I don’t even use proprietary apps so most if the “security features” aren’t even useful to me
So only proprietary apps may have malware? Malware aside, only proprietary apps may have bugs that can be exploited? And all nonproprietary apps are perfectly safe? But seriously, there is so much wrong with that thinking.
Apps aside, GrapheneOS protects the actual OS and is kept up to date, much quicker than pretty much any other variant.
It is overly complex for no benefit to me.
What’s overly complex? Contact and storage scope I mentioned? You don’t have to use it. Separate profiles for work I mentioned? Again, don’t have to use it. GrapheneOS is one of the closest OSes to AOSP that I’ve seen. You could even just install the Play Store (which is in a sandbox by default, with no root, and you don’t have to do anything to specify that), only use the owner profile, and you get all of the security benefits with no extra work. You introducing F-Droid and using all nonproprietary apps is more complex than GrapheneOS out of the box.
Graphene sucks the life of android in my humble option.
What’s not “fun” or lifeless about it? It’s a phone. I use it exactly as I would a normal Pixel, with the exception of having the convenience of Google Wallet.
Everything is about security with anything else being second.
Would you rather it be all about fun/having life with everything else being second? That doesn’t sound safe. And I’m still confused about you saying it having no life.
I will say what I do differently vs a normal Pixel, is I use the storage scopes and lock certain apps to certain folders as well as contact scopes to lock certain apps to only see certain people. I don’t use my phone for work, but if I did, that would be a separate profile/user.
With Graphene, the recommended way is to use separate profiles, not Shelter or similar apps. Check out the official Graphene account on their forum:
https://discuss.grapheneos.org/d/12503-shelter-versus-native-gos-app-isolation-tradeoffs/10
They are expensive
Sometimes you get what you pay for, and…
I don’t want to give money to Google
I get that, but your purchase (the entire Pixel department, to be honest) is a drop in the ocean to their profits. They won’t notice you not buying one at all. You’re handicapping yourself in the mobile security arena (not being able to install GrapheneOS) to take the high ground and not effect a tech giant.
That aside, if you really don’t want to give Google, buy one from a reseller and not from the Google Store.
Do they all really? I know GrapheneOS does, and I think DivestOS even says “use my OS to stay as up to date as possible, but if you have a current/supported Pixel, use GrapheneOS instead for superior security.” But I don’t recall other OSes really going “we’re more secure than GrapheneOS and here’s why.”
It’s doomed to become a nazi bar…you can just go to an instance with admins you trust better or make your own instance
Ok, how is that different than Nostr? Don’t like your Lemmy instance admins rolling against your Nazi views? Join a different instance. Nazi sympathetic instance gets defederated by everyone else? Make your own instance.
Startpage, which is still recommended over at privacyguides.org
For now. There is an open pull request to remove it due to Startpage fingerprinting users (I didn’t delve into it to see if it’s true, but that was the reason given). And just because it’s been suggested doesn’t mean it will be removed, so time will till.
https://github.com/privacyguides/privacyguides.org/pull/2577
Sounds to me like you need an upgrade. I tried Jerboa, but it felt like it always lagged behind or was buggy for some reason. Then I switched to Voyager, which gets constant updates. Also, it’s a PWA, so I don’t need an app and it can thus be used on mobile, tablet, desktop, etc. Not to mention the theming is one of the best, in my opinion.
when humans were asked to solve distorted text CAPTCHAs, they were able to solve them in 9 to 15 seconds…and were only able to get the answer correctly 50-84% of the time…bots taking the same texts were able to answer the same tests in less than a second, and they were able to do it more accurately — 99.8% accurately, specifically.
https://www.pcmag.com/news/bots-better-at-solving-captchas-than-humans
win10’s dying next year?
Windows 10 reaches End of Support on October 14, 2025, unless you opt for the paid Extended Security Updates (ESU) program (prices not released, that I saw), which some businesses with “legacy” apps do.
No adblocker built in
They actually added a basic content blocker back in mid February, and plan on improving it over time:
Github source: https://github.com/GrapheneOS/Vanadium/releases/tag/122.0.6261.43.1
Discussion forum: https://discuss.grapheneos.org/d/11000-vanadium-version-12206261431-released
It depends on whether you need Google services or not.
I would get a Pixel with GrapheneOS regardless of if you need Google or not. Graphene does a lot more than just sandbox the Play Store.
Gecko-based browsers are, what, 1% of the browser market?
Last I checked, Firefox was close to 3%, but you right, still not a large number.
Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that’s for sure.
It doesn’t have to attract the most attackers, especially if it is notoriously weak. You shouldn’t choose software that is easier to exploit simply because it’s more obscure. Do you also choose weaker encryption algorithms because no one uses them? I sure hope not.
And your comment would probably ring a little more true, except we just had the xz debacle, and guess how much Linux has of a market share? Probably close to Firefox’s, both in the single digits.
Sounds very similar to Safing Privacy Network. They route different applications across nodes (Tor-esque).
After following your Github link, I found my way to the blog post that it looks like you are quoting
You mean the quote block where I said it was undergoing a large rewrite and don’t submit any feature PRs? That was actually the first two sentences of the README.md on the TeamNewPipe GitHub link I gave lol.
