It likely wasn’t federated to lemmy.zip. Try subscribing to it and then reloading it a few times. Otherwise you can go to it directly from https://slrpnk.net/c/money to see what should be showing up once it’s federated.

Since Taler isn’t operating in the same way as the wild-west of crypto, and needs to secure the adoption of existing banking institutions, its rollout is going to be much slower.

It hasn’t been widely adopted yet, but the big change that occured is it only just recently released a stable 1.0 version that makes wider adoption possible, and passed some essential security audits, including for iOS.

In addition to recently being approved and available in Switzerland, it is also planned to be added to a Ko-fi-like payment/donation system thanks to a grant by the NLnet foundation, which will hopefully enable it to gain wider adoption by creators or youtubers, as an example. In the future, it could become a replacement for Zelle if more banks adopt it (I suspect credit unions would be more likely to give it a try, if they became aware of it by their membership, and it was requested a lot).

There’s a bit more discussion of it over at !money@slrpnk.net, if you’re interested.

It likely does have more representation and mind-share here on lemmy since it aligns with the ideals of many users here in particular, we’re going to be more tuned into alternatives like that compared to the wider population.

GNU Taler is an anonymous digital cash, but it’s not yet widely adopted, I think only a few banks in Switzerland are using it. Hopefully if continues to gain momentum.

I got that notification for the first time today as well, guessing it’s just a tactic to get people to create accounts they can data mine to sell to AI companies.

This has not been my experience, at least on a 4G device. My internet/data still work fine on a 5 year old device.

As an owner of a 4a, I can tell you with confidence that my device has not received an update in any form for many, many months now. It is effectively unsupported, and certainly is insecure in comparison to a Pixel 6 or newer.

The GrapheneOS developers themselves have stated in their forum that they will no longer provide extended support beyond the Pixel 5a, and that the extended support it has is already effectively insecure:

You should already be treating it as if it’s not receiving updates anymore, since that’s largely the case already.

Providing extended support doesn’t fit with the way we do things at all and is ending after the Pixel 5a. It’s a temporary compromise for harm reduction through existing users at least getting some of the patches despite not moving to a secure device. When this topic comes up in this way, it hints to us that we may be doing more harm than good through people continuing to use an insecure devices. We’ll certainly stop doing it with the 5 and 7 year support devices.

A day ago, a GrapheneOS dev said of the Pixel 4a:

It’s unsafe to continue using the Pixel 4a. It lacks basic security updates. Pixel 4a was launched August 2020 so it’s at the 5 year point. It was a budget device, not a flagship. It was launched with 3 years of support, unlike 8th/9th gen Pixels with 7 years of support from launch or the prior 6th/7th gen Pixels with 5 years of support from launch.

So for the Pixel 4, it effectively received about an extra year and half of tenuous support. The Pixel 5 will receive a few more months of tenuous extended support, then there will be no extended support for any future devices, meaning users will have to upgrade at the end of Google’s official support cycle for each device.

From the link:

GrapheneOS aims to provide harm reduction releases for devices which only have a minimum of 3 years support. Extended support updates at minimum will be done until the next Android version.

Emphasis mine. That quote does not imply they will provide an additional 3 years of support, only that they will offer the harm reduction updates from the end of official OEM support until the next version of Android is released.

I have personal experience with this, as my quite old Pixel 4a received harm-reduction updates from GrapheneOS for an additional few months into 2024 until the next version of Android was released, but that did not result in years of support. It is now completely unsupported, and has a warning on every bootup that says as much.

Further along they then say:

It is likely that we will make a decision around harm reduction releases for other devices with longer lifetimes in Q4 2024.

This implies they may actually stop doing post-support harm reduction updates for the newer devices that have longer support lifetimes from Google.

There’s nothing in that link to indicate 15 years. OEM support means Google’s support, not graphene’s. GrapheneOS does usually offer a few harm reduction releases beyond the official support timeline, but that’s a few months of extra time, not years.

GrapheneOS supports a phone model for as long as Google officially does. You can see the support lifetime of each model here: https://endoflife.date/pixel

If you want to keep an updated phone constantly, you’d have to upgrade every 7 years.

If you’d be interested in a tracker-like DAW, Renoise has a native Linux version.

For more traditional DAWS, Bitwig and Reaper are the two best Linux native options. Reaper is quite cheap, and also offers a trial version that just nags you like winrar.

We put together a privacy guide with different tiers of inconvenience, which you may or may not find helpful:

https://slrpnk.net/post/17910446

Glad to hear they’re improving the 2FA! I did forget about their office suite and file storage ability, which does set them apart from all except Proton.

Tuta does not allow you to use third party email clients like Thunderbird.

Offering a free tier lets people try the service, and encourages them to become a paid user if they run up against the limits of the free tier.

From what I understand, Tuta may have a slight edge theoretically, but email itself is a pretty poor protocol when it comes to privacy.

Tuta was forced by court order to implement a message logger for an individual, but AFAIK all of their previous messages were encrypted and could not be read by Tuta, and therefore the Government could only see new unencrypted messages coming in before they were encrypted.

Disroot only recently implemented at-rest encryption, so that should be fairly solid now. Posteo also allows you to encrypt your inbox and calendar at rest.

Even with that, consider all private email providers as mostly just to avoid surveillance capitalism (to prevent your data from being mined and sold), but with only marginal protection from state agents.

Tuta and Posteo are both pretty excellent (posteo is cheaper, but has a few less options that might be a deal breaker if you need them, like custom domain support).

Disroot is a good free option, and they offer custom domains after a one time donation.

