Just for convenience (since it’s hard to read the screenshot on a phone), here’s the text:
GrapheneOS is being heavily targeted by the French state because we provide highly secure devices and won’t include backdoors for law enforcement access. They’re conflating us with companies selling closed source products using portions of our code. Both French state media and corporate media are publishing many stories attacking the GrapheneOS project based on false and unsubstantiated claims from French law enforcement. They’ve made a clear threat to seize our servers and arrest our developers if we do not cooperate by adding backdoors. Due to this, we’re leaving France and leaving French service providers including OVH. We need substantial help from the community to push back against this across platforms. People malicious towards us are also using it as an opportunity to spread libel/harassment content targeting our team, raid our chat rooms and much more. /e/ and iodéOS are both based in France, and are both actively attacking GrapheneOS. /e/ receives substantial government funding. Both are extremely non-private and secure which is why France is targeting us while those get government funding. We need a lot more help than usual and we’re sending our the first ever notification to everyone on the server because this is a particularly bad situation. If people help us, it will enable us to focus more on development again including releasing experimental Pixel 10 releases very soon.
Functionally it’s good and fast. Privacy-wise I would recommend at least encrypting the files before uploading. Cryptomator would help if your friend is willing to use it. VeraCrypt volumes also work, and they sync quickly because Dropbox is smart enough to only update the bits of the volume file that have changed.
If you’re looking for something similar but not US-based, pCloud is good and allows you to save the data in Europe. But encrypt your files there too.
However, it is that seemingly arbitrary three-times-a-year limit applied to the People section that is most concerning. Why not four? Why not as many times as a user wants?
Possibly because deleting or recreating the data is resource-intensive on the servers. It might actually be a good sign that Microsoft really removes the data, not just mark it inactive, when you turn the feature off.
It’s not that they’re especially fragile. It’s really only when you combine them with a sync process. I once had a sync go wrong and it resulted in the contents of a vault being unreadable. Because all you have are a bunch of encrypted files with meaningless names and a flattish structure, which Cryptomator interprets and mounts as a different directory structure, when something goes wrong it’s not easy to know where in the vault files the problem lies. You can’t say “ah, I’m missing the documents folder so I’ll restore that one from backup” like you could with an unencrypted directory. And if you’ve made changes since the last vault backup you can’t just restore the whole vault either. You could mount a backup of the vault, from a time when it was intact, and then copy files across into your live copy, but I feel safer having a copy in another format somewhere else. Not necessary, I guess, but it can make recovery easier.
It depends how the backup is encrypted. Most backup solutions will give you an encryption key, or a password to a key, that you have to keep safely and securely somewhere else. If you have an online password manager or a Keepass database in cloud storage, that would be a reasonable place to keep the key. Or on a USB stick (preferably more than one because they can fail) or a piece of paper which you mustn’t lose.
Cryptomator is good but it’s important also to keep backups of the unencrypted content of the Cryptomator vault that are not encrypted by Cryptomator. (You could encrypt the backups with another system.) Cryptomator vaults are more fragile than the underlying file system, and it’s easier for a glitch in the sync process to corrupt them so they’re unrecoverable. I have lost data due to this in the past. So it’s best to make sure all the contents of your vaults also exist somewhere else, encrypted in another way.
From Discord’s age verification page, under “Privacy and Data Security”:
Q: Is my data stored when I use Face Scan or Scan ID verification?
A: Discord and k-ID do not permanently store personal identity documents or your video selfies. The image of your identity document and the ID face match selfie are deleted directly after your age group is confirmed, and the video selfie used for facial age estimation never leaves your device.
So is that a lie?
Doesn’t matter whether people buy it when their views have no effect on government policy. It seems many governments are simultaneously deciding to require ID to use the internet, and you have to suspect it’s coordinated.
I think we neee to protest, but we also need to work hard to set up more robust ways to use at least the non-corporate web anonymously. If it’s left to governments we’ll get to the point where only licensed corporate publishers are allowed to run a website and only licensed users can access it.
