You’re on Android use NewPipe and it’s forks, personally I prefer Tubular and PipePipe.
Periodically YouTube will break, but both of those forks, as well as new pipe prime, update fairly quickly.
GrayJay is interesting… It has different feel and feature set than newpipe, but it’s worth using. I will say I get more login errors with GrayJay, but closing the app and reopening it resolves it.
All the piped apps will be in f-droid/droidify, you can download GrayJay directly, or just scan the QR to add the repo to a FOSS repo manager.
You’re on Android use NewPipe and it’s forks, personally I prefer Tubular and PipePipe.
Periodically YouTube will break, but both of those forks, as well as new pipe prime, update fairly quickly.
GrayJay it’s interesting. It has different feel and feature set than newpipe, but it’s worth using. I will say I get more login errors with GrayJay, but closing the app and reopening it resolves it.
All the piped apps will be in f-droid/droidify, you can download GrayJay directly, or just scan the QR to add the repo to a FOSS repo manager.
I believe Tails already supports I2P, you just have to enable it in the terminal and reboot.
I don’t know who this developer is, maybe they are well-known and well regarded.
I just know that for an OS, better to be safe than sorry and go with and established and well respected project such as Tails IMO.
Not trying discourage users from trying it, just that they should be mindful of the risks and adjust their behavior accordingly.
The inability to relock the bootloader is gigantic security vulnerability. It negates, or entirely voids, a significant amount of a devices physical security, including FDE.
There are other security issues with LineageOS, but that’s part of the trade-off. There’s nothing inherently sinister or incompetent about that, it’s just the nature of the beast.
Regardless, I’m not here to chastise anyone’s choice of OS, or to even imply that there is a right, and wrong ROM, there isn’t.
I was just pointing out that there are pros and cons, and users should be aware of them when making those decisions.
Security and Privacy are not the same thing.
Stock Google is absolutely a hit to ones privacy, but LineageOS is a often big hit to device security.
If you don’t have a Pixel, and therefore can’t use GrapheneOS, check and see if your device is compatible with DivestOS.
However, neither will offer root support for reasons that both devs have decent write-ups explaining within each project’s documentation.
I do realize that not everyone places security above all other factors when deciding on their smartphone OS, but I think they should be aware of the trade-offs so they can make an informed decision.
I got as far as the second paragraph, which consists of the following quote from a Google VP:
“I’m not going to talk about Recall, but I think the reason that some people feel it’s creepy is when it doesn’t feel useful, and it doesn’t feel like something they initiated or that they get a clear benefit from it”
That’s somehow worse than I imagined. I can at least understand being intentionally sinister, or overtly anti-privacy, but that level of delusion is somehow actually more terrifying.
VPNs don’t prevent tracking, especially when you’re logging into services.
They can help obfuscate your identity to varying degrees, but honestly this is a pretty odd decision. I’m guessing it has more to do with malicious activity, or some other type of activities that Reddit is trying to curtail, and they feel blocking VPN IP ranges will help them.
The topic in question here is not about government abuse of data, it’s corporate abuses, but okay, let’s set that aside.
You’ve said that it’s safer to roll your own VPN using a VPS service precisely because you can’t trust any VPN providers, or auditing organizations.
But you’re now saying that you can trust a hosting provider based solely on which jurisdiction they reside in.
You’re just arbitrarily picking which companies to trust with your connection traffic, but with added complexity, and significantly reduced egress locations for your traffic, which itself dramatically impacts any privacy benefits you were looking to achieve.
Not really, sort of, but different threat models IMO.
The app this thread was about is asking to become a single pane for external services e.g. cloud, which is why it requires your Hertzner API.
For the following, I’m reaching into my memory hole, so definitely check elsewhere to confirm before doing anything.
FreedomBox, if I recall, is basically Debian Linux with a variety of self-hosted tools that are easily configurable e.g. Media servers, torrents, NextCloud, etc. It’s been around for a while and I don’t recall ever hearing anything bad about the project.
Ultimately, sure, you’re still trusting the maintainers to some degree, like with any distro/spin, but that’s a judgement you’ll have to make for yourself.
If you’re going to use Freedom box for all of your most critical and private parts of your digital life, then you should probably weigh the risks more heavily, than if you’re just going to make it a media and torrent box.
You can do all of that on your own.
OR, you can create a single attack vector that can potentially be exploited and put everything at risk, at the same time.
If you’ve ever worked in, or adjacent to, IT, then you’ve heard the phase “single pane of glass”, meaning you can manage all your infrastructure, or IOT, through a single terminal/UI.
This is basically a single pane of glass that you’re getting through a side loaded repo, to manage your entire digital life. That means it can also become a single pane of glass for anyone able to exploit that application i.e. supply chain attack, phone AND/OR app specific vulnerabilities, etc.
Others may have better, or fancier solutions, but I’m a fan VPN -> Home Network -> VNC over SSH/TLS for Linux boxes, and RDP for Windows.
Again, none of VNC or RDP ports or services are ever exposed externally, and even on the LAN, they require authentication and use secure tunnels.
Full disclosure, I haven’t used RDP in a while and I don’t know what version of SSL/TLS it comes with anymore.
I know there are self-hosted AnyDesk style options and maybe they’re better than my approach, but I’ve never used them so I can’t really speak on that.