What are you using that requires a selfie? I can’t think of any services or apps I use that require a selfie. It can’t be that hard to avoid if I’ve never encountered one.

IPA is here: https://en.wiktionary.org/wiki/cwtch

With soft forks you still need to merge upstream changes and figure out what to do when they’re incompatible with your changes, do your own testing of your fork once you’ve merged the changes, etc.

Again, stupid chauvinist take. Not everyone speaks English and not everyone uses English pronunciations. Also, cwtch is a relatively popular loanword too, plenty of English speakers have learnt to say it.

You know most of the world finds English spellings hard to pronounce, right? You’re speaking in a language notorious for its inconsistent pronunciations (see “-ough”).

It’s also particularly fucked up to mock Welsh like that given that Welsh is one of the many languages with a long history of children being violently reprimanded for speaking their native language by English people.

unpronounceable

To whom? Should Welsh people not use privacy software too? Stupid ass chauvinist position

It’s a welsh word.

…I can’t think of a “privacy-focused code editor” because code editors are generally not known for having telemetry/tracking/anything privacy-invasive in the first place? A “privacy-respecting” code editor is just a normal one. Use whatever you like. Vim is great. Maybe Kate if you want a GUI.

It looks like a honeypot, and wtf is a “private cell network”? How are they gonna do that? SMS and phone calls aren’t E2EE

I suppose that begs the question of whether or not privacy (as used by this community) inherently means private in the colloquial sense, like the way a diary is private. Because to me, a e.g. public static website with no kind of profiling of its users is privacy-respecting, but obviously not private in the colloquial sense—it’s a public resource.

I do use SMS sometimes and I use it strictly for things that I’m happy to be basically public. Same for using other protocols like unencrypted email.

A stock smartphone is also locked in to mandatory telemetry, like a stock dumbphone. The practical difference is that there’s a much smaller community for installing custom FOSS OSes onto dumbphones compared to smartphones.

I think you’re conflating security with privacy. Not that they are unrelated, but something can be e.g. unencrypted but lack telemetry.

Not that dumbphones are inherently private, but I don’t think they’re less private either. They’re just what you use if you have no need for all the smartphone functions.

It wouldn’t be hard to add a clause mandating that websites provide an easy-to-access “reject all” button that actually rejects all cookies.

…No? Communism is the brand new social order I’m talking about that is yet to come about.

Revolution doesn’t have to recreate the currently existing systems in other parts of the world. Every social order was brand new at some point.

https://www.getmonero.org/

Getting a wallet and setting it up is the easy part. Buying it can be more difficult depending on where you are—centralised exchanges are easiest but xmr-fiat centralised exchanges often have legal trouble and may not be available where you are. You can try a decentralised exchange like RetoSwap (fiat-xmr directly) or bisq (fiat-btc and btc-xmr). They can be a bit confusing for new users but I figured it out ok when I first bought Monero using bisq.

Also you don’t have to be using cash that you took out of an ATM. I give my friends cash and they give me cash all the time.

Cash and Monero. I nearly never pay for things by card these days; it’s entirely possible.

Is it possible to use some kind of random noise algorithm to modify the image so that devices can’t be uniquely identified like this anymore? Or would that not work?

Why spoof your location instead of just denying location permissions?

Its UI…? It’s got the same UI as Android…?

Maps: CoMaps all the way. Very nice, polished map app using OpenStreetMap

AI: Just use Ollama. It’s dead simple to run it on your local machine. They have docs here: https://github.com/ollama/ollama/tree/main/docs

Productivity suite: LibreOffice. If you want sync use Nextcloud (needs to be hosted) or syncthing (no hosting necessary).

Photo app: Nextcloud Photos app if you want cloud sync. I take it you use iOS given that you specify Apple Maps, in which case idk what foss photos apps there are on iOS, but Fossify Gallery on Android is good.

Cloud storage: Nextcloud. By definition, cloud storage needs to be hosted, so if you don’t have a server, you can use something like Proton Drive or Cryptdrive, or find a public Nextcloud instance that lets you sign up (Disroot has one).

I’m not following the GOS stuff super closely but last I saw they said they were a year away from having their own hardware, and that Pixel support would be able to continue. See this thread: https://grapheneos.social/@GrapheneOS/115102473921005918

No need to reinvent the wheel so pre-emptively. If GOS does go down (which it sounds like they are trying their best not to), I’ll probably switch to a Linux phone or just not have a smartphone.

Both can be true at the same time. Countries want to be able to spy on their citizens, and don’t want their geopolitical rivals to be able to spy on their citizens.

I think what op is saying is that your OS can spy on signal since you input plaintext into signal to be encrypted, or when you receive messages they get decrypted on your device.

