…No? Communism is the brand new social order I’m talking about that is yet to come about.

Revolution doesn’t have to recreate the currently existing systems in other parts of the world. Every social order was brand new at some point.

https://www.getmonero.org/

Getting a wallet and setting it up is the easy part. Buying it can be more difficult depending on where you are—centralised exchanges are easiest but xmr-fiat centralised exchanges often have legal trouble and may not be available where you are. You can try a decentralised exchange like RetoSwap (fiat-xmr directly) or bisq (fiat-btc and btc-xmr). They can be a bit confusing for new users but I figured it out ok when I first bought Monero using bisq.

Also you don’t have to be using cash that you took out of an ATM. I give my friends cash and they give me cash all the time.

Cash and Monero. I nearly never pay for things by card these days; it’s entirely possible.

Is it possible to use some kind of random noise algorithm to modify the image so that devices can’t be uniquely identified like this anymore? Or would that not work?

Why spoof your location instead of just denying location permissions?

Its UI…? It’s got the same UI as Android…?

Maps: CoMaps all the way. Very nice, polished map app using OpenStreetMap

AI: Just use Ollama. It’s dead simple to run it on your local machine. They have docs here: https://github.com/ollama/ollama/tree/main/docs

Productivity suite: LibreOffice. If you want sync use Nextcloud (needs to be hosted) or syncthing (no hosting necessary).

Photo app: Nextcloud Photos app if you want cloud sync. I take it you use iOS given that you specify Apple Maps, in which case idk what foss photos apps there are on iOS, but Fossify Gallery on Android is good.

Cloud storage: Nextcloud. By definition, cloud storage needs to be hosted, so if you don’t have a server, you can use something like Proton Drive or Cryptdrive, or find a public Nextcloud instance that lets you sign up (Disroot has one).

I’m not following the GOS stuff super closely but last I saw they said they were a year away from having their own hardware, and that Pixel support would be able to continue. See this thread: https://grapheneos.social/@GrapheneOS/115102473921005918

No need to reinvent the wheel so pre-emptively. If GOS does go down (which it sounds like they are trying their best not to), I’ll probably switch to a Linux phone or just not have a smartphone.

Both can be true at the same time. Countries want to be able to spy on their citizens, and don’t want their geopolitical rivals to be able to spy on their citizens.

I think what op is saying is that your OS can spy on signal since you input plaintext into signal to be encrypted, or when you receive messages they get decrypted on your device.

Any AMD card should be fine.

Do you need to be actively connected to the internet? Most passive spying (ie spying that is not specifically targeted at you, but rather just big tech corpos trying to gather data in general) can be blocked by just disconnecting the device from the internet. You can download installers for games and the like on other devices and transfer them over with a usb drive.

You don’t even have to do it with pen and paper. You can install whatever operating system and software you want on your computer. If blocking certain resources on the internet is an issue, you could torrent public keys, use tor, use i2p, or worst case scenario deliver a USB drive to your friend’s door.

Yes

1. You shouldn’t “trust” as a basis for security or privacy. Eg for protonmail, Proton can still read your incoming emails if they arrive unencrypted; the only way to avoid that is to send E2EE email, which unfortunately most email is not. You should assume that if they can, then they are.

2. If you have to use proton for whatever reason (can’t afford to pay to self-host things, don’t know how to and don’t have time to learn, etc), it’s perfectly fine for everyday use for things that are not particularly sensitive ie you don’t have a highly resourced state actor actively trying to obtain that data. Just always keep the first thing in mind. Too many people treat anything that calls itself “encrypted” as a silver bullet.

Yeah but in the past few months ive consistently found Swedish Mullvad servers to work (occasionally blocked but if you refresh the page it’s unblocked) whereas the Swiss servers, which I used to use, have been fully blocked for quite a while. I’m sure it’ll change in due time but for now that’s what’s been working. And I have found this for all the Swedish servers I’ve tried and all the Swiss servers I’ve tried. Only tried Mullvad servers as that’s the VPN I use.

FreeTube has been working for me with Mullvad VPN set to Swedish servers. Also https://inv.nadeko.net/ if I need to share links with anyone.

Also, you can use a burner email and vpn if you want to add an extra layer of obfuscation in there for privacy.

It’s still all tied to one account. They could say, for instance, the same person searched for “beans”, “onions”, and “rice”, as opposed to not being tied to an account where those 3 searches could have come from 3 different people. Of course, a search engine like DDG is only promising to not track you to try figure out if those 3 searches came from the same person, but various anti-fingerprinting measures could make it infeasible for DDG to do that. For a paid search engine, you’d have to pay for a new account per search if you didn’t want it tied to any other searches, if you don’t trust that Kagi isn’t logging searches (which you shouldn’t, because you shouldn’t rely on trust for any threat model).

I really hope I don’t come off as a shill for them. It’s one of the few companies I actually really like.

