Any Brave alternative that works on iOS?

I’ve installed brave on some familly iOS device because that’s the best I could find at the time. But hope to find a good replacement.

Cromite use a third party repo, rather than being in the main one. And I’m hesitant to add repos for my system’s security.

Do anyone has some informations or sources on Cromite’s maintainer, whether cromite.org is safe to add to repos?

This could further accelerate the arms race between malicious srappers and websites.

My fear is this would create collateral damage, block legitimate scrappers and visitors, hassle people with an increasing number of captcha.

Please make an effort to avoid X.

If you’re looking for someone’s or an organization’s feed, look for alternatives such as:

• Look for that person’s Mastodon account,
• Look for a blog or website. It may have a RSS feed, if not try https://fetchrss.com/generator/generate
• Look for a bluesky account, and get its RSS feed with a tool like https://fetchrss.com/generator/generate

It’s less creepy than asking “This is your home address, isn’t it?”

Recall the time when Windows came on a DVD, had no Microsoft account option on install, no ads in settings nor in the startup menu, no AI slop.

It was still shit, but it feels shittier now, and harder to setup and configure in a way that’s bearable.

Thanks for the information.

The app is distributed in a third party repo, not the main F-Droid repo, so before installating I’m trying to check if it’s open-source, had some independent review, and is safe to install.

The source is available but the license isn’t recognised as OSS according to the OSI website. https://gitlab.futo.org/videostreaming/grayjay https://opensource.org/licenses

This may explain why it’s not in the main F-Droid repo. It’s better than closed source anyway.

Alternatives like actual cash, proof-of-stake cryptocurrency, or even EMV.

Most alternatives aren’t completely anonymous payment methods, but Monero’s anonymity isn’t worth wasting so much resources.

Monero has a disproportionally large energy usage and footprint on the environment. https://www.nature.com/articles/s41893-018-0152-7

Please consider less wasteful alternatives. Every bit help, it’s about keeping earth safe for human life.

Briar use Tor by default as well for Internet connections, so I don’t think Session is unique in that way. And both appear decentralized.

A difference is that Briar is Android-only, whereas session is available on more platforms https://sourceforge.net/software/compare/Briar-vs-Session-vs-Signal/

It’s good that people are working on privacy-preserving tools. But I wish they’d coordinate to avoid fragmentation. Work on common/standard messenging protocols, so that people can talk to each other even using different software.

Currently it feels like going back to the 1990s-2000s, with ICQ/AIM/MSNM being all incompatible, and every single one being unable to communicate with a large fraction of your contacts.

First impression: why another messaging system?

It may be fine, but what does it bring that Signal/Briar/Matrix/XMPP+Omemo doesn’t have? Does it use existing standard protocol or encryption that’s compatible with other messengers, to avoid fragmentation?

You’re right. Above, I was referring to the bitwarden desktop app. See https://github.com/bitwarden/desktop

It’s an electron app, and there’s no auto-update solution for DEB packages (ie no DEB repo for apt auto update).

Some people are probably happy with it, but I prefer KeepassXC which is more lightweight (ie not electron based) and can auto update via APT.

I hear good thing about Vaultwarden, but the web UI is horrible.

Vaultwarden’s web UI is very confusing, especially the search feature. And it’s difficult to move items between folders/collection. The desktop app is available as DEB/RPM package but without auto-update, which isn’t great.

Fon now I’m sticking to KeepassXC because the desktop app for my Linux distribution has a package for it and allows auto-update. The UI works well, and it has decent browser integration. Syncing isn’t smooth, but I can live with this.

Privacy Badger focus on blocking trackers. uBlock origin blocks all kind of things Ads,Trackers,etc and so it have a higher risk of breaking sites.

Yes, they’re mostly redundant. Happy uBlock Origin users should probably keep using just uBlock. People who don’t use uBlock to avoid breaking websites, or just want to block trackers, should use Privacy Badger.