Any AMD card should be fine.

Do you need to be actively connected to the internet? Most passive spying (ie spying that is not specifically targeted at you, but rather just big tech corpos trying to gather data in general) can be blocked by just disconnecting the device from the internet. You can download installers for games and the like on other devices and transfer them over with a usb drive.

You don’t even have to do it with pen and paper. You can install whatever operating system and software you want on your computer. If blocking certain resources on the internet is an issue, you could torrent public keys, use tor, use i2p, or worst case scenario deliver a USB drive to your friend’s door.

Yes

1. You shouldn’t “trust” as a basis for security or privacy. Eg for protonmail, Proton can still read your incoming emails if they arrive unencrypted; the only way to avoid that is to send E2EE email, which unfortunately most email is not. You should assume that if they can, then they are.

2. If you have to use proton for whatever reason (can’t afford to pay to self-host things, don’t know how to and don’t have time to learn, etc), it’s perfectly fine for everyday use for things that are not particularly sensitive ie you don’t have a highly resourced state actor actively trying to obtain that data. Just always keep the first thing in mind. Too many people treat anything that calls itself “encrypted” as a silver bullet.

Yeah but in the past few months ive consistently found Swedish Mullvad servers to work (occasionally blocked but if you refresh the page it’s unblocked) whereas the Swiss servers, which I used to use, have been fully blocked for quite a while. I’m sure it’ll change in due time but for now that’s what’s been working. And I have found this for all the Swedish servers I’ve tried and all the Swiss servers I’ve tried. Only tried Mullvad servers as that’s the VPN I use.

FreeTube has been working for me with Mullvad VPN set to Swedish servers. Also https://inv.nadeko.net/ if I need to share links with anyone.

Also, you can use a burner email and vpn if you want to add an extra layer of obfuscation in there for privacy.

It’s still all tied to one account. They could say, for instance, the same person searched for “beans”, “onions”, and “rice”, as opposed to not being tied to an account where those 3 searches could have come from 3 different people. Of course, a search engine like DDG is only promising to not track you to try figure out if those 3 searches came from the same person, but various anti-fingerprinting measures could make it infeasible for DDG to do that. For a paid search engine, you’d have to pay for a new account per search if you didn’t want it tied to any other searches, if you don’t trust that Kagi isn’t logging searches (which you shouldn’t, because you shouldn’t rely on trust for any threat model).

I really hope I don’t come off as a shill for them. It’s one of the few companies I actually really like.

Don’t worry, I get where you’re coming from and I most certainly think some people have a use-case for it.

Kagi’s an interesting one. The main reason why I don’t go with it is because you’d have to have an account, de-anonymising you. I know they have their “privacy pass” feature but that seems to essentially rely on trust that they aren’t tying your private searches to an account. And also $10/month for a search engine is just pretty steep for my budget.

I’m not looking at strangers’ phone screens close enough to figure out if they’re using GOS but I’ve noticed strangers using GOS a fair few times. Likely would a lot more if I were looking for it but I’m not trying to read everyone’s phone screens…

It’s a fairly common OS and it’s fairly widely acknowledged that GOS is a big driver for Pixel sales.

That’s a good point, I forgot that stuff like SearXNG are only frontends so in order to add personalisation to them you’d have to modify your queries to Bing/Google/etc I assume, rather than do what Google etc do with whatever algorithm they use for providing search results.

Won’t your state know you’re using the VPN based on the fact that all your internet traffic is going to the VPN lol

Mullvad or AirVPN. AirVPN has port forwarding so good if you need to torrent

1. Filesystem doesn’t matter hugely but as the other user said, ext4 will be the fastest anyway (possibly xfs, not sure how ext4 and xfs compare). CoW filesystems like btrfs are slower, though most people don’t notice a significant difference. People use CoW filesystems for other features like self-healing ability and backups.

2. I would strongly recommend getting an AMD card. As the other user says, AMD’s drivers are fully FOSS and work well with Linux. Nvidia has a bad reputation with Linux and especially Wayland, though these days it’s mostly usable, but IME is still prone to breakage upon updates. IME AMD GPUs “just work”.

https://inv.nadeko.net/watch?v=j2TyrLZT0r0

I think it would be fine if it were opt-in, but then you wouldn’t get enough data to get accurate traffic estimates

Depends on your threat model, the degree of interest in you from states, the resources and competency of the states interested in you, etc… Also, I think privacy for privacy’s sake and without any real threat to which it’s responding to, is entirely fine and understandable. If nobody were interested in my data at all I’d still practise a reasonable level of privacy because I think it’s creepy for other people to know my business.