Have you tried using a P2P exchange such as Haveno

smspool seems like a much simpler / cheaper solution.

I do this as well. Bought one from njal.la for $15/yr

Sadly privacy is inconvenient. That’s the world we live in.

I bought a domain for $15/year that I use in these cases. It has the added benefit of being able to manage it through the simplelogin dashboard.

The investigation did not spotlight the similarly-named Matrix open source communication protocol.

Feel like there are going to be a lot of confused Lemmy users who won’t read more than the title.

The mindset about privacy is just all wrong. It’s not an all or nothing game. Any privacy gain is a net positive to no privacy at all.

To many people conflate privacy with anonymity or try “accomplish” privacy without understanding what they want to be private from and why.

I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock.

Its always the lineageos stans that can’t take the truth.

Would a research paper change your mind?

https://infosec.exchange/@rene_mobile/113431029855652363

According to this table, Google Pixels beat other devices listed there by far. Even Samsung S-series doesn’t look good

What about a security expert?

Overall, LineageOS does not leave a privacy-friendly or truly secure impression

Author says it should work even in airplane mode which is pretty cool.

Instead of naming my all time favorites I’ll name my most recent favorites…

Inter Profile Sharing - FOSS app to share files and text between android profiles. Super useful as a GOS user.

WG-tunnel - A way more feature rich version of the Wireguard app.

No worries. They are both good VPNs. You really can’t go wrong.

The problem is they were bought out by Pango which is not a trustworthy company.

I have used both Mullvad and AirVPN for extended periods of time.

Mullvad is the gold standard. If you don’t need port forwarding and privacy is your biggest concern there is no better choice. Check out their server infrastructure, and tools such as DAITA / Leta / Mullvad browser to see how much they contribute to the privacy community.

Mullvad is also a much better UX. AirVPN Eddie client feels like its stuck in 1998.

Both are good VPNs - Mullvad just happens to be the best. The only real issue, from a privacy perspective, with AirVPN is they refuse to be audited so you are stuck just trusting they do what they say but OTOH they have been around for a long time and never given a reason not to be trusted.

If you do need port forwarding, AirVPN probably has the best implementation of it. They also have customizable DNS on a per device level which is also pretty cool.

Looks like they

• collect “depersonalized” data
• they use hidden pixels for tracking
• allow advertisers to gather info such as your IP address

So they share “depersonalized” data with advertisers.

They user hidden pixels to track you on their website.

And they allow advertisers to collect your IP address to send you personalized ads.

Maybe I’m just being dumb and can’t find it but…its a massive red flag for a VPN not to have a privacy policy.

You will be surprised to learn not everyone lives in the EU ;)

There will be a ton of great privacy services that will be unaffected or will just leave the EU market (including signal). No need to switch to a completely unproven chat.

Sorry my bad, I should of responded in a more professional tone.

Yeah I totally agree there is a valid reason to have the function but its all moot if the function doesn’t work correctly.

Either you didn’t read the github comments or dont understand how vpns work.

If the VPN over hotspot function leaks data outside the tunnel, then your phones data is going to be revealed in the clear.

No offence but that’s terrible logic.

There is no point in using a vpn if you don’t care if your data leaks outside the tunnel.

It would be much better to just use a free VPN, like proton, on all devices instead and then just use the regular hotspot functionality.

Yeah Im gonna pass on the non audited chat with only 5 stars and stick to using signal.

LineageOS implementation of this is poorly done and will leak data outside of your VPN tunnel.

https://github.com/mullvad/mullvadvpn-app/issues/4016#issuecomment-2422616515

I doubt it. I think OP wanted upvotes and didn’t read carefully. Something like “tor user de-anonymized via retired app” would of been more accurate.

This is another great lesson that even the best privacy tools can’t protect a user from their own bad opsec.

It just sucks as a lot of Lemmy users will just read the title and assume its true and then tell their friends tor is no longer safe.

Yeah not sure why OP felt the need to use such a click-bait title.

Thinking isn’t your strong suit

I think your misinterpreting your own social anxieties as being made to feel like an “outcast”.

The fact of the matter is it’s just not normal to question why a store wants your phone number and I’m sure the cashier was taken aback by the whole situation.

Convenience, not privacy, is the norm. There is going to be tons and tons of awkward social interactions when you go against social norms. Accept it and be proud your advocating for your privacy.

Its a pretty low bar but Android is going to be more private then Windows. Google having privileged access to your phone is still terrible but Windows doesn’t really have any privacy protections by default. Android at least does things such as sandboxing its non privileged apps. It also provides a lot better hardware security for your data then most Windows devices would…outside of secure core pcs its pretty trash for hardware privacy in the Windows world.

Yeah. The 2$/month port forwarding option can also be a great deal as well especially if combined with the lifetime pro memberships they used to sell for $30 back in the 2010s.

Mullvad, IVPN, and Proton are the top tier for privacy respecting VPNs.

Windscribe and AirVPN are also decent options but do not have the audit history to be in the same tier as the other 3.

Most other VPNs people mention either have a dubious history or no real proof of their claims to be privacy respecting.

Tor cant save you from bad opsec.

It sounds like they just report the number they are sure of at the time and update the filing later. Very high chance the number of affected is much more then 1.3M - the number of unique email addresses alone makes it pretty clear its more.

The situation doesn’t come without precedent either. It’s not uncommon for organizations disclosing data breaches with US state officials to update those filings down the line as investigations into potentially compromised data continue.

Would be basically impossible. Most of what is leaked these days is just rebundled from other leaks. For example if you listened to MB on this its only a small % of data from new leaks that actually ends being new info.

Any attempt of doing something like this would prove to be trash data pretty quickly and would not have a major effect.

That’s fair, and the reasons why someone buys a phone is a personal choice.

I would suggest with things like a headphone check that, while its annoying to buy an adapter (usb-c to headphone) it may be worth the cost vs sacrificing something like hardware security.

Sadly a lot of the time consumers are forced to choose between security and privacy or convenience.

If the security benefits of a pixel is less important then the fact Google made it then GOS is simply not meant for you.

Its silly people complain about it being only compatible for pixels but never seem to blame other android brands for making significantly less secure phones. The responsibility should be put on phone makers to create secure phones that meet GOS requirements, not to expect GOS to make a less secure OS.

The whole AOSP environment is very Google centric so its pretty weird to think because your not buying a pixel that you are somehow avoiding Google.

No worries, I’ve done a ton of times!

Wrong guy. We agree. Try and read carefully.

Lol because there has never been an issue with randomized data. This also does nothing to alleviate the issue of privileged access. You are clueless.

I think your in a situation that a lot of users fall into, where your making your life harder without any benefit to your threat model.

You really have no reason to switch from Proton to Mullvad based on your threat model.

I am not going through this wall of BS point by point but here is a fine example of how I know you have no clue what your talking about…

One place I strongly disagree with Graphene OS is the sandboxed Google services framework. They say having Google in a sandbox is more secure. It may be more secure, but it isn’t going to be as private as MicroG.

MicorG has privileged access to you phone, it literally has no privacy benefits over even standard Google Play. You are just choosing to trust MicroG with that level of access instead of Google.

Honestly just don’t use GOS if you don’t believe in its benefits or at least sack up and post this on their official forum.

I would probably focus on getting that fixed and tell your employer that they need to provide you a work phone or pay you a stipen.

Profiles are a pretty big feature to not having working on Android in general but, especially on Graphene.