously, can be a long and painful process. If you are comfortable setting it up, this is a huge time saver and a great gift. [Monero](https://www.getmonero.org/) is generally considered the most private cryptocurrency, so that's a better choice than other cryptocurrencies. However, [Bitcoin](https://bitcoin.org/en/) is the most popular and most widely accepted, even though it isn't very private. Try to obtain these through anonymous means such as using cash at cryptocurrency ATMs that may be in your city. --- ### Prepaid cards There's usually no option to pay in cash online, but there are ways around this. If you buy gift cards or prepaid VISA cards with cash, it can be almost as anonymous as cash itself. Some good choices may include: - [Amazon Gift Cards](https://www.amazon.com/gift-cards/): Amazon is very hard to use privately, but this can help significantly. - [Google Play Gift Cards](https://play.google/giftcards/): Google Play is one of the most secure ways of installing apps, but not all of them are free. Google Play gift cards can allow you to pay for apps anonymously, so you can maintain your security. - [Visa Prepaid Card](https://usa.visa.com/pay-with-visa/cards/prepaid-cards.html): This is a catch-all solution for when there's no specific gift card available. --- # Physical Items As with hardware, not everything needs to be digital. There are plenty of items that are cheaper and good for almost anyone. --- ### Books eBooks are a marvel, but they come with complications. Sometimes the formatting isn't right, sometimes you can't get them anonymously, and you need a device to even view it. If the digital apocalypse ever happens, the only way to access information will be through books. No ads, no eye strain. A good privacy related book you could buy is [Michael Bazzell's Extreme Privacy: What It Takes to Disappear](https://inteltechniques.com/book7.html) --- ### Calendar Digital calendars can be convenient, but not always safe. Anything digital can risk being remotely accessed or spied on. Having a physical calendar means you can have the benefits of a calendar, without the need for a digital device. Plus, it comes with pictures that you get to pick. --- ### DVDs Best paired with a DVD ripper, having physical copies of movies and games means no company can take it away from you with the push of a button. You have no ads, use no internet, no subscriptions, and have full quality. --- ### Faraday bags Faraday bags and pouches are containers for your devices that block all incoming and outgoing signals. That means anything that goes inside of it will have no Wi-Fi, Bluetooth, cellular, NFC, etc. This is useful if you want to make sure your device isn't phoning home. This is an item that you may want to spend extra on, because lower quality ones can still leak radio signals. --- ### Merchandise Privacy themed merchandise can be a good way to show that you care about privacy and to help spread it. You can find privacy merch anywhere, but NBTV (a privacy YouTuber) has a good selection of products: https://shop.nbtv.media/en-usd/ [Monerochan](https://monero.town/c/monerochan) my beloved --- ### Notebooks Having everything in a digital notes app can be nice or convenient, but I much prefer to write a lot of things down in a physical notebook. From diaries to sketches, it's nice to take a break from your digital life to jot down some ideas, privately. --- ### Paper shredder When you have sensitive documents that you need discarded, one of the best ways is a paper shredder. If you buy one of these, the best ones are ones that dice the paper or burn it entirely. Even those small squares can be pieced together again. --- ### Safes and lockboxes Speaking of sensitive documents, where do you store those? A good place to store sensitive documents is in a safe or a lockbox. From government documents to your best ideas, they deserve to stay (in a) safe. It's good to make sure you buy a fireproof safe, just in case [Fahrenheit 451](https://en.wikipedia.org/wiki/Fahrenheit_451) becomes more of a reality. --- ### Surveillance camera jackets As the looming threat of widespread AI surveillance comes closer, defenses against them grow stronger. Generally, you have two options: - A jacket that [fights AI recognition](https://petapixel.com/2022/11/21/real-life-invisibility-cloak-stops-ai-cameras-from-recognizing-people/) - A jacket that [blinds cameras entirely](https://www.macpierce.com/the-camera-shy-hoodie) These can be expensive and hard to find, but the best way to fight surveillance. --- # Ending notes Thank you all for reading this! I hope it helps you find a gift for a privacy enthusiast you can't think of a gift idea for. You don't have to buy the exact things listed here, but it gives you a general outline with ideas. I know there are some great gift ideas I missed here, so please leave them in the comments to help out others! Merry Christmas, Happy Hanuka, and have a nice day! \- The 8232 Project

Nobody on my post [asking for controversial privacy topics](https://lemmy.ml/post/22764288) asked this question, but I feel I should cover it anyways. People sometimes assume that software is safe simply because it is open source. That is a misconception, and I would like to cover that in this post. # What does "open source" mean? When software is "open source," it means that the developers have made the source code for the software public and allows anyone to help contribute to the code, or create their own versions of the software based on the source code. By contrast, proprietary software is software that has not made the source code visible to the public. There are similar terms to open source, such as "source-available," "open-core," and "libre," which I won't cover in this post. For the sake of simplicity, any source-available software will be called "open source," since the specifics don't quite matter for the majority of this post. # What are the benefits open source software? Open source software provides many benefits over proprietary software: **Code auditing:** Because anyone can inspect the code, anybody can look for vulnerabilities or invasive code to make sure that the software is safe. With proprietary software, the developers would have to hire a third party auditor to inspect the code. That means you have to trust the auditor, and you have no way to verify first-hand that the code is safe. **Bug reporting:** While both open source and proprietary software have bug reporting systems, open source software tends to have more thorough and transparent bug reporting. Bug reports are generally on a public issue tracker such as GitHub, which can also help prevent duplicate bugs from being reported. Having these reports public also makes the next benefit easier: **Bug fixing:** Anyone can contribute to open source software, which means the workload is distributed. Instead of a small team of developers being the only ones working on the software, anyone can look at the public issues and code their own fixes for the software. **Resurrecting projects:** Both open source and proprietary software can one day stop being developed. Even big companies such as Spotify can [retire software](https://en.wikipedia.org/wiki/Car_Thing), which can lead to hardware devices becoming unusable or insecure. (The code for Car Thing has been [reconstructed](https://github.com/merlin04/superbird-webapp), by the way.) Open source projects that fall out of development can easily be forked and maintained by a new developer. It's rare to see proprietary software handed off to a new owner. **Accountability:** Open source projects hold the developers directly accountable for any vulnerabilities or invasive code, meaning the developer's interests are aligned with its users and not malicious purposes. This also incentivizes creating code without paywalls, since anyone could release a version of the code with the paid features "unlocked". However, even with all these benefits, open source software isn't perfect. # Why has proprietary software become so popular? Since ads and paywalls can generally be removed from open source software, it doesn't make it a very appealing choice to for-profit organizations. Generally, these organizations want to monetize and control their software, which means injecting ads, paywalls, and other invasive elements. This is done most easily if the software is proprietary. It's also rare to see open source software becoming so popular, because generally open source software receives its funding from donations and doesn't have the budget to advertise the software. There are exceptions, such as [OBS Studio](https://obsproject.com/) or [Blender](https://www.blender.org/), which have mostly become the most popular software in their categories. # Is open source software safe? There is another downside to open source software that many people don't talk about: it is much easier to exploit than proprietary software. Because all the source code is visible to the public, it makes it easy for malicious parties to craft vulnerabilities. Proprietary software is generally a stab in the dark until a vulnerability is found, since you can't see exactly how it was coded. Software being open source does mean that it becomes more likely to find and fix vulnerabilities, but being open source doesn't automatically make software safe. Which device do you think would be more likely to obtain a virus, a device running (stock) Android or a device running iOS? You're most likely more inclined to say the device running (stock) Android is more likely. Android at its core is [open source](https://source.android.com/). While correlation is not causation, and there are other factors at play, it's much easier for someone to try to craft a malicious app for Android than for iOS because of its open nature. Proprietary software isn't automatically safe, either. It can be just as vulnerable as any other software. However, open source software has the potential to become much more secure than proprietary software, simply because more people can find and fix vulnerabilities. That's probably why Apple open sourced their [Private Cloud Compute](https://github.com/apple/security-pcc) code before launching a [bounty program](https://security.apple.com/blog/pcc-security-research/) for it. Anyone can code malicious open source software. It's riskier, since it's more likely to be noticed, but it's still possible. Microsoft could open source Windows one day, and it wouldn't make it any more safe until somebody identified and fixed the issues. Open source software doesn't automatically make something private or secure, but it does provide *integrity*, because the developer is showing that they will be accountable for any malicious or vulnerable code, and that anyone is free to look through the code. # Final notes I hope this gives you a better idea of what it actually means if something is open source. Even unsafe proprietary software can be run safely under the right conditions. If your threat model requires you to use as much open source software as possible, I made my own list of open source software called [Open Source Everything](https://github.com/An-anonymous-coder/Open-Source-Everything) that you can look through. I hope you enjoyed reading this! \- The 8232 Project

In my post on why [mass surveillance is not normal](https://lemmy.ml/post/20561931), I referenced how the Wikipedia page for the [Nothing to hide argument](https://en.wikipedia.org/wiki/Nothing_to_hide_argument) labels the argument as a "logical fallacy." On October 19th, user [Gratecznik](https://en.wikipedia.org/wiki/Special:CentralAuth?target=Gratecznik) edited the Wikipedia page to [remove the "logical fallacy" text](https://en.wikipedia.org/w/index.php?title=Nothing_to_hide_argument&oldid=1252045004). I am here to prove that the "Nothing to hide" argument is indeed a logical fallacy and go through some arguments against it. The "Nothing to hide" argument is an intuitive but misleading argument, stating that if a person has done nothing unethical, unlawful, immoral, etc., then there is no reason to hide any of their actions or information. However, this argument has been well covered already and debunked many times (here is [one example](https://spreadprivacy.com/three-reasons-why-the-nothing-to-hide-argument-is-flawed/)). Besides the cost of what it takes for someone to never hide anything, there are many reasons why a person may not want to share information about themselves, even if no misconduct has taken place. The "Nothing to hide" argument intuitively (but not explicitly) assumes that those whom you share your information with will handle it with care and not falsely use it against you. Unfortunately, that is not how it currently works in the real world. You don't get to make the rules on what is and is not deemed unlawful. Something you do may be ethical or moral, but unlawful and could cost you if you aren't able to hide those actions. For example, whistleblowers try to expose government misconduct. That is an ethical and moral goal, but it does not align with government interests. Therefor, if the whistleblower is not able to hide their actions, they will have reason to fear the government or other parties. The whistleblower has something to hide, even though it is not unethical or immoral. You are likely not a whistleblower, so you have nothing to hide, right? As stated before, you don't get to make the rules on what is and is not deemed unlawful. Anything you say or do could be used against you. Having a certain religion or viewpoint may be legal now, but if one day those become outlawed, you will have wished you hid it. Just because you have nothing to hide doesn't mean it is justified to share everything. Privacy is a basic human right (at least until [someone edits Wikipedia to say otherwise](https://en.wikipedia.org/wiki/Right_to_privacy)), so you shouldn't be forced to trust whoever just because you have nothing to hide. For completeness, here is a proof that the "Nothing to hide" argument is a [logical fallacy](https://en.wikipedia.org/wiki/Formal_fallacy) by using [propositional calculus](https://en.wikipedia.org/wiki/Propositional_calculus): Let `p` be the proposition "I have nothing to hide" Let `q` be the proposition "I should not be concerned about surveillance" You can represent the "Nothing to hide" argument as follows: `p → q` I will be providing a proof by counterexample. Suppose `p` is true, but `q` is false (i.e. "I have nothing to hide" and "I am concerned about surveillance"): `p ∧ ¬q` Someone may have nothing to hide, but still be concerned about the state of surveillance. Since that is a viable scenario, we can conclude that the "Nothing to hide" argument is invalid (a logical fallacy). I know someone is going to try to rip that proof apart. If anyone is an editor on Wikipedia, please [revert the edit](https://en.wikipedia.org/w/index.php?title=Nothing_to_hide_argument&action=edit&undoafter=1223324525&undo=1252045004) that removed the "logical fallacy" text, as it provides a very easy and direct way for people to cite that the "Nothing to hide" argument is false. Thanks for reading! \- The 8232 Project