Mailbox is okay, though they are known to have a very odd 2fa, and will recycle your address if you ever stop paying, allowing others to claim it and potentially impersonate you.

Posteo is unique in that they’ll never delete your account for inactivity, or even if you stop paying, where they’ll let you access and read emails, but not let you send them until you pay again.

Edit: apparently Tuta is going downhill according to others here, which is unfortunate :(

Depends on your needs. Matrix can mostly replace the functionality of Discord, which makes it stand out despite its flaws.

If you just need group chat, encryption, and 1 on 1 calls, XMPP is easily self hosted and highly scalable.

SimpleX seems to be another decent option that’s decentralized.

This post on the subject of privacy may be relevant.

AFAIK, GrapheneOS supports the Pixel Tablet, which is probably the only truly secure android tablet on the market.

If you’re willing to sacrifice some UX, there are some Linux tablets. A cheaper option could be a 2-in-1 chromebook that allows installing Linux.

Otherwise, you could try to degoogle your Samsung tablet by installing LineageOS on it, if it’s supported.

From what I’ve gathered recently, the Mullvad browser left unmodified and combined with a VPN is one of the most private browsers you can use, short of using Tor.

I’m coming around to this conclusion, and updated the post to reflect that. For something as important as a browser, it’s a little concerning the Librewolf dev team is so short staffed, but they do seem to be holding their own. I hope they’re able to stick around long term.

That’s a well reasoned take, honestly.

As I investigate other options to LW, all of which also require a certain level of trust and/or diligence, ultimately I’m finding LW seems difficult to replace, as it does walk that line between ‘good enough’ security/privacy and convenience. The Phoenix project seems promising, but so far is only convenient on a few distros, leaving Windows users with LW, or perhaps Zen.

To clarify, the only relevancy PrivacyGuides has here is that their forum is where I found the link to the Arkenfox github issue, and how their arguments against Librewolf appeared to have been potentially validated by said github issue.

The main concern is that github issue, where one of the main developers of Arkenfox, from which Librefox is derived, claims:

LW since fxbrit left/died/who-knows has gone to shit - I worked with him behind the scenes to make the right choices and while he would do his own analysis, we always agreed, and his voice influenced them. Now they don’t know what they are doing, and in fact have compromised security and make really stupid decisions. Same goes for all the other forks - really dubious shit going

And directly after which a Librewolf team member then voices agreement that Librewolf’s quality control has degraded since the departure of fxbrit.

Now it could be that the Arkenfox dev is exaggerating, and tbh he comes off as a bit of a prick later in that github issue, but overall, I’d say it merits at least some concern (though perhaps less than I originally thought)

According to their intructions, it would seem it’s trivial to install and receive updates on the supported linux distros:

By default, Phoenix is installed & updated via your operating system’s package manager. This allows for fast, easy updates & fixes as needed, right with the rest of your system!

Windows isn’t support though, so it would be a far more manual process there.

Another user here mentioned the Phoenix project, which may be a good solution for us, as I share the same goals.

I haven’t looked into Zen, I’ll do a dive on that now.

Cheers for mentioning that, I hadn’t heard of Phoenix, but looks like an excellent alternative.

I haven’t given it any research since it’s chromium based.

Unfortunately, adding any addons to the Mullvad browser would defeat the purpose of using it somewhat, since it would defeat the anti-fingerprinting methods.

The Librewolf team member said they’re falling behind on keeping the arkenfox tweaks up to date even as they put out new releases. Perhaps they are able to keep up with Firefox security updates despite that, which I suppose would still make them a better option than vanilla Firefox, but it does give reason to keep a closer eye on them.

I believe Brave is better from a fingerprinting perspective, if only due to it being easier to blend in with compared to Cromite, though Cromite has far better security AFAIK.

I agree on Brave, and I also avoid it so as not to solidify the chromium browser dominance any further.

However, from all I have read, Firefox Mobile based browsers truly are less secure from a technological standpoint. I think for most people, Firefox Mobile is secure enough for it not to be enough of a deciding factor to use a chromium browser, but objectively it is worse. Mull was making the best of that despite the downsides, so hopefully the IronFox fork succeeds on mobile.

And despite their recommending Brave, I think the arguments against LibreWolf do have some merit.

Nice thing about Posteo, and which is AFAIK unique to them now, is they will never delete your account even if you stop paying. If you cease payments, they will let you log in and continue to receive email, but you cannot send emails until you pay again.

The only way your account gets deleted is if you manually delete it yourself.

Proton used to say your account would never be deleted from inactivity if you’d made at least one payment for premium service, but that policy was walked back last year I believe.

Disroot has an encrypted inbox available via an opt-in beta, so hopefully it becomes the default soon.

Wasn’t aware of that, thanks for the heads up.

FYI, Posteo will never delete your account, and will still let you log in and receive emails even if you stop paying (you won’t be able to send emails until you pay the $1 a month again).

They apparently will only recycle your address if you explicitly delete your account yourself.

Tuta and Mailbox.org allow custom domains.

Mailbox.org is another good one.

EDIT: Apparently they recycle addresses, so if you ever cancel your subscription with them, someone could eventually sign up with your old address and receive any mail from places you didn’t switch over to a new address, which is concerning.

Posteo, Mailbox.org, and Tuta are all good alternatives.

EDIT: Mailbox.org will eventually recycle your address if you stop using their service. Something to be aware of.

You may want to give Freetube a try, which may avoid that issue (especially if combined with libredirect).

AirVPN has a pretty good reputation AKAIK, and their 2-year plans are cheaper than Mullvad and Proton.

The best replacement I’ve found is the Freetube client combined with Libredirect in the browser.