Fairphone 6 looks quite interesting and has a Google-free option. People are saying it’s a bit buggy but they’re fixing the bugs rapidly. And two-day battery life sounds pretty good.
https://shop.fairphone.com/the-fairphone-gen-6-e-operating-system
Probably why Google is also taking steps to make custom ROM development significantly more difficult. They evidently want to kill off all Android ecosystems except the ones they control and watch.
When a preventative measure very obviously won’t solve the stated problem, that may not be what it’s really there to solve. This is another of Google’s anti-open-source moves designed to bring all Android devices entirely under their control and surveillance. It goes along with their bringinh all Android development in house and making it harder for third parties to make their own custom versions of Android (Graphene OS etc.). It also seems a little odd that this happens right when several countries are introducing requirements that users supply ID to visit websites.
It’s about surveillance and control. Censor what people can see, require ID so you can monitor who’s viewing what, and let people know you see what they’re doing so that they become wary of using the internet for political organization. Pedophiles and terrorists are just convenient bogeymen to scare people into assenting to this.
There’s still the risk of GPS coordinates leaking out of the social media phone, and that leading Google to be able to correlate it with the person’s main phone. Even without GPS there’s the position based on nearby wifi networks etc. So you’d have to be sure all location services were disabled. Still, someone knows which cell towers your phones connect to and could correlate their locations if they repeatedly come close to one another, though Meta probably don’t have ready access to that data. Something’s always being sold to data brokers though, and it’s very hard to prevent them from spotting patterns that reveal who you really are.
Apple’s “find my” network can find your phone when it’s turned off, because the phone continues to transmit low-energy Bluetooth which other devices in that network receive and report. So if you’re in a crowd with a switched-off iPhone and other people have their devices on, it’s still possible for your location to be tracked. There may be other modern phones that do this too, continuing to transmit low power signals to nearby devices. If you really don’t want to be tracked, you can’t be sure Airplane Mode or turning the phone off will be sufficient.
Zuckerberg hung out with Trump at Mar a Lago and attended the inauguration, then got rid of Facebook and Instagram’s fact checking, relaxed their rules on posting hate speech and discrimination, ended Meta’s diversity initiatives, removed bathroom facilities at meta for transgender and nonbinary employees, made speeches in defence of Trump and expressed gratitude for finally being able to have “a productive partnership with the United States government”, while removing communications channels for employees and threatening them with being fired if they talked to media about any of this. He has gone full MAGA.
This article covers most of it: https://www.nytimes.com/2025/01/30/technology/mark-zuckerberg-meta-trump.html
There are virus scanners for Android - I have Bitdefender on mine - but I don’t know how effective they are. Back in the day they were a bit of a gimmick; I don’t know whether they’re better now.
I have seen other apps from F-Droid do this. NewPipe, I think, used to prompt me for updates even though I had installed it from F-Droid. But I was always a bit unsure so I tended to just go back to F-Droid to install newer versions. Maybe it’s a thing some apps do but I don’t know why they should need to and I don’t entirely trust it.
I don’t see this as the USA turning into China. China has many problematic aspects, and being an immigrant or an LGBTQ+ person in China is probably not fun, but China at this point is less stupid and understands competitiveness. China would not defund all its science overnight, hamstring its technology and trash its whole economy with tariffs on goods it cannot produce domestically, withdraw vaccines in the face of new epidemics, and cancel sustainable energy projects and funding while denying climate science. The new US Government is just shooting the country in the foot again and again.
Chrome excites arbitrary code from google.com (this wasn’t something widely known until recently and appears to effect all the chromium downstream browsers).
I hadn’t heard about that. Can you link me to some info about it?
My comment was just advising people to be media-literate and consider the source, though I also said that this in itself doesn’t make the article questionable (I actually think it’s quite credible). And I linked to Wikipedia’s article about this news website. I wasn’t trying to defend Israel or be controversial, and it was a bit of a surprise to see this get deleted.
MintPress News is pro-Iran, Syria and Russia (Wikipedia). But that doesn’t mean what they say here is false, just that we should approach it with our critical faculties working.
Lol, I’ve corrected that now. An OCR Freudian slip.