# Introduction 8 days ago I made [this post](https://lemmy.ml/post/22764288) asking for the most controversial privacy topics. My [first post](https://lemmy.ml/post/22784969) answering a controversial question got so few upvotes that it was almost my worst post to date. I don't do these for upvotes, though. I do them for fun :) So, with that, here is the second post demystifying some controversial privacy topics. [@TranquilTurbulence@lemmy.zip](https://lemmy.zip/u/TranquilTurbulence) [asked](https://lemmy.ml/post/22764288/15111932) "VPN: essential or snake oil?" I try to avoid topics that have been thoroughly answered multiple times, or has such a direct answer that it would be too short to make a post about. This topic is a bit of both, but worth writing anyway, because I do have my own insights. Some people [didn't like](https://lemmy.ml/post/22784969/15120427) that I break the main question down into multiple sub questions. It is valid criticism, but it's my style of writing, so I will stick to what I'm good at. # What does a VPN do? A Virtual Private Network (abbreviated "VPN") is a way of proxying your internet traffic through a third party. There are many reasons why you would want this: **Hiding your IP address:** VPNs will replace your IP address with a random IP address assigned by the VPN provider. IP addresses are unique to your router, meaning you can be uniquely identified. IP addresses are usually static, meaning it never changes, but sometimes your ISP may assign you a dynamic IP address, which will change every few months or so. If you open up ports on your router (for various purposes), it can leave your network vulnerable to certain attacks as long as the attackers know your public IP address. **Hiding your location:** Your IP address can narrow your location down to the city you live in. In some cases, such as shared Wi-Fi (like on a college campus) or public Wi-Fi, the IP address can be more easily identified to the specific block or building you are in. Any internet connection made can see your IP address, and can automatically use that to attempt to locate you. **Encrypting your traffic:** VPNs can allow your traffic to be encrypted, so that your ISP or other people connected to the same network can't see which sites you visit or (in some cases) what data is sent. The reasons why this is important are too long to list, but you can work it out on your own. **Network based ad blocking:** Some VPN providers allow you to block ads before they even reach your device, which can increase your loading times and save you data on metered connections. This can be achieved without a VPN through your own DNS filters, but it is a feature of VPNs too. **Access blocked content:** VPNs can be used as a way to bypass censorship if your network regulates your traffic (such as at an office or school). A VPN can bypass these restrictions, allowing you to access content freely. **Accessing region-specific content:** Content on streaming services such as Netflix, video sharing sites such as YouTube, or many other services may restrict what content is available to you based on your country. A VPN can allow you to bypass these restrictions in some cases. Those can all be ways to enhance your privacy, security, anonymity, and freedom while browsing the internet. VPNs do come with some downsides, though. # What are the downsides of using a VPN? When you browse the internet without a VPN, you are placing your trust in your ISP or cellular provider to uphold your privacy, and placing trust in the network devices such as your router to uphold your security. In practice, that is almost never the case. Using a VPN doesn't automatically make it more trustworthy, but it does place that trust in the hands of your VPN provider instead. Some VPN providers are more trustworthy than others, but there are good options to choose from. You still have to trust an entity to uphold your privacy and security, but VPNs can be a much better place to keep that trust. Not everyone may want to use a VPN though. Besides distrust, VPNs have other downsides. VPNs will slow down your internet speeds, may block certain functions such as torrenting, and may incriminate you in some countries. Ultimately, the choice to use a VPN is yours. If you believe the upsides outweigh the downsides, then a VPN is a good tool to have. If your threat model requires anything a VPN provides, it's an essential tool. Some functions of a VPN can be achieved through careful setup of a DNS and elite anonymity proxy, but VPNs will always be the easiest option. # Which VPN providers are the best? There are currently 3 top VPN providers for privacy. All of them are open source, and all of them have their pros and cons. I haven't listed every feature for each, but here are the notable differences: ### [Proton VPN](https://protonvpn.com/) Proton VPN provides a free tier VPN with some functionality limited, as well as a premium tier if you have a Proton subscription. If you already have a Proton subscription already, and don't mind putting all your eggs in one basket, Proton VPN is a good option. ### [Mullvad VPN](https://mullvad.net/en/vpn) Mullvad VPN is probably the most private VPN available. It is only paid, but it allows you to pay any way you want, including cash and cryptocurrencies. No signup is required, because you are given a randomly generated account number for payment. You can regenerate the number at any time. ### [IVPN](https://www.ivpn.net/en/) IVPN is unique and relatively unknown. The main benefit I see is that it is the only VPN of these three that is available on [Accrescent](https://accrescent.app/) for Android, allowing you to have extra confidence in the integrity of the app. Eventually Mullvad VPN and Proton VPN will be available on Accrescent. These VPNs will uphold your privacy and security, and won't log your internet traffic. VPNs in the past have been used to aide law enforcement by handing over those logs, so it is good that these don't. # Conclusion VPNs can be an essential tool if you need them, and there are options that respect your privacy. Always be aware of the risks, no matter how trustworthy a VPN provider may be. Thank you for reading! \- The 8232 Project

[@Zagorath@aussie.zone](https://aussie.zone/u/Zagorath) [wanted to know](https://lemmy.ml/post/22764288/15110218), should you expect privacy in public places? Before I answer that, I would like to give my genuine thanks to everyone who responded in my [previous post](https://lemmy.ml/post/22764288) where I asked you for some controversial privacy topics. You did not disappoint, and I'm glad I will be able to cover them! This question is a bit complex, depending on how you ask it. The answer also largely depends on what you believe. If you believe that privacy is a fundamental right, then privacy should be expected no matter where you go. If the question is "Can you expect privacy..." versus "Should there be privacy...", the answer changes dramatically. # Is there currently privacy in public spaces? In many places, there is little to no privacy when you walk out the door. With Ring doorbells latching on to every home like a parasite, or security cameras clinging to the ceiling of every store you walk inside, surveillance is everywhere. This section won't cover whether or not surveillance is moral/ethical/justified, but either way surveillance infringes on privacy. Even with no surveillance cameras, Sarah-from-down-the-street is always on a video call with her bestie. Saying "privacy in public" is a bit of an oxymoron, since no matter what you will always give up a little privacy the moment you walk out the door. Things you do privately in the bathroom are simply not allowed in public places. # Should there be more privacy in public spaces? Now may be a good time to clear up a common misconception. What is privacy? Privacy does *not* mean obscuring every detail of your life. Privacy is the **ability** or **choice** to share or hide information about yourself. That is why surveillance cameras infringe on privacy: You have no control over what they record, who has access to those recordings, and what those recordings will be used for. That sort of answers the question, too. If you believe privacy is a fundamental right, then there should be an expectation of privacy in public spaces, and so a reform needs to happen. # What are the real effects of privacy in public spaces? People act differently when they know they are being surveilled. See the [Panopticon](https://en.wikipedia.org/wiki/Panopticon) for an experiment about that. It has negative effects, whether people realize or not. [@Sauerkraut@discuss.tchncs.de](https://discuss.tchncs.de/u/Sauerkraut) [told a story](https://lemmy.ml/post/20561931/13849045) that I particularly love: "Just last week, my partner and I were on a long hike. No one was around us so to loosen our muscles we started dancing like goofballs on the trail only to look up and find a drone hovering in the shadows recording us. I was embarrassed, but my partner is a very private person and was really upset. [...]" When they expected to be in a secluded, private space, they freely expressed themselves. The moment they realized that someone had been watching, they became embarrassed or upset, like a switch had flipped. That is the real affect surveillance has on us. We express ourselves less freely, we conform to rules without question out of fear. Surveillance becomes a form of oppression on a wide scale. I even have my own anecdote. I once took a trip to a small town. When I got there, I subconsciously looked around for security cameras. I do that to gauge how much privacy I currently have. I then noticed that I couldn't see any obvious security cameras. I stopped and looked around harder. **The town had not a single security camera in sight.** I have almost no way to describe the sense of calm and relaxation that washed over me. It felt like someone giving you a massage after being stressed all week, or finally being honest with everyone about a secret you've been keeping. It was such a nice feeling to walk around a town privately. # Why do we have surveillance? The main justification for these surveillance measures is to prevent crime. It makes sense intuitively, if you have an eye on every corner you can catch any criminal easily. However, it ignores one massive flaw: criminals will always find a way to do things privately. If you make privacy illegal, it doesn't change anything, because criminals won't follow the law anyways. I have my own quote about this, that I love very much: “Unjust laws only burden the just, as the lawless will not heed them.” Removing privacy only hurts the people who will follow and abide by the rules. You're removing the privacy of the good people, while the criminals will program "illegal" software to achieve privacy. Giving privacy to everyone means that, yes, it makes criminals' jobs easier, but it means we can shift to actually *solving the problems that cause the crimes in the first place*. "The best way to conquer bad ideas is with better ideas, not by suppressing ideas." - [Naomi Brockwell](https://youtu.be/wcKtnnzsQGk) "The optimal crime rate is not zero. We can't burn down the entire world just to stop somebody from stealing a pack of gum. The cost is too high. There is a percentage of crime that is going to exist. It's not ideal, but it is optimal." - [Nick](https://youtu.be/C0CyuDEuLsE) We need privacy for a free society. Surveillance is not the answer for fighting crime. There are ways to combat crime without infringing on privacy. # Is blurring your house on the map unreasonable? This question is another one brought up by [@Zagorath@aussie.zone](https://aussie.zone/u/Zagorath). Blurring your house is a way to achieve some privacy, and in that scope, it is good to do. However, as [@RiderExMachina@lemmy.ml](https://lemmy.ml/u/RiderExMachina) [points out](https://lemmy.ml/post/22764288/15110662), it could cause someone to do the opposite and start looking closer into why your house is blurred. That's called the [Streisand effect](https://en.wikipedia.org/wiki/Streisand_effect). Site note: I find it hilarious why the Streisand effect is named how it is. The story goes that Barbra Streisand tried to hide her place of residence by suppressing a photograph that had made it to the public. That, of course, had the opposite effect, drawing more attention to the photograph and her residence. Then, even *more* attention was drawn, because the Streisand effect got named after her and the very same image is now plastered on Wikipedia. Unfortunately, blurring your house on the map doesn't provide much privacy, since the organization who photographed it still has a clear picture of it. It doesn't stop the surveillance. It's not unreasonable to blur it, though. You should still *want* privacy against the Streisand effect. The best solution would be a *quiet* legal take down of the images altogether. I have another story to go along with this. I got a job, and it was later revealed in conversation to me and my coworkers that our boss likes to look up everybody's address on Google Street View. Everyone was uncomfortable with that, but our boss saw no issue with it. This is a legitimate case where blurring your house is a good idea. Sure, people may try to ask you why it's blurred, or try to look up pictures on other sites like housing retail, but it still prevents (frankly, creepy) bosses from snooping at your home. # Conclusion Privacy is a fundamental part of our lives, and surveillance infringes on that. We should all do our part to gain what privacy we can, because every bit of privacy you gain now is freedom you will have in the future. This was a lot of fun to write, and I thank [@Zagorath@aussie.zone](https://aussie.zone/u/Zagorath) and all of you for your suggestions. I will continue to tackle each of the topics asked in the previous post one by one. Thank you for reading! \- The 8232 Project

If you don't know me, I make frequent write ups about privacy and security. I've covered some controversial topics in the past, such as [whether or not Chromium is more secure than Firefox](https://lemmy.ml/post/21887275). Well, I will try my hand again at taking a look at some controversial topics. I need ideas, though. So far, I would like to cover the controversy about Brave, controversy around Monero and other cryptocurrencies, and controversy around AI. These will be far easier to research and manage than Chromium vs. Firefox, for example. I'd like to know which ideas you have! Which controversial privacy topics do you know of that you would like to see covered? #### PLEASE DO NOT ARGUE ABOUT THEM IN THE COMMENTS! Please save any debate for if/when I make a write up about the topic. Keep the comments clean, and simply upvote ideas you would like to see covered. I won't be able to cover everything, so it helps bring attention! Above all else, be kind, even if you don't agree with an idea or topic :)

I made [this post](https://lemmy.ml/post/21887275), outlining my verdict about whether or not Chromium is more secure than Firefox. At the very end of the post, I noted "GrapheneOS did not respond to my requests for a comment." Well, after weeks with no reply, they finally responded. I don't plan to do any more research about this topic, but this information is still incredibly valuable. Keep in mind the questions I asked the GrapheneOS team were created before I had done much research about the topic. Here are the questions and GrapheneOS's replies: ##### Does Firefox have isolation between tabs? incomplete ##### Is Firefox's implementation of tab isolation as secure as Chromium's? no, it's incomplete and their sandbox is significantly weaker across all platforms, but it varies based on platform ##### Firefox uses Fission to isolate embedded content from the main website. Is Fission used for tab isolation as well? it's incomplete ##### Is Fission the main cause of concern about Firefox's security? there are many ways in which it's less secure than Chromium, but the weak sandbox particularly that's entirely not implemented on Android is one of the main issues ##### Are there other reasons why Chromium is more secure than Firefox, besides Fission? Chromium uses full garbage collection for a lot of the C++ objects, has much more hardened memory allocators for native allocation, has the V8 sandbox as another layer of security missing in Firefox before the OS sandbox, has much more fuzzing, auditing, etc. and much more modern exploit mitigations implemented too Firefox is far behind in nearly every way and laid off a lot of their security people ##### Isolation of embedded content is important to prevent Spectre and Meltdown exploits, but is this actually something that an everyday user will be majorly affected by? It seems that, unless you are logging in through embedded content, there is far less risk associated with this from an everyday standpoint. Again, more security is obviously better, but is this as big of an issue as it's made out to be? yes it impacts users because browser vulnerabilities are widely exploited in the wild and the OS sandbox is one of the main defenses against it, as is the V8 sandbox feature entirely missing in Firefox Google heavily monitors for browser exploits and catches a lot of it happening in the wild Mozilla / Firefox has little visibility into it therefore, it's much more widely reported for Chrome but does not mean it isn't happening with Firefox regularly ##### Is Firefox less secure on Linux (besides Qubes, Tails, etc.) than other desktop operating systems? Tails is not a hardened OS at all, that's a misconception about it, and it has nearly all the problems of desktop Linux Firefox on desktop Linux has weaker sandboxing than elsewhere on Android they haven't even implemented a content sandbox, although the OS provides an app sandbox around it as a whole but that's not the same thing ##### In which ways are Fission less secure than Chromium's Site Isolation? it's not even completed yet, the issue is still open since not everything is isolated yet and there are known ways out ##### Does Brave provide the same privacy against fingerprinting as the Tor Browser? Tor Browser's anti-fingerprinting is greatly overestimated and does not really work with JavaScript enabled, which it is for most users Brave's is not strictly better or worse neither anti-fingerprinting approach works well ##### Could you provide good resources for my article about the state of Firefox security on Android? no, but it is awful, they don't even implement any content sandbox let alone site isolation, and have almost no exploit mitigations or anything implemented ##### Would it be easy for a developer to create a fork of Firefox for Android that uses isolatedProcess? no, but it's easy for them to do it relative to doing it elsewhere ##### Would using isolatedProcess in Firefox fix isolation issues? If not, what would still need done? no, but it would allow them to provide a content sandbox on Android and partial site isolation to the extent they implement it overall ##### Is there tab isolation for Firefox on Android? Is this as secure as Chromium's? there's an incomplete implementation, and no, it's not nearly as secure aside from being incomplete

[Loops](https://loops.video/) is a federated alternative to TikTok created by [Pixelfed](https://pixelfed.org/). Once it first came out, users were able to sign up for early access. Confirmation emails weren't sent right away, but [today they announced](https://pixelfed.social/p/loops/757934214441611238) that emails were being sent out, and registration is now closed. I got a confirmation email today, attached in the image. I will be loosely documenting my experience, and may (no promises) make a writeup about it. [Wiz Khalifa would be proud](https://youtu.be/7SHAKi8l7Ls)

Happy Halloween! Tails released a small update, but it's nice to see that the software in Tails is getting updated more frequently! Here are the major changes: * Update *Tor Browser* to [14.0.1](https://blog.torproject.org/new-release-tor-browser-1401/). * Update the *Tor* client to 0.4.8.13. * Update *Thunderbird* to [115.16.0](https://www.thunderbird.net/en-US/thunderbird/115.16.0esr/releasenotes/). * Fix automatic upgrades aborting with the error message `"The upgrade could not be downloaded"` even after a successful download. ([#20593](https://gitlab.tails.boum.org/tails/tails/-/issues/20593)) Alternative link: https://tails.net/news/version_6.9/