Don’t worry, I get where you’re coming from and I most certainly think some people have a use-case for it.

Kagi’s an interesting one. The main reason why I don’t go with it is because you’d have to have an account, de-anonymising you. I know they have their “privacy pass” feature but that seems to essentially rely on trust that they aren’t tying your private searches to an account. And also $10/month for a search engine is just pretty steep for my budget.

I’m not looking at strangers’ phone screens close enough to figure out if they’re using GOS but I’ve noticed strangers using GOS a fair few times. Likely would a lot more if I were looking for it but I’m not trying to read everyone’s phone screens…

It’s a fairly common OS and it’s fairly widely acknowledged that GOS is a big driver for Pixel sales.

That’s a good point, I forgot that stuff like SearXNG are only frontends so in order to add personalisation to them you’d have to modify your queries to Bing/Google/etc I assume, rather than do what Google etc do with whatever algorithm they use for providing search results.

Won’t your state know you’re using the VPN based on the fact that all your internet traffic is going to the VPN lol

Mullvad or AirVPN. AirVPN has port forwarding so good if you need to torrent

1. Filesystem doesn’t matter hugely but as the other user said, ext4 will be the fastest anyway (possibly xfs, not sure how ext4 and xfs compare). CoW filesystems like btrfs are slower, though most people don’t notice a significant difference. People use CoW filesystems for other features like self-healing ability and backups.

2. I would strongly recommend getting an AMD card. As the other user says, AMD’s drivers are fully FOSS and work well with Linux. Nvidia has a bad reputation with Linux and especially Wayland, though these days it’s mostly usable, but IME is still prone to breakage upon updates. IME AMD GPUs “just work”.

https://inv.nadeko.net/watch?v=j2TyrLZT0r0

I think it would be fine if it were opt-in, but then you wouldn’t get enough data to get accurate traffic estimates

Depends on your threat model, the degree of interest in you from states, the resources and competency of the states interested in you, etc… Also, I think privacy for privacy’s sake and without any real threat to which it’s responding to, is entirely fine and understandable. If nobody were interested in my data at all I’d still practise a reasonable level of privacy because I think it’s creepy for other people to know my business.

Don’t bring your phone? Either that or a faraday

They meant that they wanted to do a test to see if they would get any gpg-encrypted emails from people who saw the hat in real life; the “experiment” doesn’t work if you allow internet strangers to email you too, as then you don’t know where a person may have gotten the email address/key from

OP never claimed the encryption of WA and iMessage “work for us”. They just said they were encrypted. That’s a neutral statement.

??? What does that have to do with what OP asked

What do I use the most or what do people use the most? I use Matrix the most as most of my friends are on it (+ have it bridged with some chats that aren’t on Matrix). Then after that SimpleX. I don’t know what the most popular encrypted messengers among the general population, except for the ones you listed, are.

You don’t have any way to find out about these things outside of Discord and Snapchat from your classmates??? How do your classmates find out then? It’s not going to spontaneously generate into a Discord server. There has to be an official channel where people find out about these things.

I don’t know what info is so critical that you can’t miss it but also can only possibly get it on Snapchat or Discord. If you use it to talk to other students you could get them to talk to you on another platform, otherwise it doesn’t really sound like they’re worth talking to, but you do you.

Forced? How? Why can’t you just uninstall them?

I think if you just publicly practise decent privacy, people will be more inclined to do the same. e.g. all my friends know I’m not on WhatsApp and don’t use proprietary software in general. They know to talk to me on other platforms, and the fact that I’m like this means that others will likely feel more able to do the same if they are inclined. Nobody ever told me to care about privacy; I have always thought it was creepy if others can see all my personal business. I can’t imagine that that’s such a rare innate mindset to have, so other people who feel the same way should feel more able to put that into practice if they see you doing so. If they really want to broadcast all their personal data to the state and tech companies then they are within their right to, and I don’t see the point in trying to convince them to not do what they want to do.

I prefer Mullvad. I’ve found it a lot more reliable. I was a paying Proton customer but still had connectivity issues a non-negligible number of times, whereas I’ve literally never had Mullvad be the cause of connection issues in my years of using it. It’s great that they take cash and have literally only an account hash associated with your account.

I’ve also found that Mullvad customer support are responsive, helpful, and know what they’re talking about. I’ve had experiences with Proton’s customer support that were ok, but occasionally had the typical customer service hiccups along the lines of being assigned a new support agent who doesn’t read back all the conversation (understandable—I had one bug I was dealing with for months) and you have to explain again what the original issue was and what has been done since.

I think both options are perfectly fine, but I definitely prefer Mullvad, and it’s what I recommend to people if they ask me to recommend a VPN service.

They use it for Google Maps as a pin. Nothing new, and not particularly weird either. You can just skip it and not tell them.