From what I understand, NewPipe has been abandoned…
That’s completely incorrect. From NewPipe’s Github:
We are planning to rewrite large chunks of the codebase, to bring about a new, modern and stable NewPipe. Please do not open pull requests for new features now, only bugfix PRs will be accepted.
…and someone else forked it to Tubular which includes SponsorBlock.
polymorphicshade “stopped” development on their fork of NewPipe, which included SponsorBlock (because NewPipe did not want to include it) and started working on their rewrite of their own fork and/or NewPipe, which is now Tubular.
- Mainstream cloud storage providers like Google Drive and iCloud have access to users’ files, posing privacy and security risks.
- Nextcloud is the preferred secure cloud storage option, but has drawbacks like the need for technical expertise to self-host and issues with end-to-end encryption.
- Filen is a user-friendly secure cloud storage option, but has some concerns around encryption implementation.
- Mega offers a large free storage plan, but has had past security issues and controversies.
- Proton’s secure cloud storage is part of their broader privacy-focused ecosystem, but has some app and feature inconsistencies.
- Cryptomator is a useful tool to add an extra layer of encryption to any cloud storage service.
- Apple’s Advanced Data Protection is a proprietary solution that lacks transparency compared to open-source alternatives.
- It’s important to weigh the risks versus benefits when choosing a cloud storage provider based on the sensitivity of the data.
- Switching to a more secure and privacy-focused cloud storage option is worthwhile, even for non-sensitive data.
- The article encourages users to take steps to improve their cloud storage privacy and security, rather than relying on mainstream providers by default.
Courtesy of Kagi’s Universal Summarizer’s Key Moments.
As you said, it’s hard to calculate an exact number. But if you think your search results are only worth $1/month, that’s up to you to determine. I know if I was an ad-broker or profiler, I’d pay more than $1/month/person as that’s valuable information, in my opinion. And Kagi is worth much more than that to me. Proton theorizes:
If Google Search market share is also 90% in the US, that’s over 274 million people using Google, and the company earns $393 per year from each of them.
maybe $1. That’s way more than the ad revenue search engines get
And where did you come up with this info? Source? Do you really think that search engine ad revenue (for the engine itself, not what one measly advertiser gets back) tops out at “way below” $1 per person?
In 2023, Google’s ad search revenue amounted to 175 billion U.S. dollars.
Why does Kagi Search require an account? Kagi Search requires an account only because it is a paid service which requires an account for the transaction. Note that Kagi does not collect any personal information for billing and that you can even use an anonymous payment card such as Privacy if you want to.
I’m not terribly thrilled with it, but a lot of VPNs do as well. Plus, this is their business model. If you’re not paying for the product, you are the product. If they’re caught double dipping (taking our money and lying about logging to sell), they’ll be out of business shortly.
They do claim to log practically nothing. https://kagi.com/privacy
If you search a lot, you should really look into Kagi Search, “a highly accurate, lightning-fast, user-centric, 100% privacy-respecting search engine with results augmented by non-commercial indexes and personalized searches.” Much better than the ad-supported ones, or even DDG, in my experience.
allow to display it without having to download?
I can view the site without having to download with the below link. So not sure what you mean?
https://privacyspreadsheet.com/messaging-apps
Edit: this is with Vanadium in incognito, if it matters.
No Molly, an independent Signal fork for Android, listing? Among other things, Molly handles data encryption at rest better and also has Tor support…which your spreadsheet doesn’t even list Tor support.
I can understand not wanting to including Molly due to it being only on Android (though I think/hope a lot of privacy enthusiasts run GrapheneOS on Pixels) even though it currently rides the Signal servers so in compatible with other Signal clients, but at least add Tor compatibility, please.
There are three big reasons why we’re removing SMS support for the Android app now: prioritizing security and privacy, ensuring people aren’t hit with unexpected messaging bills, and creating a clear and intelligible user experience for anyone sending messages on Signal.
To me, all of those reasons are BS and easily gotten around. “Unexpected messaging bills?” Have a popup that warns you that this user doesn’t have an account and is about to send a SMS, potentially incurring a cost, as an example.
They just didn’t want to maintain the code and chased some users away. https://www.signal.org/blog/sms-removal-android/
Since SMS is already sent in the clear, I actually use Google Messages. For those who also have it, it upgrades the SMS to RCS with end-to-end encryption. Sure, it’s nowhere near as good as Signal (which OP says these people won’t use), but it’s better than plain-text SMS.
I am using rethink dns so i can’t run a vpn
RethinkDNS VPN / Proxifier: Rethink supports forwarding TCP and UDP connections over SOCKS5, HTTP CONNECT, and WireGuard tunnels. Split-tunneling further helps run multiple such tunnels at the same time and lets users route different apps over different tunnels. For example, one could route Firefox over SOCKS5 connecting to Tor, Netflix over WireGuard connecting through any popular VPN provider, and Telegram or WhatsApp over censorship-resistant HTTP CONNECT endpoints at the same time.
To be fair, while you may not be getting money in its direct form (cash, bank deposit, etc) from Google, they are providing you a service which costs them money for free. So they are providing something of monetary value.
Only the individual can determine if their data is worth that free (to the individual, not free to Google) service. I’m assuming that most people in a privacy community would be against that, though.