# Introduction Many years ago, when I was first getting into privacy and security, I wanted to see how long passwords should be in order to be secure from brute forcing. There are plenty of [password strength testers](https://bitwarden.com/password-strength/#Password-Strength-Testing-Tool) already, but I wasn't sure if they accounted for the increase of cracking speeds over time. Then, the idea came to me: What is the maximum speed for a password cracker? # The Planck Cruncher The Planck Cruncher is a theoretical supercomputer, designed to crack passwords as fast as the laws of physics will allow. Here is how it is constructed: Imagine a little computer that can fit in the smallest possible space in the universe: a cubic [Planck length](https://simple.wikipedia.org/wiki/Planck_length). This little computer is able to test one password every [Planck time](https://simple.wikipedia.org/wiki/Planck_time), the shortest possible unit of time. Now, fill every cubic Planck length in the [observable universe](https://en.wikipedia.org/wiki/Observable_universe) with these little computers, all testing passwords at the same time, and you have constructed the Planck Cruncher! I should note here: of course this is impossible to create. This is just a fun idea I had, to test the theoretical security of passwords. Don't take it too seriously. # How fast is it? First, you need to calculate how many of those little computers can fit inside the observable universe. The diameter of the observable universe is estimated to be 8.8×10\^26 meters in diameter. To calculate the cubic volume of the observable universe, you can use the equation for the volume of a sphere: 4/3\*πr\^3 A sphere 8.8×10\^26 meters in diameter has a radius of 4.4×10\^26 meters. Substitute that into the equation to get 4/3\*π\*(4.4×10\^26)\^3 which equals 3.6×10\^80 cubic meters in volume. A Planck length is approximately equal to 1.616255×10\^(-35) meters. That means a cubic Planck length would have an area of 4.222111×10\^(-105) cubic meters. Divide the volume of the observable universe by the area of a cubic Planck length, and you get how many little computers make up the Planck cruncher: (3.6×10\^80)/(4.222111×10\^(-105)) which is approximately 8.52654×10\^184 little computers. This is the exact number (rounded up): 85265403964983393378336097748259105456962168924502458604238495861430455049618543899011655543873668882698725826961915496774007125819288029139925501721769039231796606010595173836026575332 Next, you have to find out how many Planck times are in a second. A Planck time is approximately equal to 5.391247×10\^(−44) seconds. To find how many Planck times are in a second, you simply take the inverse of that to get: 1/(5.391247×10\^(−44)) which is approximately equal to 1.854858×10\^43 Planck times in a second. If you multiply the number of little computers in the Planck Cruncher by the number of Planck times in a second, you find out how many passwords the Planck Cruncher can test every second: (8.52654×10\^184)\*(1.854858×10\^43) is approximately 1.581553×10\^228 passwords tested every second. The exact number is below (rounded up): 1581552541832778082294061053931661922686201706664570527082852925518538754570483301896790400140703419500140242637035837845567215262429787192831741927642510892782256238873773986538301349050212882962091805863577761872814550820473182 The complete equation is this:  # How secure are passwords against it? Since you know how many passwords the Planck Cruncher can test in a second, you can calculate how secure a password must be to fend it off for, say, 100 years. There are 95 [printable characters](https://en.wikipedia.org/wiki/ASCII#Printable_characters) on a standard [QWERTY keyboard](https://en.wikipedia.org/wiki/QWERTY). If you make each character of your password a randomly selected character from the 95 printable characters, you can calculate the number of possible combinations for your password using the equation 95\^length where *length* is the length of your password. I will refer to this as the "complexity" of the password. With that, you can calculate the [bits of entropy](https://en.wikipedia.org/wiki/Entropy_(information_theory)) of the password by using the equation log2(combinations) where *combinations* is number of possible combinations for your password. For simplicity, I will be referring to the strength of passwords by their bits of entropy. The unit used to represent entropy is the [shannon unit](https://en.wikipedia.org/wiki/Shannon_(unit)), denoted as "Sh". To calculate how many seconds it would take to crack a password, you divide the password complexity by the speed of the Planck cruncher. For example: An 8 character password has a complexity of 95\^8, or approximately 6.6342×10\^15. That password has an entropy of log2(6.6342×10\^15), or approximately 52.56 Sh. To crack the password, assuming it was the very last password tested, the Planck cruncher would take 4.1947×10\^(-213) seconds. That is orders of magnitude shorter than a Planck time itself. So, how many bits of entropy is secure against the Planck Cruncher? If you wanted a password that is strong enough to keep the Planck Cruncher at bay for 100 years, the password would need an entropy of approximately 789.66 Sh. The password would be 121 characters in length (rounded up). A [passphrase](https://en.wikipedia.org/wiki/Passphrase) with the same entropy (assuming 7,776 words are in the wordlist, from the [EFF Large Wordlist for Passphrases](https://www.eff.org/document/passphrase-wordlists)) would have 62 words (rounded up). # Conclusion Obviously if the the universe is (literally) against you, you have bigger problems than a password protecting your sensitive data. This was just a fun thought experiment to see what the upper limit of password cracking is. It's interesting to see how a 1024 bit key would be resistant against even the fastest theoretical supercomputer for over a [vigintillion](https://en.wikipedia.org/wiki/Names_of_large_numbers) years (assuming it has no other weaknesses). I hope you had as much fun reading this as I did writing it. Be sure to use strong passwords, and use a [password manager](https://en.wikipedia.org/wiki/Password_manager).

Two weeks ago, I made [this post](https://lemmy.ml/post/21367269). The goal was simple: I wanted to dig into the details of Chromium and Firefox to see if the claims that Chromium is more secure than Firefox are true or not. You'll notice I also started turning that post into an update log, but only one update got released. There is a reason for that. Life suddenly got extremely busy for me, I could barely make time to continue researching. However, during that time, I spent a *lot* of time thinking about the issue. I tried breaking down the problem in a million different ways to find a way to simplify it and start from the ground up. I came to a conclusion today, a realization. I have no way to put this gently: I cannot conclusively determine which one is more secure. This will upset many of you, and it upsets me too considering I maintain [my own list of software](https://gitlab.com/an-anonymous-coder1/Open-Source-Everything) that relies on only providing the most secure and private versions of some software. I need to explain why there cannot be a solid conclusion. I managed to collect many sources to be used for the research. A lot of the information is parroting [this article](https://madaidans-insecurities.github.io/firefox-chromium.html) which, despite having many sources, fails to provide sources for some of the most crucial claims made there ("Fission in its current state is not as mature as Chromium's site isolation" has no source, for example). My favorite source is [this Stanford paper](https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf) which I think does a great job at tackling the problem. The problem I noticed is that a *lot* of privacy advice is given from an echo chamber. Think about what privacy advice you like to give, and think about where you heard that. A YouTube video? Reddit? Lemmy? [Naomi Brockwell](https://www.youtube.com/channel/UCSuHzQ3GrHSzoBbwrIq3LLA) gives a lot of advice that stems directly from [Michael Bazzell's Extreme Privacy book](https://inteltechniques.com/book7.html), as I found out after reading it. Her videos about [convincing people to use Signal](https://youtu.be/WrNHmp9i9eU) are paraphrased passages from the book itself, which has a whole section about it. People touting Chromium as more secure than Firefox, or that the Play Store is a more secure option than F-Droid or Aurora Store, often get their information [from GrapheneOS](https://discuss.grapheneos.org/d/16105-michael-bazzel-recommends-f-droid-and-aurora-store-insecure/18). I've never seen anyone research those in depth. The point I'm trying to make is that a lot of privacy advice is [circular reporting](https://en.wikipedia.org/wiki/Circular_reporting). I'm certain that if Michael Bazzell and GrapheneOS were to provide sources as to where they got their information (they rarely do, I checked) it would come to light that it boils down to a few real sources. GrapheneOS, no doubt, likely has inspected at least some part of the Firefox codebase, but Firefox is rapidly changing, so any sources that used to be true may not be true today. [FUTO Keyboard](https://keyboard.futo.org/) and [GrayJay](https://grayjay.app/) get recommended often because of [Louis Rossmann](https://youtu.be/GYX92lLpZ20), but [HeliBoard](https://github.com/Helium314/HeliBoard) and [FreeTube](https://freetubeapp.io/) (or [NewPipe](https://newpipe.net/)) were options long before those pieces of software. The reason the former became so recommended over the latter is simply because people used a popular figure, Louis Rossmann, as a primary source. It then became an echo chamber of recommendations and best practices. That doesn't mean the claims of Chromium being more secure are false, but as a researcher it is very hard to credit something that doesn't provide any primary sources. In the eyes of a researcher, GrapheneOS's word holds just as much weight as a random internet user, without any proof. I see it play out like this: A source like GrapheneOS or Extreme Privacy makes a claim, secondary sources such as GrapheneOS users or Naomi Brockwell present this information without providing the sources, the general privacy community sees both, and begin giving the same recommendations on Reddit or Lemmy (sometimes with sources), and eventually the privacy community as a whole starts presenting that information, without any primary sources. Even if GrapheneOS, Extreme Privacy, or Louis Rossmann provided no research or direct comparisons, their word is taken without question and becomes the overarching recommendations in the privacy community. They each gained credibility in their own ways, but there should always be scrutiny when making a claim, no matter how credible. The main reason why I cannot give a concrete conclusion is this: the focus on the article was to compare Chromium's Site Isolation to Firefox's implementation, however there are too many variables at play. Chromium may be more secure on one Linux distro than another. [Debian is an example](https://tracker.debian.org/pkg/chromium). Firefox supposedly has worse site isolation on Linux, but then how does [Tails](https://tails.net/) deal with that? It's based on Debian, so does that make it insecure for both browsers? Tor is based on [Firefox ESR](https://support.mozilla.org/en-US/kb/switch-to-firefox-extended-support-release-esr), which is an extended support release with less security, but Tor is also deemed a better option than Chromium browsers for anonymity. Isolating iframes doesn't really affect daily use, so is it really necessary to shame Firefox for that? Some variants of Firefox harden the browser for security, but some variants of Chromium (such as [Brave Browser](https://brave.com/download/)) try to enhance privacy. No matter what limits I set, how many operating systems or browser variants I set, there is no way to quantify which one is more secure. "Is Chromium more secure? Yes, under XYZ conditions, with ABC variants, on IJK operating systems. Chromium variants XYZ are good for privacy, but ABC Firefox variants are better at privacy..." The article would be a mess. The idea for the article came because I was truly sick of the lack of true in-depth sources about the matter, and so I wanted to create that. I now realize it was a goal that is far too ambitious for me, or even a small group of people. Tor and Brave give different approaches to fingerprinting protection (blending in vs. randomizing), and there's no way to directly compare the two. The same goes for the security of each. There is no "Tails" for Chromium, but there is no "Vanadium" for Firefox. There's no one to one comparison for the code, because some of it is outside of the browser itself. I regret making that initial post, because it set unrealistic expectations. It focused on a problem that can't tell the whole picture, and then promised to tell that whole picture. At a point, it comes down to threat model. Do you really need to squeeze out that extra privacy or security? Is someone going to go through that much effort? You know how to spot [dark patterns](https://en.wikipedia.org/wiki/Dark_pattern), you know not to use privacy invasive platforms. Take a reality check. Both Chromium and Firefox are better than any proprietary alternatives, that's a fact. Don't bother trying to find the "perfect" Linux distro or browser for privacy and security, because you already don't use Windows. Privacy is a spectrum, and as long as you at least take some steps towards that, you've already done plenty. Be careful next time you hear a software recommendation or a best practice. Be careful next time you *recommend* software or a best practice. Always think about where you heard that, and do your own research. There are some problems that are impossible or infeasible to solve, so just pick what you feel is best. I really am sorry that I wasn't able to provide what I promised, so instead I will leave a few of the sources I found helpful, just in case another ambitious person or group decides to research the matter. Not all of these sources are good, but it's a place to start: GrapheneOS responded to my requests for a comment after this post was made, here: https://lemmy.ml/post/22142738 https://www.cvedetails.com/version-list/0/3264/1/ https://en.wikipedia.org/wiki/Site_isolation https://madaidans-insecurities.github.io/firefox-chromium.html https://news.ycombinator.com/item?id=38588557 https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf https://grapheneos.org/usage#web-browsing https://www.reddit.com/r/browsers/comments/17vy1v5/reasons_firefox_is_more_secure_than_chrome/ https://www.wilderssecurity.com/threads/security-chromium-versus-firefox.450867/ https://forums.freebsd.org/threads/why-im-switching-from-firefox-to-ungoogled-chromium.87878/

