flatbield
Interests: News, Finance, Computer, Science, Tech, and Living
- 0 Posts
- 96 Comments
Smart home type stuff is with minor exceptions a total nightmare. Bad security, bad privacy, and bad longevity. Just no. There are some of these things that just don’t work without connection back to the mother-ship, or at least lack major features. Generally it is recommended that if you do have these sorts of things, put them on a separate network at least.
Lookup alternatives at alternativeto.net. Signal is probably the best but there are others. Problem with chat, both people have to use. F-Droid is a good resource too.
I would not call FOSS a cult any more then unions or the civil rights movement.
Google is promoting MTA-STS. MS is at least testing it and some others. Proton mail might support, check. I use NameCheap shared hosting mail. They support incoming but not outgoing.
Sure it is clear inside each org but secures between. Nice because you can secure in your org by contract. Not as good as e2ee of course.
There is an advantage of using a provider that suports MTA STS. This is Strict Transport Security and forces at least transport encryption.
There is an advantage to use a provider you pay for too and at least claims not to read your email.
It is also nice if they can host your domain and have good delivery.
Edit: I meant MTA STS not SMTP STS.
Fairphone is the open platform. The GrapheneOS guys could start working with that. It is an actual project including a hardware supplier not bound to Google. Another one is Purism, but their stuff is often very expensive. As long as the Pixel is a fully open hardware platform we will be fine, but they could choose to lock it down at any time.
Avoiding apps if you can and focusing on using the web and/or PWAs as a good direction too. Lot of the stuff out there for apps really should not be an app to start with. Then there is F-Droid which has most of the actual apps you need.
The ones not in fdroid and where you can’t use a web app, and must have, these are not so many. For me this is some health devices, some transit and travel apps, my local library, a hearing test app, Google Maps, my bank app (for check cashing). All of these also run just fine on GrapheneOS. Lot of those don’t have to be on my phone though if you only have one android device maybe they do. Really transit and travel apps, maybe my local library, and Google Maps are the only ones I use out and about.
I did read the post. Way easier to install GrapheneOS then it is to fiddle with non-existent privacy controls on stock. GrapheneOS is highly popular and pretty much just works so the on life support thing is BS. Yes if you must have one of the few apps that don’t work, sure you’ll have to use stock or just not use the app. I’ve not found any apps that I need that don’t run on GrapheneOS but there are some.
Keep in mind too, that not all apps work on all stock phones either for one reason or another.
GrapheneOS gives several features not in other ROMS at the cost of requiring in support Pixels. These include full update support including binary blobs, locked boot loader, and device attestation support to the extent possible, It prorities security over most other things including lomg multi-device support which of course would be nice.
The big deal is how long a phone gets updates. If you divide Pixel a-series pricing by the 7 years of support, they are not that expensive.
What is expensive is buying a new phone everytime they go out of support. My old LG had maybe 1 year of updates when I got it years ago and it was a $250 phone. Still ran it for 6 years but most of that time had no updates which is not great.
My point is cost depends on how you measure it.
Does what work? If you mean GMS sandboxing, that is ROM specific. Up to what the ROM supplier does.
Why would one need another ROM. GrapheneOS is one of the best. So is Google hardware in terms of lifetime cost, capability, and security. What other supplier gives 7 year support?
Generally with android it is best to choose the ROM and then the best hardware for it anyway. The best ROMs often have limited hardware support. There are not that many reasonable ROMs anyway. Nor are there many hardware choices that aupport most ROMs fully.
Head phone jack. My 8a sadly has none. Not sure any recent Pixels do. I use combination of some HP OTC hearing aids and a Senhouser headset, both blue tooth.
Files transfer. I mosly use Nextcloud or just plugin my phone to my computer directly with USB. I have used syncthing and ssh too. Debian should work but I have more experince with Ubuntu and the USB method works fine there.
I use GrapheneOS on a Pixel 8a. About 6 months in. The recent “a” series models are a pretty good deal as they come with 7 years of updates from initial release.
I love GrapheneOS. Pretty much just works. Many Apps do not even have to have google play installed. There are some apps that may not run. Typically those that require an original authentic device. My banking app did not run originally but now it does. Not sure but I think I had issues with the UPS app for some reason. I switched to the web for that.
Linux only, SSH works fine. Not e2ee. Nextcloud works fine but extra work unless you use a service provider. It can be e2ee but not normally so. Syncthing worth a look too. It is not cloud storage, but direct device transfer. Bitwarden send is useful too if you want to juat send file someone, and thunderbird is working on thunderbird send which might be interesting.
Maybe Synology if you want your own lan NAS?
All email services have vendor lock-in unless your using your own domain.
For what it is worth, I just moved my mail from my ISP to my own domain at a hosting service after 30 years. Took about 5 months to get everything changed but if I can do it anyone can.
Downside, using your own domain is probably less private but kind of depends.
Whatever https://www.privacyguides.org/ recommends. I am not a big VPN user. I care more about using good apps and prefering the web browser over apps and configuring that.
Same config, I have been using my 8a with graphene since Jan. Works great.
I actually put Google Play and the few apps that use that in the Private Space and just use clean apps in my owner profile. There are a lot of different ways to divide up apps between Owner Profile, Private Space, the 31 separate user profiles, and work profiles.
As for app sources I use mostly Graphene, FDroid, Aurora, and Obtainium stores and tools. I only use Play Store directly in my Private Space. There are pros and cons of course.
I specifically chose a shared hosting situation so they deal with the issues in this case. I do have a VPS and could have placed it there but I did not want the hassle and it is not something my wife could manage if something ever happened to me.
As far as unlimited, they do have such a plan but I do not need it. 30 is infinite in my case.
Yes. I do not use them all, but I can and my cPanel shared hosting only costs $25 per year. I can use web hosting part too if I want. It is all included. The above cost does not include the domain name itself.
See: https://www.namecheap.com/hosting/shared/
Edit: Looks like after first year it will be about $50/year.
Your own domain is not great for privacy though like others have said the registrar can hide your info at least from whois. If you already have a domain lookup the whois record and see what it says. Presumably even with whois privacy your identity is probably discoverable.
Custom domains are not great for deliverability too. Though mostly mine is fine. Sometimes Yahoo and ATT manged accounts give me delivery issues.
What your own domain is good for is nice, long term, and portable addresses. Also for many cheap addresses. I get something like 30 email accounts with my basic Namecheap cPanel account for about $25 per year.
There are so many good providers in the EU. In the US basically those that implement MTA-STS are Google, Microsoft, and Comcast with all of their issues.
I actually ended up at shared hosting provider. I get 30 mailboxes for less than $100 per year. Only incoming MTA-STS though unless I went to my own VPS.