I strongly recommended installing EFF’s Privacy Badger on your and your relatives browsers.

This stops many trackers, and causes less side effects and less breakages than most filters (unlock et all).

This might also apply to many news article for software vulnerabilities.

If it’s not a 0day, a patch is already available. So users shouldn’t do anything particular if there’s (semi)automatic update, which is the case for Win, iOS, and many Linux distributions.

It’s worth people’s attention if it’s a critical 0day where user need to mitigate manually, or if users need to update manually due to lack of auto update.

You should know when and how you are being tracked, and you should have an easy-button to say thanks, but no thanks.

Opt-out!? That’s not even close to being a good solution.

Your data should not be collected, and you should not be tracked, UNLESS you agree yo it, ie opt-in, AND data collection is proportional/appropriate for the stated goal.

That’s the spirit of GDPR.

The mobile standard setter, GSMA, and Google have said encryption will be coming to RCS, but there’s no firm date yet.

GSMA, please don’t come up with yet another poorly designed encryption standard.

The IETF is already working on Messaging Layer Security (MLS), please work with IETF and adopt MLS. IETF have more experience and do a good job at designing secure protocols. And multiple organisations and services are already working on adapting MLS (Mozilla, Google, Matrix, Wire, …)

Telling your contacts not to use Google nor Meta/Facebook. If everyone you email use gmail, then Google has all your emails.

It would be fair to compare browsers without adding extensions, with default settings.

This would show which browser have the best security and privacy out of the box. Also, the comparison would be practically impossible otherwise.

Most people use defaults, and I suspect a large portion of users install no extension, unless maybe if a tech-savy relative adds an adblocker.

While that’s true, but there’s no indication of Microsoft brute forcing with million of combinations.

The article you link says Microsoft is only trying a few obvious passwords: the filename, and words found in the plaintext message.

Proper encryption isn’t just about using a strong algorithm. It’s also about proper key management, ie not sending the password in the clear via the same channel as the encrypted files.

ZIP isn’t a good way to encrypt, but what Microsoft is doing is simply reading the email, and decrypting zips with the password found in the email body.

All encryptions schemes can be trivially broken if you have the key. It’s not even breaking, it’s just normal decryption.

Quite the contrary.

Password hashing is standard nowadays.

When a database is compromised, brute forcing hashes is necessary to recover passwords, and the short ones are the first ones to be recovered.

Taler is closer to an EMV card alternative, rather than a cash alternative.

Hopefully cash remains. But regions and businesses are already starting to go cashless, so I’d rather have Tale as an option.

Would Taler be more resilient than a typical EMV/AmEx card? It’s designed as an online payment system but it’s less centralised, so that could help.

It’s already an attractive project due to its privacy feature, and due to it being more regulation-friendly that cryptocurrencies. If it’s resilient enough it could act as a digital cash.

Thanks for the explanation. I’m considering Matrix but will hold off, at least until v1.11 or v1.12 solves the unintended CDN issue described in another comment here, cf https://matrix.org/blog/2024/06/20/matrix-v1.11-release/#continue-reading

I’m interested into the technical details, not actual URLs. How come servers cited in the video keep hosting/seeding chatrooms despite closing corresponding accounts? Is this impossible due to Matrix’s design, or is it poor moderation from server admins?

About URLs: the author is absolutely right to blur these. The only people he should be sharing this is police, or maybe admins if they’re not aware of the abuse on their server.

That’s the first time I hear of Matrix having this issue.

I’m curious to know more, but the video only cite an anonymous source. Are there evidence or more technical details available regarding this?

Scams, identity thefts, manipulation through targeted ads (eg Cambridge Analytica), malware delivered via ads

Twitter/X is such a cesspool. The end of nitter is an occasion to completely stop using Twitter, and instead go to the fediverse, subscribe to a newspaper.

I had to start using Google Messages recently because Signal dropped SMS support. It sounds like it’s time to switch SMS app yet again. Sigh.