Edit: Here is the verdict: https://lemmy.ml/post/21887275 I am currently doing a deep dive into whether or not Chromium is more secure than Firefox, and I will make a very long and comprehensive Lemmy post outlining my findings with specific sources. I expected this to take a few days, maybe a week, but after finding out many of the claims for both sides give no real sources, I expect this to take a month or longer. I will be reaching out to multiple first-party sources (Mozilla, GrapheneOS, etc.) to get their detailed statements on the matter. I want to provide something that actually covers the full picture of the issue with up to date sources, to hopefully put this to rest for anyone who doesn't want to do the research. I'm making this post in case anyone wants to provide any extra resources they have about the issue. Do not fight about this issue in the comments, save that until after I am able to release my work. I'm tired of the constant back and forth about this with little to no direct sources. This means that my other project, [Open Source Everything](https://gitlab.com/an-anonymous-coder1/Open-Source-Everything), will be put on pause. The FAQ section of that very project is what sparked this, because I realized the issue was far more complex than I outlined in there. (Don't trust the information in the FAQ just yet: it is still in the works.) As always, don't just give blind support to this just because I am making promises, but if you feel your support is needed then by all means go for it. If any of you want me to turn this post into an update log, let me know and I will. **DISCLAIMER: These update logs are NOT meant to be taken as a source. I am generalizing a lot of things here for simplicity and brevity, so do not try to pick it apart. Anything I say here is likely a summary of something that will be talked about in fine detail in the article, and so it may contain mistakes.** # Update 1 I need to stop posting before bed, since I end up not being able to respond to drama quickly and it grows out of proportion. Anyways, I want to answer a few questions that keep popping up (maybe I'm obsessed with writing FAQs, I don't know) and then talk about my research process. ### Google Chrome is NOT the same as Chromium This is something I already have a draft to write about in my article, because a lot of people mess up the distinction. [Google Chrome](https://www.google.com/chrome/index.html) is Google's proprietary "en-Googled" browser. That browser obviously has numerous privacy issues. What I am referring to in the article is what Google Chrome was built off of: [Chromium](https://www.chromium.org/Home/). Chromium is open source (or source available, or something like that. Please stop trying to remind me of the difference, "open source" gets the point across). Many browsers such as [Brave](https://brave.com/) were built on top of Chromium. Many users in the privacy community use Chromium-based browsers. Chromium is mainly maintained by Google, but I will not be focusing on that since I am taking a look at the actual software and not any future problems that may arise. I'm summarizing things here, but I will go in depth in a section of my article about this, since a lot of people are still stuck on the mindset that Google is *always* evil. It is true that Google is bad with privacy, but they are good when it comes to security. They have to be, given that Chromium-based browsers and Android are the most used in their respective fields. Any privacy issues can be nullified with some projects like ungoogled-chromium or GrapheneOS which remove any privacy invasive Google components. Anything Google tries to sneak in doesn't get past those projects, like a safety net, because they take very close inspection of the code. ### Security vs. Privacy Security and privacy are two distinct topics with some overlap. As I mentioned above, any privacy issues can be dealt with by using some variants of the software. Because of this, my article will focus primarily on how **secure** these browsers are. I do understand that security and privacy can go hand in hand: Without security there is little privacy, and without privacy there is little security. However, that is all out of the scope of what I am researching here. The reason a lot of projects such as GrapheneOS recommend against Firefox browsers (especially on Android) is because they claim Firefox has weak site isolation. That is the main point of research for my article. If I can prove that those claims are true, I can demonstrate why it is such an issue. If I can prove that those claims are false, I can try to see if Firefox is more private than Chromium, and is therefor a better option. There will be other related ideas that will crop up that will be covered in the article, that I will research about. The broad hypothesis is "Chromium is more secure than Firefox" and it is my job to find out why people say that and investigate it. Also, many users talked about ad blocking and the recent removal of Manifest V2, which killed a lot of Chromium ad blockers. This is not the focus of the article, but let me remind you that using a browser such as Brave lets you block ads entirely. Brave is the only other browser recommended by the GrapheneOS project for its security, besides Vanadium. Yes, Brave has some bloat that can infringe on privacy, but [those can be disabled](https://www.privacyguides.org/en/desktop-browsers/#brave). Don't forget that Brave is open source, so you are free to make a fork of it and remove whatever you'd like. The point is this: Both Chromium and Firefox both still have ad blocking, so this is a non-issue. ### Who am I? [@dingdongitsabear@lemmy.ml](https://lemmy.ml/u/dingdongitsabear) https://lemmy.ml/post/21367269/14283651 > first off, I have serious doubts that any one dude - or even a group of those for that matter - can ascertain the security of such a complex system; a browser is essentially an operating system, with all the layers and complexities that entails. > > even if you're somewhat successful in such an endeavor, I don't really care if it potentially is. chromium comes from those shitmakers and I'm not willingly using anything they had their nasty fingers in. they threw one shovel of shit too many on the heap and they are now forever on my ignore list. if that means that I don't get to access certain domains, sites, and/or apps - so be it, I'll make do without. [@echolalia@lemmy.ml](https://lemmy.ml/u/echolalia) https://lemmy.ml/post/21367269/14283932 > Are you a single person or a group of people? Do you have any credentials that you'd like to share that might give some context to your research? > > Where is the quote in your bio from? I could leave some cryptic retrospective answer here, and I would love to, but as fun as that would be it may cause more harm than good. I am an independent, singular person. If I were in your shoes, I too would doubt that any one person could research the intricacies of the matter. However, I don't need to look over every piece of code to make a conclusion. The main focus of the article, as I said, is site isolation. This is what most people reference when they talk about Chromium being "more secure" than Firefox. I already addressed the other argument about Chromium being "evil," as there are other projects that aim to remove some of the damage that has been done. Readers of my article will need to let down their precedent of Chromium being as bad as Google, and realize that Google is bad for privacy but good for security. If by "credentials" you mean actual identification, no. Even if I told you exactly who I was, you still would have no idea who I am. However, I can give you some of my background: I am advanced in the privacy field, proof of this can be seen [with my other project](https://gitlab.com/an-anonymous-coder1/Open-Source-Everything). I used to work as a penetration tester for a low ranking government branch, focusing on network and website security. I am fluent in Python and C++, so I can understand a lot of the code that has been written. I hope that gives you context into who I am and what I do. I guess I could also mention I like to keep high standards, I'm a bit of a perfectionist. I want the article to be nothing short of extremely thorough and comprehensive. The quote in my bio “Unjust laws only burden the just, as the lawless will not heed them.” is my own (hence why I put "- 8232" there). I have other quotes, but that one is my favorite. ### How is the research going? I didn't quite know where to start, but eventually I settled for this: I have three notes. One is for questions I have (e.g. "What is site isolation?") that I put answers under as I find them. This means I will never be trying to fill in the gaps without sources in the article. I'll have a well informed knowledge of everything. The next note is for all the sources about the issue, categorized into "Primary," "Secondary," and "Unverified" (when there is no source listed for the claim). The last notebook is people. This one contains people and groups who know about the issue that I may get statements or help from for the article. That is all I have right now, because I needed some sleep. I plan to add a "To-Do" note, some various drafts, and a list of documents about the issue. I'll keep this updated.

TL;DR: I accidentally deleted the old repository with 107 stars, and have moved the project to GitLab because GitHub requires a paid account to recover deleted repositories. I take full responsibility for this, it was an extremely stupid mistake on my part. I deeply apologize for the inconvenience. I understand if this damages the trust in the project. I appreciate all the support you all have given towards the project, it truly means a lot to me! For those of you who bookmarked the repo, please update it to the new GitLab page which will now be actively maintained. If you don't know what Open Source Everything is, [see my original post](https://lemmy.ml/post/20306562). It's my own curated list of open source software. Update: GitHub was able to restore the repository! Special thanks to Seve from GitHub Support for bending the rules a bit. GitLab will still be the primary place where the repository is hosted.

It's pretty easy to spot [dark patterns](https://en.wikipedia.org/wiki/Dark_pattern) when you look out for them, but I found a pretty obvious example of this. [Stoofie](https://stoofie.com/) is a brand that sells water fountains for your pet (I don't know what the problem with a water bowl is, but I digress). [WayBack Machine](https://web.archive.org/web/20241009030535/https://stoofie.com/) Plastered at the top of their website is "33% OFF Ends Today- Free Shipping" with no way to dismiss it. There is a scrolling text under the main image "FAST AND FREE SHIPPING 60-DAY FREE RETURNS" If you scroll down, you're immediately introduced with a product with the option to buy two preselected. The rest of this section explains itself:  Other things are sprinkled in the main page, but it really is the prime example of dark patterns. I am personally sick of finding them, but would love to see more examples of what others have found. Please, share your favorite examples of dark patterns. Don't forget to [archive them first](https://web.archive.org/) so they can never be lived down.

For those who are unaware: GrapheneOS is a privacy and security focused mobile operating system built on Android. https://grapheneos.org/ Yes, the phone in the picture is running GrapheneOS.

I made [this post](https://lemmy.ml/post/20087099) a few weeks ago, and I've finally been using GrapheneOS for one month. I'd like to point out things that changed, and my experiences with some of the GrapheneOS communities. # The changes I stressed far too much about which methods to use for installing apps. In the end, it's up to you and your preference. Sure some are considered less secure than others, but it's your phone. I'll explain more about why I'm saying that later. Anyways. I get as many apps as I can via Obtainium, and install a few apps via Aurora Store. I'd like to clarify the reason I have ProtonVPN installed via Aurora Store. App developers often develop different versions of the app depending on how you install it. Play Store versions of it might rely on Google services, whereas direct apk files may not. ProtonVPN allows you to use it as a guest, but only when you install the Play Store version. No other version of the app (e.g. installed via Obtainium) allows you to use it as a guest. Please stop commenting about this, I explained it to way too many people. My game selection has remained the same, however Antimine is a bit of a weird one. It is still actively maintained, but the GitHub releases page is versions behind the F-Droid version, and the F-Droid version is versions behind the Play Store version. I tried installing the Play Store version, but it required Google Play Services to work (even though the app could actually run without it, it just thinks it needs it). So, unfortunately, I'll just use the outdated F-Droid version. 2048 by SecUSo actually got dark mode! Good for them for keeping things nice on the user end. Audire has been abandoned, and so I tried out Audile and it works fine. As many users pointed out, AndBible is not abandoned. It also recently got updated. The UX is still sub par. Fossify projects are also, as many pointed out, not abandoned. Development is just slow. I'm eager to see what updates will come. HeliBoard still has some weird autocorrect suggestions, but I made a few bug reports about it. KeePassDX no longer has the weird biometrics bug. For eBooks, I tried out a lot of the top proprietary eBook readers: - Amazon Kindle was authwalled (required logging in) - FBReader was netwalled (required a network connection) - Google Play Books was playwalled (required Google Play Services) Then, I tried Moon+ Reader. I am so sorry, but this app is honestly fantastic. I will reiterate: it is proprietary, but it has support for Apple Book's page turning animation as well as other stuff. The open source eBook readers peril in comparison. The app is perfect, I just wish it was open source. My music player has changed to VLC Media Player, which is honestly so much better than the desktop version. It has incredible support for use as a music manager. The only annoying bug is that it will sometimes lag for a few seconds before resuming, and there's no clear "queue" section. I got too upset with Vanadium's lack of anti-fingerprinting and privacy features, that I switched to Brave. Honestly, I'm happy with it. It's not perfect, but I can get behind it. # The new stuff Alright, now let me mention the new things I got to try. I wanted to try out an RSS reader, so I got Feeder. It's honestly what you expect from an RSS reader. I will say: I wish there was more distinction between read and unread articles. Currently the only difference is whether or not the title is in bold. I also wish the "Show read articles" could be changed for each feed, and not globally, or have an "Unread articles" section. I have the I2P DEBUG app in case I ever want to access I2P pages. I'm learning about what I2P is. From what I gather, it's like Tor but... not Tor. I tried out Image Toolbox for editing images. It's very feature rich, but very unintuitive to use. This is the biggest change: I tried out Lawnchair and Lawnicons. It is honestly so great. I wish the default launcher had that level of customization. You can customize it in 100 different ways until your heart gives out, it's honestly fantastic. There are inconsistent minor bugs and annoyances, but the benefits far outweigh those. I'm a sucker for the iOS look, and I was very pleased I was able to achieve something in between Android and iOS. I just wish they would bring dock colors back! One of my favorite features is being able to customize any icon and name for any app on the home screen. I could make a dating app look like a graphing calculator, for example... I tried out the proprietary Pydroid 3 app as a Python IDE. I give the developers a solid pat on the back. It's a great app. It works super well, and just has the occasional "upgrade to premium" popup to remove the "ads" that it can't load because it can't touch the internet. Good job guys. I added Shadowsocks to my censorship circumvention toolkit. I can't find any free servers, but hey it's there in a pinch. # The community I got some time to experience the Matrix/Discord/Telegram (they're all bridged) community as well as the issue tracker for GitHub. The issue tracker closes a lot of issues that I personally think should remain open. One I made was changing one of the default pings for an (obscure) menu from Google to GrapheneOS, a very simple fix. They closed it, which I'm upset about. I get it though, they can't fix everything. The Matrix/Discord/Telegram community is... interesting. There's 3 people: The ones who understand almost nothing and need a lot of help, the general users who are super friendly and have wholesome interactions, and the ones who know (and/or think they know) everything. That third group is quite prevalent. They will constantly push their own threat model on you as if it's the only correct answer, and will (quite often) refuse to answer questions if it goes against their threat model (e.g. questions about Aurora Store when "Play Store is the only correct answer"). It's annoying to say the least. I try to mention as much as possible that everyone has their own threat model and it's your phone so you get to choose your own preferences at the end of the day, but that never goes over well. GrapheneOS isn't always known for taking kindly to some lesser threat models, which is a double edged sword. It's good that they have such high standards, but they need to know when to relax and let other people help. It's not bad by any means, you'll get the help you need, but it's not a good look at the end of the day. # Conclusion That's my experiences after one month. It's been nothing short of fantastic, even with some problems. I am a strong advocator for open source software, but for a couple things the proprietary alternatives are simply the best. That's the unfortunate truth for some things. This will be my last post about my experiences with GrapheneOS, but coming from iOS, it is a super fun transition. I'd also like to mention quickly for anyone wondering: Backups for me are currently under 5GB (not including music), and in a month with all the app downloads and music transfers over LocalSend, I used about 70GB of internet. Tubular used the most internet (about 22GB in a month). For all you curious, this can give you a nice baseline. Thanks for reading!

My [threat model](https://www.privacyguides.org/en/basics/threat-modeling/) is against [mass surveillance](https://mullvad.net/en/why-privacy-matters/nothing-to-hide). This is one of the hardest threat models to defend against and to justify, because (at least here in the US), mass surveillance has become normalized. I've heard people directly tell me that "privacy is weird." I'm not here to shoot down the [Nothing to hide argument](https://en.wikipedia.org/wiki/Nothing_to_hide_argument) literally labelled on Wikipedia as "a logical fallacy," instead, I want to take my own approach to show just how unnatural mass surveillance is. Picture this: Your best friend tells you that he heard rumors that someone put cameras in your house and was actively spying on you. That is super creepy, but you brush it off and say that nobody would do that, because who would care that much about you? However, when you get home, you look around and find multiple dozen hidden cameras everywhere. Think about how you're feeling right now, knowing that you're being watched. Even though you know that you're being watched, but have no idea who has been watching you, what they have seen, or how long they've been watching you, it's disillusioning and creepy to find out that what your friend said was true. Then, you do some digging online and find out that everyone in your neighborhood is also being watched. Oh, it's fine then, right? Suddenly it's much better that you're not alone. No! More surveillance is not a good thing. People fall into the false belief that as long as it's not targeted surveillance or a personal attack that it's suddenly fine, that you will just blend in with the noise. **Your data is valuable, and spying in any capacity is NOT normal.** Remember: The situation never changed, you are still being watched, you just found out that not only you, but everyone around you is also being spied on. You still have no idea who is watching you, and it's even worse to find out that it might not just be one person, that [anyone can buy this data for cheap](https://surfshark.com/blog/how-do-hackers-get-your-information). Data like this can be used to stalk you, [drain your bank account](https://en.wikipedia.org/wiki/Social_engineering_(security)), [read intimate personal texts](https://www.aclu.org/news/national-security/five-things-to-know-about-nsa-mass-surveillance-and-the-coming-fight-in-congress), [rig elections](https://freedomhouse.org/article/social-media-are-growing-conduit-electoral-manipulation-and-mass-surveillance), [manipulate you into buying things you never intended to buy](https://en.wikipedia.org/wiki/Mass_surveillance), and so much more. This is the state of mass surveillance and it **needs to stop**. It's not a conspiracy, the dystopia is today. Mass surveillance is not normal. Privacy also isn't normal: [it's a right, instead](https://en.wikipedia.org/wiki/Right_to_privacy).

Hi everyone! For... I guess over a year now? I've been observing and trying out lots of software recommended by the privacy community and internet as a whole. With that time, I've been able to slowly put together a list of all the software I personally believe to be the best for their own various reasons. I finally have enough to be able to share it with all of you! I'm also looking for feedback. I haven't tried all the software on that list, and I'm sure there's software I've never heard of that needs added. I'm looking for your feedback on what you think should be added, removed, or changed. That includes the list itself, if you think there are any design improvements. Do note: Any software marked with a ⭐️ I am *not* looking for feedback on. This is software that I firmly believe is the best of the best in its category, and likely will not be changed. However, if there is a major issue with the software **that you can provide direct proof of**, then there is a chance it will be changed in the next release. There are no grantees. The sections marked with ℹ️ are lacking, and can use your help! Some software there may not be the best one, or may have many software or sections missing. I am absolutely looking for help and feedback here, and would love your help! My goal with this project is to help people find the best software from many standpoints, and to prove that there really are good open source alternatives for almost anything! I hope this helps someone, and I look forward to your feedback! Thank you all for reading and taking the time to look through my list! Edit: This project has [moved to GitLab](https://gitlab.com/an-anonymous-coder1/Open-Source-Everything/)!

I didn't want to make two separate posts for these, so I am combining them into one. The two hardest apps to find for Android were a music player capable of playing local files, and an ebook reader with a nice design. With some help from the community, I was able to find nice apps for both of those. All apps here are available to install via Obtainium. My goal here is to raise awareness for some unknown but high quality apps that I have found. # Music player: [VLC](https://www.videolan.org/vlc/download-android.html) **Credit:** [@HanShan@lemmy.nowhere.moe](https://lemmy.nowhere.moe/u/HanShan), [@thayerw@lemmy.ca](https://lemmy.ca/u/thayerw), [@Corngood@lemmy.ml](https://lemmy.ml/u/Corngood) I have tried plenty of music players, and most of them are either copies of each other, are lacking in features, or are just plain buggy. Despite what I expected, VLC is actually the best choice in this category. Besides being a must-have in general, VLC actually has fantastic support for music management. It has plenty of customization, however I found that the Black theme did not work. Besides that, it has support for folders, creating playlists, playback history, albums, artists, genres, shuffling, queue management, equalizers, sleep timers, playback speed, A-B repeat, and so much more. It is honestly exactly what I was looking for, with a sleek UI and very feature packed. It's nothing like the desktop app. # eBook reader: [Book's Story](https://github.com/Acclorite/book-story) It was a struggle to find an eBook reader with nice usability. I managed to find two that are very promising. One such reader is Book's Story. Book's Story offers a completely offline experience to managing and reading eBooks. It's what I would want if I were to code an eBook reader, with a nice Material design and a minimalistic layout. However, there are things I don't like about it. For starters, it doesn't correctly read my eBooks. That's honestly disappointing, since that means the app is currently dysfunctional, but I am including it in this list because I have high hopes for it. There is also no page turning view, which isn't bad, but it's a feature I look forward to. Overall, I don't currently recommend using this, but in the future I can easily see it becoming one of the best eBook readers out there. # eBook reader: [Myne](https://github.com/Pool-Of-Tears/Myne) Unlike Book's Story, Myne is able to read all of my eBooks just fine. Myne is an even more polished eBook reader, also with support for downloading eBooks from the internet in the app. It too lacks in a page turning view, and doesn't allow you to customize which screen is your default. The second one is slightly annoying because if you are offline and open the app the first thing you see is a 404 page. You can still view your offline ebooks, of course, but it would be nice to select which page is the default. Furthermore, while it was able to read my eBooks well enough, there are still a few minor HTML artifacts visible in the book. If I was able to merge the layout of Book's Story with the design and functionality of Myne, it would become the perfect eBook reader. I'd love to see where both of these projects go, and even in their current state they beat some of the most popular eBook readers in my opinion, such as Librera and KOReader.

Edit: Before you read, I made some mistakes here that I mention in [my part 2](https://lemmy.ml/post/20749843) My mobile operating system of choice is GrapheneOS. I run it on a used Google Pixel 8, as I didn't have enough money for any of the phones in the Google Pixel 9 lineup, which offer a more secure ultrasonic fingerprint scanner. I used to use iOS, but I finally managed to switch. I wanted to share my thoughts on GrapheneOS, problems I had, and the apps that I use. To install apps, I first check if it is available on GrapheneOS's built in app store. If not, it is installed via Accrescent. Because Accrescent is still very small in support, most of my apps are installed via Obtainium. One app however, ProtonVPN, is installed via Aurora Store, because that is the only installation medium that allows me to sign in as a guest. I do have a Proton account, so signing in isn't an issue, but since I plan to use ProtonVPN until I can pay for Mullvad VPN, I might as well get as much anonymity as I can. I don't use the actual Google Play Store, despite claims of it being more secure, mainly due to me required to create a Google account. I only use Aurora Store for ProtonVPN. For apps that are not available for Obtainium but are available on F-Droid, I simply use the F-Droid repo inside of Obtainium. All apps are verified with AppVerifier. For games I have a very small selection. Simon Tatham's Portable Puzzle Collection is a game collection I have been using since before I even knew it was open source. Antimine is a Mines client, which is a classic. I also play a game called Zoysii, which is only available on F-Droid. It passes the time. Code Word is a nicely made Wordle app, with some extra features. Open Sudoku is a nice Sudoku app, however I found that almost all of the available puzzles to install are very easily solvable. 2048 by SecUSo is a decent app to play 2048 that is still maintained, however it currently does not have a dark mode theme. blichess is a fork of lichess that simply adds the option to play over Bluetooth, which I really like. My mobile 2FA app is Aegis, which is really everything you would expect. Audire is an open source frontend for Shazam, which I use for music recognition. I'm sure there are some better apps with different APIs, but Shazam works really really well, and that is what I am looking for in the app. Aves is my photo manager, as it allows for proper photo hiding. It is available through Accrescent, which is nice. It is one of few apps that required me to sign terms and conditions, but it doesn't matter since it doesn't have internet access anyways. It allows me to view extensive details about photos, and even remove metadata in the app. I use AndBible for Bible study, but the project seems to be abandoned and needs lots of improvements. I sincerely hope a good alternative is developed eventually. I would be willing to help out any way I can. For messaging I use SimpleX Chat for my most personal chats, but for mostly everyone I contact them via Molly, which is a hardened version of Signal available on Accrescent. When I am offline, I contact nearby people through Briar over Bluetooth, which is awesome while camping. I don't have any cellular provider, so I occasionally have to make sacrifices in terms of contact. The default GrapheneOS calculator has no dark mode, so I opt for OpenCalc as my default calculator. I tried both Etar and Fossify Calendar as a calendar, and have been much happier with Fossify Calendar. A lot of Fossify projects have been abandoned, sadly, so I may have to switch. I use the default GrapheneOS camera for most of my pictures, but when I need high quality shots I will use Open Camera. It supports HDR and some post processing. The GrapheneOS camera has incredible support for code scanning, such as QR codes and bar codes. I don't plan to use the Pixel Camera, since those apps work just fine for me. To edit photos I use the GrapheneOS gallery, but it is somewhat lacking. I plan to stick with it as they add new features. I have a ClearClipboard app that, simply, clears the clipboard when you open it. It's a small tool but I get very paranoid about clipboard access. I've found that my password manager doesn't reliably autoclear, which I will discuss later. The default GrapheneOS clock app is fine. I wish there was an OLED theme, but it's worked for what I need. DeepL is what I use for translations, because I cannot seem to find an offline translator app. It's very upsetting. For my keyboard I use HeliBoard with the proprietary swipe to type module, and it's great. There are a few weird autocorrect suggestions, such as not recognizing the word "A", but it's honestly not been a huge issue. I use Joplin to take notes. I had issues with Standard Notes when I was on iOS, and had switched to Joplin there. I now can't even imagine why anyone would even try to use Standard Notes, Joplin makes Standard Notes look like a joke. It has all (or at least all I care about) of the paid features of Standard Notes, for completely free. My password manager is KeePassDX, which is honestly exactly what I would want from a password manager. The only issue I've had is that it sometimes disables biometric unlock and makes you unlock it yourself, which is super weird. Besides that, I will be using it until either it dies or I do. For eBook reading I use Librera, but the UI is honestly atrocious. The best eBook reader I have ever used is Apple's stock Books app, and I honestly wish something of that polish existed on Android. Librera will work but it's not nice to use. I have LibreTorrent in case I ever need to torrent something on the go. It's fine, I wish torrent software would include a hard toggle to disable seeding, but it's worked as intended. In a similar category I use LocalSend to transfer between any of my devices. I haven't tried KDE Connect because LocalSend has never caused me problems. The only issues I have encountered were because of strict VPN settings. I eventually plan to use Mullvad VPN, but until I can afford it I am using ProtonVPN as I mentioned. I have no real comments because I have only used ProtonVPN. IVPN is on my radar, but Mullvad VPN is still at the top of my list. IVPN is available via Accrescent. I also have Orbot in case Proton or Mullvad are blocked. Music players have been a struggle for me. All of them have their own various issues. All I really need is a nice way to play mp3 files offline and sort them into playlists. A night timer is nice. Vinyl Music Player is what I use for now, since Fossify Music Player seems to be abandoned. I'm open to some open source alternatives here, since the ones I have tried all have issues. Ideally these should be available by Obtainium. I use Organic Maps for navigation. Support is alright in my city. OsmAnd has a pretty bad UI but it's gotten better. Organic Maps I've heard has a few issues, and OsmAnd has a premium tier, but I don't really care. I am just sticking with Organic Maps. I'm happy with it, so it's fine. I have RadioDroid installed to try it out. It lets you listen to radio stations over WiFi. I'm jealous of Motorola users for their built in AM/FM radio receiver antenna. I might not keep this app, since it's fairly useless when you think about it. Either way, maybe a GrapheneOS phone will come along with a built in antenna. I have Tor Browser installed just in case I ever need to visit an Onion site or use a Gecko based browser. My main browser is Vanadium, and I did try Mull but it doesn't block advertising redirects even with uBlock Origin. Vanadium is fine for now. I have Trail Sense as a compass and emergency survival app. I hope I never have to use it for survival, but at the same time, I hope this app saves my life. It's cool to see how many sensors it utilizes to help you out. Tubular is a fork of NewPipe that has SponsorBlock support. I like it, it's not as polished as I would want but it's plenty usable. I wish it had DeArrow as well, but I'm sure it won't be long until it's added. I use the Fossify Voice Recorder for voice recordings. It's what you would expect, not much to say here. For weather, I use Breezy Weather. For some reason some features were unavailable on the F-Droid version, but after installing with Obtainium I now have plenty of features at my disposal. It's almost as good as the iOS weather app, and has plenty more features. The accuracy where I am is slightly iffy, but it's good enough that I can rely on it. I use a passphrase to lock my phone, and use biometric unlocking to ensure no one can shouldersurf passcodes. GrapheneOS only lets you add up to 4 fingerprints, which is a good enough limit, but I do wish it was higher. If I wanted only 4 fingerprints, I would choose that myself. I backup GrapheneOS using my own USB stick and the built in backup option. Some apps such as SimpleX refuse to be backed up automatically, but I can simply manually export the database and backup that file. Even without any Google frameworks installed, GrapheneOS has been a really seamless and polished experience. The issues I would raise are actually with Android itself, such as weird management of app signing, but overall GrapheneOS has been incredible. GrapheneOS is honestly the minimum every person should expect in terms of privacy and security on their phones, because nothing else even comes close to GrapheneOS in those categories. The gap between iOS and GrapheneOS is absolutely massive, given that so many of the apps I use are Android specific.

I am in the process of moving away from Spotify by downloading my music offline. The files vary in types (.webm, .m4a, etc.), and I would like a way to sort them into playlists on Android. What are your suggestions?

I was bored, so I compiled a list of 77 of my favorite open-source privacy-focused software. This ranges from Android apps to desktop apps to websites to operating systems. I scraped the programming languages used for each one from their respective repositories, and created a simple scoring system to score each programming language. Obviously there is some bias, since Kotlin is very popular for Android apps and not much else, and it's not an exhaustive list, so some data might be off, but it was still fun to make! Just wanted to share it with all of you, in case anyone else finds it interesting. ### The full ranking ::: spoiler Full ranking 1. C++ 2. C 3. Kotlin 4. Java 5. JavaScript 6. TypeScript 7. Python 8. Shell 9. C# 10. Dart 11. PHP 12. Ruby 13. HTML 14. Makefile 15. Go 16. QML 17. Pascal 18. CSS 19. Clojure 20. Blade 21. Crystal 22. Batchfile 23. Swift 24. Emacs Lisp 25. Svelte 26. Rust 27. CMake 28. Haskell 29. Lua 30. Vue 31. Roff 32. XSLT 33. Assembly 34. NSIS 35. Objective-C 36. SCSS 37. Less 38. PLpgSQL 39. Objective-C++ 40. Inno Setup 41. Meson 42. WebAssembly 43. ASL 44. PowerShell 45. Rich Text Format 46. GLSL 47. Common Lisp 48. Haml 49. Scheme 50. Dockerfile 51. Perl 52. AIDL 53. M4 54. Mustache 55. D 56. MDX 57. SourcePawn 58. M 59. Pug 60. Lex 61. EJS ::: ### Scores for each programming language ::: spoiler Language scores C++: 13070 C: 11734 Kotlin: 7195 Java: 6727 JavaScript: 5356 TypeScript: 5002 Python: 4250 Shell: 1903 C#: 1873 Dart: 1872 PHP: 1844 Ruby: 1499 HTML: 1389 Makefile: 990 Go: 975 QML: 955 Pascal: 917 CSS: 888 Clojure: 878 Blade: 832 Crystal: 738 Batchfile: 708 Swift: 577 Emacs Lisp: 556 Svelte: 366 Rust: 351 CMake: 342 Haskell: 326 Lua: 300 Vue: 288 Roff: 268 XSLT: 176 Assembly: 167 NSIS: 130 Objective-C: 128 SCSS: 90 Less: 77 PLpgSQL: 66 Objective-C++: 61 Inno Setup: 59 Meson: 41 WebAssembly: 25 ASL: 22 PowerShell: 21 Rich Text Format: 21 GLSL: 18 Common Lisp: 16 Haml: 14 Scheme: 13 Dockerfile: 12 Perl: 12 AIDL: 11 M4: 7 Mustache: 7 D: 5 MDX: 5 SourcePawn: 2 M: 2 Pug: 2 Lex: 1 EJS: 1 ::: ### The original data (NOTE: I am NOT looking for criticism on any choices made here) ::: spoiler Original data ### HuggingChat TypeScript 62.1% Svelte 36.6% Dockerfile 0.4% JavaScript 0.4% HTML 0.2% Shell 0.1% Other 0.2% ### GPT4ALL C++ 48.2% QML 32.3% Python 8.5% CMake 5.4% JavaScript 3.9% C 1.0% Other 0.7% ### Audacity C 37.6% C++ 35.3% Python 18.1% Shell 2.8% Common Lisp 1.6% QML 1.3% Other 3.3% ### Duplicati C# 87.3% JavaScript 5.7% HTML 3.2% Less 1.8% Python 1.2% Shell 0.4% Other 0.4% ### Vorta Python 99.2% Other 0.8% ### Filen (Desktop) TypeScript 96.3% JavaScript 2.1% HTML 1.2% NSIS 0.4% ### Monero C++ 81.7% C 11.7% Python 3.2% CMake 2.0% Makefile 0.5% Shell 0.4% Other 0.5% ### Ivy Wallet Kotlin 99.7% Other 0.3% ### Brasero C 98.1% Makefile 1.5% Other 0.4% ### VSCodium Shell 83.8% XSLT 16.0% PowerShell 0.2% ### GNU Emacs Emacs Lisp 55.6% Roff 23.8% C 16.4% M4 0.7% Objective-C 0.6% C++ 0.5% Other 2.4% ### GitLab Ruby 69.2% JavaScript 17.3% Vue 6.8% PLpgSQL 2.9% Haml 1.4% HTML 0.9% Other 1.5% ### Codeberg Clojure 87.8% Shell 3.9% CSS 2.3% HTML 2.2% Batchfile 2.2% PowerShell 1.0% Other 0.6% ### Wikipedia (MediaWiki) PHP 82.7% JavaScript 15.3% Less 1.1% CSS 0.8% HTML 0.1% Vue 0.0% ### 7-Zip C++ 79.3% C 17.6% Assembly 1.6% Makefile 1.5% ### PeaZip Pascal 91.7% Inno Setup 5.9% Batchfile 1.8% C++ 0.4% Shell 0.1% C 0.1% ### qBittorrent C++ 71.0% JavaScript 14.1% HTML 11.5% Python 1.1% CSS 0.8% CMake 0.7% Other 0.8% ### osu! C# 100.0% ### 2048 CSS 54.9% JavaScript 38.1% HTML 6.5% Ruby 0.5% ### Wireshark C 95.2% C++ 2.4% Python 1.1% Perl 0.3% CMake 0.3% SourcePawn 0.2% Other 0.5% ### nmap C 38.0% Lua 29.0% C++ 17.3% Shell 4.6% Python 4.3% Makefile 1.9% Other 4.9% ### VirtualBox C 67.2% C++ 25.2% Python 2.8% Objective-C 1.7% Assembly 1.4% D 0.5% Other 1.2% ### Docker Go 97.5% Shell 1.5% Dockerfile 0.5% PowerShell 0.3% Makefile 0.1% Python 0.1% ### calibre Python 79.2% C 17.1% C++ 2.8% HTML 0.3% Shell 0.2% XSLT 0.1% Other 0.3% ### Thunderbird JavaScript 60.5% C++ 21.5% HTML 6.6% CSS 3.8% C 1.8% Java 1.7% Other 4.1% ### Betterbird Batchfile 66.5% C 18.3% C++ 10.1% Shell 5.1% ### draw.io (Desktop) JavaScript 96.0% Shell 4.0% ### Joplin TypeScript 71.4% JavaScript 22.3% HTML 1.9% CSS 1.3% Java 1.2% Mustache 0.7% Other 1.2% ### LibreOffice C++ 86.6% Java 5.5% Python 1.8% Makefile 1.6% XSLT 1.5% Rich Text Format 1.4% Other 1.6% ### Proton Mail (Web) TypeScript 92.1% JavaScript 5.2% SCSS 1.5% MDX 0.5% Swift 0.4% CSS 0.1% Other 0.2% ### F-Droid Java 65.3% Kotlin 33.1% Other 1.6% ### Aurora Store Kotlin 96.8% Java 2.8% AIDL 0.4% ### Neo-Store Kotlin 100.0% ### Obtainium Dart 98.7% Other 1.3% ### Droid-ify Kotlin 99.6% Shell 0.4% ### IzzyOnDroid PHP 97.2% Python 2.5% Shell 0.3% ### Accrescent Kotlin 100.0% ### GNOME Software C 97.0% Meson 1.2% Python 1.1% Other 0.7% ### Flathub TypeScript 74.0% Python 24.2% JavaScript 1.1% Shell 0.4% SCSS 0.2% Dockerfile 0.1% ### SearXNG Python 74.7% Shell 9.9% HTML 6.1% Less 4.8% JavaScript 2.7% CSS 0.9% Other 0.9% ### GrapheneOS Makefile 87.1% C++ 11.3% Shell 1.6% ### GNOME C 97.3% Meson 2.3% Python 0.4% ### KDE Plasma C++ 45.6% QML 41.2% C 5.5% CMake 2.3% Python 2.2% JavaScript 1.9% Other 1.3% ### Arch Linux C 98.4% Assembly 0.7% Shell 0.4% Python 0.2% Makefile 0.2% Perl 0.1% ### HeliBoard Java 45.4% C++ 34.7% Kotlin 19.2% Other 0.7% ### Blender C++ 76.3% Python 14.6% C 5.0% GLSL 1.8% CMake 1.2% Objective-C++ 1.0% Other 0.1% ### FreeCAD C++ 52.7% Python 44.5% C 1.5% CMake 0.8% NSIS 0.2% Lex 0.1% Other 0.2% ### Krita C++ 90.2% Python 3.0% C 2.3% CMake 1.6% HTML 0.7% Rich Text Format 0.7% Other 1.5% ### GIMP C 95.5% Scheme 1.3% Python 1.1% C++ 0.7% Meson 0.6% Perl 0.4% Other 0.4% ### Flameshot C++ 87.8% CMake 5.8% Shell 3.3% Python 1.7% Roff 1.1% C 0.2% Other 0.1% ### Inkscape C++ 94.1% C 1.7% CMake 1.5% HTML 1.4% Python 0.3% ### Aegis Java 96.0% HTML 2.1% Roff 1.9% ### VeraCrypt C 68.8% C++ 19.0% Assembly 10.0% Shell 1.1% Makefile 0.5% Batchfile 0.3% Other 0.3% ### KeePassXC C++ 95.1% CMake 2.2% Shell 1.5% PowerShell 0.6% Objective-C++ 0.4% Python 0.1% Other 0.1% ### KeePassDX Kotlin 79.0% C 14.0% Java 4.1% Assembly 2.6% C++ 0.2% Ruby 0.1% ### addy.io Blade 83.2% JavaScript 5.2% Vue 4.8% PHP 4.5% CSS 2.3% ### Mullvad VPN Rust 35.1% Swift 26.2% Kotlin 19.5% TypeScript 13.2% C++ 2.8% Shell 1.8% Other 1.4% ### Alovoa Java 82.7% HTML 9.8% JavaScript 3.6% CSS 2.8% Other 1.1% ### Briar Java 98.0% Kotlin 1.9% Other 0.1% ### SimpleX Chat Haskell 32.6% Kotlin 32.3% Swift 26.9% HTML 2.2% TypeScript 1.4% JavaScript 1.1% Other 3.5% ### Medito Dart 88.5% Kotlin 8.0% Ruby 2.0% Swift 0.7% CMake 0.2% C++ 0.2% Other 0.4% ### coreboot C 94.4% ASL 2.2% Makefile 1.0% C++ 0.7% Assembly 0.4% Perl 0.4% Other 0.9% ### Libreboot Shell 51.5% Python 25.1% C 22.2% Makefile 1.2% ### OpenStreetMap Ruby 78.1% HTML 8.7% JavaScript 6.9% PLpgSQL 3.7% SCSS 1.2% C++ 0.7% Other 0.7% ### OsmAnd Java 95.3% Kotlin 3.9% AIDL 0.7% CSS 0.1% Shell 0.0% XSLT 0.0% ### Organic Maps C++ 71.0% C 7.5% Java 6.1% Swift 3.5% Objective-C++ 3.1% Python 2.9% Other 5.9% ### VLC Media Player C 62.6% C++ 18.9% Objective-C 8.3% QML 3.1% Makefile 1.6% Lua 1.0% Other 4.5% ### Stremio (Desktop) C++ 36.7% QML 17.6% NSIS 12.4% JavaScript 10.7% Shell 9.1% CMake 4.1% Other 9.4% ### OBS Studio C 54.6% C++ 34.7% CMake 6.1% Objective-C 2.2% Objective-C++ 1.6% M 0.2% Other 0.6% ### NewPipe Java 84.0% Kotlin 13.5% HTML 2.5% ### FreeTube JavaScript 68.5% Vue 17.2% CSS 11.2% SCSS 3.0% EJS 0.1% ### Invidious Crystal 73.8% HTML 13.9% JavaScript 8.2% CSS 2.6% Shell 1.1% Makefile 0.2% Dockerfile 0.2% ### PeerTube TypeScript 89.7% HTML 6.5% SCSS 3.1% Shell 0.4% Pug 0.2% JavaScript 0.1% ### Tubular Java 84.6% Kotlin 13.0% HTML 2.4% ### Mullvad Browser JavaScript 28.1% C++ 25.7% HTML 22.3% C 12.4% Python 2.8% ### Tor Browser JavaScript 28.2% C++ 25.6% HTML 22.3% C 12.4% Python 2.9% ### uBlock Origin JavaScript 88.4% CSS 4.9% HTML 3.4% WebAssembly 2.5% Shell 0.6% Python 0.1% Makefile 0.1% :::

It is truly upsetting to see how few people use password managers. I have witnessed people who always use the same password (and even tell me what it is), people who try to login to accounts but constantly can't remember which credentials they used, people who store all of their passwords on a text file on their desktop, people who use a password manager but store the master password on Discord, entire tech sectors in companies locked to LastPass, and so much more. One person even told me they were upset that websites wouldn't tell you password requirements after you create your account, and so they screenshot the requirements every time so they could remember which characters to add to their reused password. Use a password manager. Whatever solution you think you can come up with is most likely not secure. Computers store a lot of temporary files in places you might not even know how to check, so don't just stick it in a text file. Use a properly made password manager, such as [Bitwarden](https://bitwarden.com/) or [KeePassXC](https://keepassxc.org/). They're not going to steal your passwords. Store your master password in a safe place or use a passphrase that you can remember. Even using your browser's password storage is better than nothing. Don't reuse passwords, use long randomly generated ones. It's free, it's convenient, it takes a few minutes to set up, and its a massive boost in security. No needing to remember passwords. No needing to come up with new passwords. No manually typing passwords. I know I'm preaching to the choir, but if even one of you decides to use a password manager after this then it's an easy win. Please, don't wait. If you aren't using a password manager right now, take a few minutes. You'll thank yourself later.

# Introduction I am a fan of Louis Rossmann. This will be very evident in the rest of the message. I saw how many companies tried to get away with anything and everything they possibly could, and I began to get very upset. I wanted to know what a perfect software would be like, one that was ethical, open, and had no way to pull the rug out from under its users. Many of the things Rossmann says were introduced into this philosophy, as well as some of my own views. I wanted to create a sort of guideline for how software should be. # Early draft This took multiple months to complete, multiple drafts (lots of which were written by hand), lots of sections compressed and decompressed, and lots of research and time to think. With all of that said, I am absolutely terrible at writing. I would either be too detailed, not detailed enough, or other various problems. However, I am including an early draft because it seems to hold its own slightly differing vision. This is an early draft written by hand: 1. **Transparency and availability** All of the software's code should be completely open source. No part of the software should be proprietary, including dependencies, blobs, drivers, extensions, website, installers, servers, etc. Those all fall under the same conditions listed in this whole document. No dependencies should be included unless they are essential for the software's core functionality or explicitly requested by the user. All dependencies should be clearly documented, and their purpose should be easily understandable by the user. The entire source code should be accessible to everyone, without any restriction, censorship, or moderation. There should be no requirement to create an account, verify identity, pay any amount, or any other extra steps to be able to access the source code in its entirety. 2. **Legibility** Every part of the code should also be understandable. Obfuscation, encryption, or any other attempts to create code that is not understandable is not allowed. All code should be well written, clearly understandable, and well documented. Documentation should be clearly understandable and falls under the same conditions as the code itself in terms of how it can be accessed. Furthermore, all documentation should be able to be easily accessible entirely offline. All code and its extensions should be free to study, edit, and distribute without restriction. 3. **Availability, equality, and ease of use** The entire software should be available to everyone for installation. There should be no restriction or censorship on who, when, or where (geographically and digitally) the software can be installed. There should also be no discrimination on who is able to use the software. Same installations of the software should be identical for all users. The software should be easy to install and uninstall, and all traces of the software should be removed after installation. 4. **Free of cost** The entire software should be completely free of cost. There should be no free trials, no subscriptions, no paid portions, etc. There should also be no paid alternative to the software with added functionality (such as a "premium" tier) The full version of the software should be completely free to download, install, and use to its full functionality. 5. **Update availability and backwards compatibility** All software updates should be optional. No updates should be required, no matter how important. Users should not be bothered about updates besides a single notifier when an update is available. There should be clear options to select which portions of the software get updated, if any, how the software is updated, and clear descriptions of which portions are receiving updates. There should be no restriction of censorship about who receives updates. All updates should be identical for all users. An offline update capability should be implemented, for users to download an update separately and update the software in an offline environment. All older versions of the software should be available to rollback to, or to install fresh. 6. **Extension ease of use** Extensions and plugins should be available to create and install for the software. These extensions fall under the same conditions listed in this entire document. Extensions should be easy to create and implement into the software. There should be no moderation, restriction, regulation, or censorship on which extensions can be installed and used. 7. **Offline capabilities** The entire software should be able to function to its full capabilities in an entirely offline environment. No part of it should ever rely on external sources such as cloud servers, website pings, etc. There should be no limitation on the functionality of the software in an offline environment. 8. **Data control and interoperability** All user data stored by the software should be easy and free to be able to import, export, modify, delete, and transfer at all times. This functionality should be clearly implemented, with no added steps. Data should also be completely interoperable with other similar softwares. 9. **Account freedom and security** The software should never ask or force the creation of an account, identity verification, or any other form of authentication. All portions of the software should be completely accessible without any further verification. However, if a user decides to credential protect certain portions of the software for security reasons, credentials should be stored entirely locally and securely. 10. **Universal compatibility and freedom** The software should strive to be compatible with as many systems and devices as possible. There should be no restrictions on which operating systems or devices the software can be installed on besides what is not possible to do. For all installations, clear debug messages should be present for errors in the software, as well as an easy system to manage these error messages. 11. **Perpetual access** The software should be available to install and use in full perpetually. There should be no time limit to be able to access the full functionality of the software. Trial versions of the software are not allowed. Users should have perpetual and unrestricted access to the complete software. 12. **Optional legal agreements** Users should never be asked or forced into any legal agreements, contracts, terms of service, terms of use, privacy policies, etc. If it is absolutely necessary that any of those are included, there should be a clear and easy way to opt out completely from all parts of the agreement. Users should be fully opted out by default from any agreements, and users should be clearly aware of what they are opting into. The agreement should be written in a manner that can be easily understood, and in a manner that is clearly visible to the user. Users should be able to change their preferences afterwards, in an easy and clear way. 13. **Permissions** The software's permissions should be easily changeable. Permissions include access to devices such as microphone and webcam, access to certain folders and files, access to modify and delete files, etc. These permissions should be clearly listed, and no unnecessary permissions should be enabled by default. # Disclaimer Because I am terrible at writing, most of this was painstakingly generated using LLaMA 3.1 70B & 405B. Believe it or not, this was actually a lot of work. Not only did I have to give detailed enough explanations for it to give an output that aligned with my vision, but formatting and sorting each section took an insane amount of work. Not to mention hallucinations, outputs that did not fit the prompt, rate limiting, and multiple other issues. Finally, after months of planning, preparation, tweaking, and editing, I am happy with what has been created. # How to help Even though I am happy with what has been created, it is by no means perfect and needs a massive amount of human intervention to improve it. **Be nitpicky!** I want to make this something the community is happy with, and something that is free of flaws and loopholes. I am very open to feedback here, since this is not the final version. # The Philosophy ## Category: Open-Source and Licensing 1. **Open-Source Ecosystem:** The entire software ecosystem, encompassing the core codebase, as well as all supplementary components, modifications, and derivatives, should be transparently and freely accessible to anyone. This means that all extensions, add-ons, plugins, and integrations, regardless of their origin or purpose, should be developed and shared under open-source licenses. Similarly, any forks or variations of the original software should also be openly available, allowing the community to benefit from diverse perspectives and innovations. By embracing openness and collaboration, the software can evolve more rapidly, securely, and equitably, with the collective efforts of a global community driving its growth and improvement. 2. **Free and Open-Source License:** The software should be made available under a free and open-source license, allowing users to freely study, modify, and distribute the software. This means that the software should be released under a license that grants users the freedom to use, modify, and distribute the software, without any restrictions or limitations. The software should be made available in a format that is easily accessible and modifiable, such as source code, and should be accompanied by clear and concise documentation that explains how to use, modify, and distribute the software. The license should also allow users to create and distribute derivative works, such as modified versions of the software, and should not impose any restrictions on the use of the software for any purpose, including commercial use. By making the software available under a free and open-source license, the developers can promote collaboration, innovation, and community involvement, and can help to ensure that the software remains free and open for the benefit of all users. Additionally, the software should also be made available in a way that is accessible to people with disabilities, and should be designed to be usable by people with a wide range of abilities and needs. ## Category: Code Quality and Development 1. **Readability and Code Quality:** The code should be crafted with the utmost care for readability, making it effortless for humans to comprehend its intent, logic, and behavior. This means that the code should be written in a clear, concise, and consistent manner, using a syntax that is easy on the eyes. Variables, functions, classes, and other programmatic elements should be assigned descriptive and meaningful names that accurately convey their purpose and role, avoiding ambiguity and confusion. Additionally, the code should be liberally annotated with high-quality comments that provide context, explain complex concepts, and highlight key decisions, making it easier for developers to understand, maintain, and extend the codebase over time. By prioritizing readability, the code becomes a valuable resource for knowledge sharing, collaboration, and collective growth. 2. **Comprehensive Documentation:** The code should be accompanied by comprehensive, accurate, and up-to-date documentation that provides a complete understanding of its functionality, behavior, and underlying architecture. This documentation should include detailed explanations of each component, module, and interface, as well as usage examples, tutorials, and guides that facilitate easy adoption and integration. Furthermore, the documentation should be written in a clear, concise, and accessible manner, using language that is free from technical jargon and assumptions about prior knowledge. By providing thorough documentation, the code becomes a self-contained resource that empowers developers to quickly grasp its inner workings, troubleshoot issues, and make informed decisions about customization, extension, and maintenance. This, in turn, fosters a culture of transparency, collaboration, and continuous improvement, where the codebase serves as a shared knowledge base for the entire community. 3. **Modular and Extensible Architecture:** The software should be designed with a modular and extensible architecture, allowing users to customize and enhance its functionality through the use of extensions or plugins. This means that the software should provide a robust and well-documented API, as well as a plugin framework, that enables developers to create custom extensions that can interact with and modify the software's core functionality. The software should also provide a user-friendly interface for managing and installing extensions, making it easy for users to discover, download, and install new extensions. Furthermore, the software should be designed to allow extensions to be developed for all portions of the software, including the user interface, data processing, and core functionality. This will enable users to tailor the software to their specific needs and workflows, and will also enable developers to create specialized extensions that can be shared with the broader user community. By providing a robust extension framework, the software can become a platform for innovation and customization, allowing users to create a tailored experience that meets their unique needs and requirements. 4. **Transparent Development Process:** The development process for the software should be transparent and clear, with documentation for each step of the process. This means that the development team should maintain a publicly accessible repository of documentation, including design documents, meeting notes, and technical specifications, that provides a clear understanding of the development process and the decisions that are being made. The documentation should be up-to-date and accurate, reflecting the current state of the software and any changes that are being made. Additionally, the development team should provide regular updates on the development process, including blog posts, social media updates, and email newsletters, that keep users informed about what is happening and what to expect. Any outages or disruptions to the software should be clearly communicated to users, with explanations of what happened, how it is being fixed, and when the software is expected to be back online. The development team should also provide a clear and transparent process for reporting and tracking issues, with a publicly accessible bug tracker and a clear process for submitting and resolving issues. By providing transparent and clear documentation and communication, the development team can build trust with users and demonstrate a commitment to openness and accountability. ## Category: Deployment and Updates 1. **Uniform Deployment and Updates:** All users should receive the same version of the software, with identical features, functionality, and updates, regardless of their location, device, or usage patterns. This means that the software should be deployed and updated uniformly, without any hidden variations, experiments, or segmentations that could create unequal experiences or introduce unnecessary complexity. No user should be unwittingly enrolled in A/B testing, beta programs, or other forms of differential treatment that could compromise their experience or create uncertainty about the software's behavior. By maintaining a single, unified codebase and deployment process, the software can ensure consistency, reliability, and fairness for all users, while also simplifying testing, debugging, and support processes. This approach also helps to build trust and transparency with the user community, who can rely on a predictable and uniform experience across the board. 2. **Access to Previous Versions:** The software should maintain a comprehensive archive of all previous versions, making it possible for users to access, download, and install any earlier version of the software that meets their specific needs or preferences. This means that users should have the freedom to choose the version that works best for them, whether it's due to compatibility issues, feature requirements, or simply a preference for a previous user interface. Furthermore, the downgrade process should be straightforward and reversible, allowing users to seamlessly transition between versions without losing data, settings, or functionality. By providing unfettered access to previous versions, the software acknowledges that users have different needs and workflows, and empowers them to make informed decisions about their own software experience. This approach also demonstrates a commitment to user autonomy, flexibility, and choice, while also facilitating testing, debugging, and troubleshooting efforts by providing a clear and accessible version history. 3. **Optional Updates:** Updates to the software should be optional, with users having complete control over what updates are applied and when. This means that the software should provide a clear and transparent update process, with detailed information about what changes are being made, why they are necessary, and what benefits they will bring. Users should be able to select which updates to apply, and which to ignore, with the ability to easily opt-out of any update that they do not want. Furthermore, the software should provide a clear and easy-to-use interface for managing updates, with options for selecting specific updates to apply, viewing update history, and rolling back to previous versions if needed. The ability to easily undo any and all updates should be a key feature of the software, allowing users to quickly and easily revert to a previous version if an update causes issues or is not desired. This approach recognizes that users have different needs and preferences when it comes to updates, and provides them with the flexibility and control to manage their software experience in a way that works best for them. By making updates optional and providing clear selection and undo options, the software can help to build trust with users and ensure that they feel in control of their software experience. ## Category: Portability and Compatibility 1. **Portability and Compatibility:** The software should be designed to be maximally portable and compatible, with the goal of running seamlessly on a wide range of systems, hardware configurations, and architectures. This means that the software should be developed with a focus on platform independence, using technologies and techniques that enable it to adapt to diverse environments and ecosystems. Whether it's running on a desktop computer, laptop, mobile device, server, or embedded system, the software should strive to be compatible with various operating systems, processor architectures, and hardware platforms. By embracing this philosophy, the software can reach a broader audience, increase its utility and value, and provide a more inclusive and equitable experience for users across different technological contexts. This approach also promotes flexibility, resilience, and future-proofing, as the software can more easily adapt to changing technological landscapes and evolving user needs. 2. **Interoperability:** The software should be designed to be completely interoperable with other programs and systems, allowing users to seamlessly integrate it into their existing workflows and ecosystems. This means that the software should support open standards and formats, enabling users to easily import and export data, and exchange information with other applications and services. The software should also provide APIs, SDKs, and other integration tools, making it easy for developers to build custom integrations and extensions. Furthermore, the software should be compatible with a wide range of operating systems, devices, and platforms, ensuring that users can access and use it regardless of their technical environment. The software should also support multiple data formats, protocols, and interfaces, allowing users to easily integrate it with other systems and applications. By prioritizing interoperability, the software can provide users with a flexible and adaptable solution that can be easily integrated into their existing workflows, and can help to break down silos and promote a more connected and collaborative environment. Additionally, the software should also be able to work with other software and systems that are not yet known or developed, by using open and extensible architecture and protocols. 3. **Universal Accessibility:** The software should be designed to be universally accessible, available to everyone regardless of their location, nationality, age, sex, background, or any other characteristic. This means that the software should be free from any geographical, cultural, or linguistic barriers that could limit its accessibility. The software should be translated into multiple languages, and should be compatible with different operating systems, devices, and platforms to ensure that it can be used by people from diverse backgrounds and with varying levels of technical expertise. The software should also be designed to be accessible to people with disabilities, with features such as screen reader compatibility, high contrast mode, and keyboard-only navigation. Additionally, the software should be available to people of all ages, with a user interface that is intuitive and easy to use for both children and adults. The software should not discriminate against any individual or group based on their nationality, ethnicity, sex, or any other characteristic. By being universally accessible, the software can promote global understanding, collaboration, and equality, and can help to bridge the digital divide that exists between different communities and regions. ## Category: Security and Privacy 1. **Security:** The software should be designed with security as a top priority, incorporating the latest security standards, best practices, and technologies to protect users' data and prevent potential vulnerabilities. This means that the software should be built using secure coding practices, such as secure coding guidelines, code reviews, and static analysis, to minimize the risk of common web application vulnerabilities. Additionally, the software should be regularly audited and tested for security vulnerabilities, using both manual and automated testing techniques, to identify and address potential weaknesses. To further enhance security, the software should also implement a bug bounty program, which incentivizes security researchers to identify and report vulnerabilities, allowing the development team to quickly address and fix them. The software should also stay up-to-date with the latest security patches and updates, ensuring that any known vulnerabilities are promptly addressed. Furthermore, the software should use secure communication protocols, such as HTTPS and TLS, to protect user data in transit, and implement secure data storage practices, such as encryption and access controls, to protect user data at rest. By prioritizing security and continuously monitoring and improving its security posture, the software can provide users with a safe and trustworthy experience. 2. **User Privacy:** The software should be designed with a strong commitment to user privacy, ensuring that it does not collect, transmit, or store any personal data or usage information without the user's explicit consent. This means that the software should not include any telemetry or tracking mechanisms, such as analytics, crash reporting, or usage monitoring, that could potentially compromise the user's anonymity or reveal their behavior. The software should also avoid any form of data harvesting, profiling, or behavioral analysis, and should not share any user data with third-party services or advertisers. Furthermore, the software should provide users with complete transparency and control over their data, allowing them to easily inspect, modify, and delete any data that is stored locally on their device. By respecting user privacy and avoiding telemetry, the software demonstrates a commitment to trust, transparency, and user autonomy, and helps to protect users from the risks of data exploitation and surveillance. 3. **Privacy-Invasive Features:** The software should be designed with a strong commitment to protecting user privacy, ensuring that any feature or functionality that could potentially compromise user privacy is carefully evaluated and implemented in a way that prioritizes user control and consent. This means that any feature that could be considered privacy-invasive, such as data sharing, tracking, or profiling, should be explicitly opted-out by default, requiring users to actively choose to enable it if they wish to do so. Furthermore, the software should provide clear and transparent explanations of how each feature works, what data it collects, and how it is used, allowing users to make informed decisions about their privacy. Any feature that is deemed to be potentially privacy-invasive should be clearly labeled as such, and users should be provided with easy-to-use controls to disable or configure it to their liking. By prioritizing user privacy and providing transparent and granular controls, the software empowers users to take control of their own data and make informed decisions about their online activities. 4. **Anonymity:** The software should be designed to be completely anonymous, ensuring that users can interact with it without revealing their identity or providing any personal information. This means that the software should not collect, store, or transmit any data that could be used to identify the user, such as IP addresses, device fingerprints, or browser cookies. The software should also not request or require any form of identification, such as usernames, passwords, or email addresses, and should not prompt users to provide any personal information, such as names, addresses, or phone numbers. Furthermore, the software should be designed to operate independently of any external services or systems that may collect or store user data, ensuring that users can use the software without being tracked or monitored. By prioritizing anonymity, the software can provide users with a safe and private experience, allowing them to use the software without fear of surveillance, data collection, or identity theft. Additionally, the software should also be designed to resist any attempts to de-anonymize users, such as through traffic analysis or other forms of surveillance, by using techniques such as encryption, secure communication protocols, and decentralized architectures. 5. **Sandboxed Environment:** The software should be designed to operate in a sandboxed environment, where it is completely isolated from the rest of the system and cannot access or modify any sensitive data or system resources. This means that the software should be executed in a virtualized environment, such as a container or a virtual machine, that provides a strict separation between the software and the underlying system. The sandboxed environment should be configured to restrict the software's access to system resources, such as the file system, network, and hardware devices, and should prevent the software from making any changes to the system or its configuration. The software should also be designed to operate within the sandboxed environment, with no dependencies on external libraries or services that could potentially compromise the security of the system. By operating in a sandboxed environment, the software can provide a high level of security and isolation, preventing any potential security vulnerabilities or exploits from affecting the rest of the system. Additionally, the sandboxed environment should also provide a clear and transparent way to monitor and audit the software's activity, allowing users to easily track and understand what the software is doing and how it is interacting with the system. 6. **Granular Permissions:** The software should be designed with a robust and granular permissions system, allowing users to control exactly what data and functionality the software has access to. This means that users should be able to grant or deny specific permissions, such as camera access, file access, or location services, on a case-by-case basis. Furthermore, the software should only request the permissions that are absolutely necessary for its core functionality, and should not request extraneous permissions that could be used to collect unnecessary data or compromise user privacy. By default, all permissions should be turned off, and users should be required to explicitly opt-in to each permission before the software can access the corresponding data or functionality. This approach recognizes that users have different needs and preferences when it comes to data sharing and access, and allows them to tailor the software's behavior to their individual circumstances. The permissions system should also be transparent and easy to understand, with clear explanations of what each permission allows the software to do, and why it is necessary. By providing users with granular control over permissions, the software can demonstrate its commitment to user autonomy and data protection, and can help to build trust with its users. ## Category: User Experience 1. **Simplicity and Ease of Use:** The software should be designed with simplicity and ease of use in mind, making it accessible to users of all skill levels and backgrounds. This means that the software should be easy to install, with a straightforward and streamlined installation process that requires minimal user input. Once installed, the software should be intuitive to use, with a clear and logical interface that makes it easy for users to find and access the features and functions they need. The software should also be easy to uninstall, with a simple and complete removal process that leaves no residual files or settings behind. Updates should be seamless and automatic, with clear notifications and explanations of what changes have been made and why. Navigation within the software should be straightforward and intuitive, with no obscured or hidden menus or options. All features and functions should be clearly labeled and easily accessible, with no unnecessary complexity or clutter. The software should also provide clear and concise documentation and support resources, including user manuals, tutorials, and FAQs, to help users get the most out of the software and troubleshoot any issues that may arise. By prioritizing ease of use and simplicity, the software can reduce user frustration and anxiety, and make it easier for users to achieve their goals and accomplish their tasks. 2. **User-Friendly Agreements:** Any legal agreements or terms of service associated with the software should be designed to prioritize user autonomy and flexibility. This means that users should have the ability to opt out of specific or all parts of the agreement, and that opting out should be the default behavior. In other words, users should not be required to opt in to any terms or conditions, and should instead be able to choose which parts of the agreement they wish to accept or reject. This approach recognizes that users have different needs and preferences, and allows them to tailor their relationship with the software to their individual circumstances. By providing users with the ability to opt out of specific or all parts of the agreement, the software can demonstrate its commitment to transparency, fairness, and user empowerment. Furthermore, the software should also provide clear and concise language in its agreements, avoiding legalese and technical jargon that could confuse or intimidate users. The goal should be to create a legal framework that is fair, flexible, and user-friendly, and that prioritizes the needs and interests of users above all else. 3. **Efficiency and Performance:** The software should be designed to be efficient and optimized for performance, using only the necessary processing power and resources to accomplish its tasks. This means that the software should be written with a focus on minimizing computational overhead, reducing unnecessary computations, and optimizing data structures and algorithms for speed and efficiency. The software should not intentionally introduce lag or delay, nor should it use more processing power than necessary to discourage certain behaviors or to create a perceived sense of complexity. Instead, the software should strive to provide a seamless and responsive user experience, with fast and efficient performance that allows users to complete their tasks quickly and easily. The software should also be designed to adapt to different system configurations and hardware capabilities, ensuring that it runs efficiently on a wide range of devices and platforms. Furthermore, the software should be designed to minimize its impact on system resources, such as memory and CPU usage, and should not consume excessive amounts of power or battery life. By prioritizing efficiency and performance, the software can provide a better user experience, reduce frustration and annoyance, and help to minimize the environmental impact of computing. ## Category: User Control and Autonomy 1. **Perpetual Access:** Users should have the freedom to access and utilize the software to its fullest potential, without any artificial restrictions, limitations, or time constraints. This means that the software should not be designed with expiration dates, subscription-based models, or other mechanisms that could potentially limit its use or functionality over time. Once a user has obtained the software, they should be able to continue using it, without interruption or degradation, for as long as they see fit. The software should not be subject to vendor lock-in, forced upgrades, or other forms of coercion that could compromise the user's autonomy or freedom to choose. By granting users perpetual access to the software, the developers acknowledge that the user has invested time, effort, and resources into learning and utilizing the software, and that they should be able to reap the benefits of that investment without fear of interruption or loss of functionality. 2. **Offline Capability:** The software should be designed to function fully and independently in an offline environment, without relying on a constant internet connection to operate. This means that all core features, functionality, and data storage should be self-contained within the software, allowing users to work, create, and interact with the software without any dependency on external networks or servers. Unless a specific feature or module explicitly requires an internet connection to function (e.g., online collaboration, cloud syncing, or data fetching), the software should be able to operate seamlessly in offline mode, without any degradation or loss of functionality. By prioritizing offline capability, the software ensures that users can work efficiently and effectively, even in areas with limited or no internet connectivity, and that their productivity and workflow are not disrupted by network outages or connectivity issues. 3. **User Data Control:** Users should have complete control over their data, with the ability to easily import, edit, delete, and export all of their data in a format of their choice. This means that the software should provide a straightforward and intuitive interface for managing data, with clear and concise options for importing data from other sources, editing existing data, deleting data that is no longer needed, and exporting data to other applications or formats. The software should also support a wide range of data formats, including CSV, JSON, XML, and others, to ensure that users can easily exchange data with other applications and services. Furthermore, the software should provide users with the ability to customize the data import and export process, with options for selecting specific data fields, filtering data, and transforming data into different formats. The software should also provide users with a clear and transparent view of their data, with options for viewing data in different formats, such as tables, charts, and graphs. By providing users with complete control over their data, the software can empower users to manage their data in a way that meets their needs, and help to build trust and confidence in the software. 4. **User Content Ownership:** Users should have complete ownership and control over any content created or generated by or using the software. This means that users should be able to export, share, and use their content in any way they see fit, without any restrictions or limitations imposed by the software or its developers. The software should not claim any ownership or rights to user-generated content, and should not use such content for any purpose without the user's explicit consent. Users should be able to export their content in a format that is compatible with other software and platforms, and should be able to use their content for any purpose, including commercial use. The software should also provide users with the ability to delete their content at any time, and should ensure that all user-generated content is stored securely and in accordance with the user's preferences. Furthermore, the software should be designed to ensure that users' content is not used for any purpose that is not explicitly authorized by the user, and should provide users with clear and transparent information about how their content is being used and shared. By giving users complete ownership and control over their content, the software can promote creativity, innovation, and freedom of expression, and can help to build trust and confidence in the software and its developers. 5. **Complete Uninstallation:** When the software is uninstalled, it should be completely and thoroughly removed from the user's system, leaving no residual files, folders, registry entries, or other remnants behind. This means that the uninstallation process should be designed to delete all files, settings, and data associated with the software, including any configuration files, cache files, and other temporary files that may have been created during use. The software should also remove any registry entries, system hooks, or other system modifications that were made during installation, restoring the system to its original state. Furthermore, the software should not leave behind any hidden or obscure files or folders that could potentially be used to track or monitor the user's activities. The uninstallation process should be transparent and straightforward, with clear notifications and progress updates to let the user know what is happening. Once the uninstallation is complete, the software should be completely gone, with no lingering presence or influence on the system. By ensuring a complete and thorough uninstallation, the software can demonstrate its respect for user autonomy and system integrity, and help to maintain a clean and organized system. 6. **Decentralized Operation:** The software should be designed to operate in a decentralized manner, where no single central server or authority controls the flow of data, updates, or functionality. Instead, the software should be able to function autonomously, leveraging peer-to-peer networks, distributed architectures, and decentralized protocols to enable users to interact, share, and collaborate without relying on a single point of failure. This means that the software should be capable of self-organization, self-healing, and self-updating, using mechanisms such as blockchain, distributed hash tables, or other decentralized technologies to ensure its continued operation and evolution. Furthermore, the software should provide a decentralized means of distribution, allowing users to download and share the software using peer-to-peer networks, such as BitTorrent, or other decentralized file-sharing protocols. By decentralizing both the software's operation and distribution, users can enjoy greater autonomy, resilience, and freedom, while also promoting a more open, inclusive, and community-driven development process. ## Category: Community and Cost 1. **Community-Driven:** The software should be designed to be community-driven, with a decentralized governance model that allows for collective decision-making and shared ownership. This means that the software should not be controlled by a single entity, such as a corporation or individual, but rather should be maintained and developed by a community of users and contributors. The community should have a say in the direction and development of the software, with opportunities for feedback, suggestions, and participation in decision-making processes. The software should also have extensive community support, with a strong and active community of users, developers, and contributors who can provide help, guidance, and resources to one another. This can include online forums, social media groups, documentation, and other resources that facilitate communication and collaboration. By being community-driven, the software can ensure that it remains free from corporate or individual interests, and is instead guided by the needs and values of its users. This approach can also help to foster a sense of ownership and responsibility among community members, who can work together to maintain and improve the software over time. 2. **Cost-Free:** The software should be completely free of cost, with no fees, charges, or subscriptions required to use it. This means that the software should be available for download and use without any financial obligation, and that users should not be required to pay for any features, updates, or support. Furthermore, the software should not have any paid or premium alternatives, such as "pro" or "enterprise" versions, that offer additional features or functionality for a fee. Instead, the software should be a single, unified product that is available to all users at no cost. By being entirely free of cost, the software can be accessible to a wider range of users, including those who may not have the financial resources to pay for software. This can help to promote digital inclusion and equality, and can also help to ensure that the software is used for the benefit of all users, rather than just those who are willing or able to pay for it. Additionally, the software should also be free from any advertising, sponsored content, or other forms of monetization that could compromise the user experience or create conflicts of interest. 3. **No Account Requirement:** The software should never require users to create an account or provide any personal information to use its full functionality. This means that users should be able to download, install, and use the software without ever being prompted to sign up, log in, or provide any identifying information. The software should be designed to operate independently, without relying on any external services or systems that require user authentication. Furthermore, the software should not use any tracking or analytics mechanisms that could be used to identify or profile users, even if they choose not to create an account. By not requiring an account, the software can provide users with a truly private and anonymous experience, free from the risks of data collection, profiling, and targeted advertising. This approach also respects users' autonomy and freedom to use the software without being forced to surrender their personal data or create a digital identity. The software should be designed to work seamlessly without an account, providing users with the same level of functionality and performance as if they had created an account. # Explanations You may be wondering about why I added certain things I did. Here are a few: 1. Readability and Code Quality: This is to prevent obfuscation or other things that prevent open source code from being easily readable and modifiable. It also means you can't release a compiled program and call it open source. 2. Modular and Extensible Architecture: Things like sideloading exist so that developers don't create a monopoly on proprietary-in-nature ways to change or extend software. 3. Uniform Deployment and Updates: Lots of companies (Google and Meta, to name a couple) will release slightly different versions of software to different people as a way to collect usage data for different designs and code adjustments. YouTube has also released a tool to do this with thumbnails. While I see the benefit, I personally do not agree with the idea that different users should be running different types of the same software. 4. Sandboxed Environment: Lots of software (such as games with anticheat) require you to run it in an unsandboxed environment and abuse those rights to gain privacy invasive access to the system 5. Efficiency and Performance: This section is due to one of my own personal experiences. Before I started my privacy journey, I had gotten a brand new flagship phone and installed Instagram on it. Instagram should have no problem running on the latest and greatest of devices. I noticed in a convoluted menu where you could set ad preferences, whenever I tried to change (manually, one by one, for each ad category) my ad preferences, my phone would get extremely hot and start slowing down until I exit the menu or closed the app. While I can't confirm, I can absolutely see motive for them to intentionally make the device commit digital suicide when you try to grasp any shred of privacy, and even if that isn't what happened, I don't like the possibility. # Thank you! Thank you all for taking the time to read through my philosophy. It took a lot of time and effort to create, and I hope I can make it better for everyone!