It’s okay, but I’d personally recommend NextDNS more. Quad9 is also good, but more basic.

I like it. Pretty damn good for privacy, based on Gecko, supports desktop extensions, and developed by the Divested Computing Group (the same one that created and maintains DivestOS).

(The NSA think they’re slick)

Yep, I’ve noticed that too.

Great idea. That’ll be hilarious!

Maybe not quite ready for the general public yet, but I hear PureOS runs quite nicely and, if you can make it work, it could be a good idea.

Essentially:

• Filen - Server in Germany, run by Filen. Has clients for Windows, macOS, Linux (both x86_64 and arm64), iOS, and Android; but not BSD or ChromeOS. You get 10 GB for free.
• Nextcloud - Server wherever you want, as you host it yourself. Has clients for most platforms, including Android, and also supports WebDAV. Everything is on your terms. Also comes with things like a calendar, a notes app, and ActivityPub (I think). You can run NextCloud on a Raspberry Pi under your desk for cheap.
• Syncthing - No server and no account, as it is strictly peer-to-peer. Has clients for Windows, macOS, Linux, BSD, illumos, Solaris, and Android; and there’s an unofficial client for iOS (Möbius Sync). Devices must be on the same network to sync (although there’s probably a way of getting it working globally). Totally free to use.

I use Filen because I only have one Raspberry Pi (which is in use), so Nextcloud isn’t a viable option; and I had trouble getting Syncthing to work.

I’m not entirely sure. I’m still using the free tier. A bit hypocritical for me to say that payment is polite, I know; but I do tend to use USB drives more than the cloud.

1. You don’t need an account, and there is no such thing as a GrapheneOS account. Most of your apps should be able to be installed through either F-Droid, Obtainium, or the sandboxed Play Store. Some apps require Google Play Services, however, but LineageOS has an alternative called microG which works most of the time, and GrapheneOS containerises apps.
2. GrapheneOS, I believe, uses the default gallery and SMS apps from stock Android; and they also have their own camera, PDF viewer, and web browser (Vanadium), which are developed in-house. However, cloud syncing and note-taking apps are not included. I would suggest either having a look on F-Droid, asking on this sublemmy, or checking out Privacy Guides to find some apps you’ll like.
3. GrapheneOS doesn’t have a “cloud”, as such. This is a good thing, and it lets you choose your own provider if you must. I would personally recommend Filen for files and photos, and Cryptee for notes.
4. It is completely possible to use multiple app stores. If you use GrapheneOS, I would say use F-Droid or Obtainium when possible, and the Sandboxed Play Store for everything else.
5. We like to use things like NextCloud because it gives us full control over our data, among other reasons. However, it is not essential. I, personally, use Filen for my cloud sync needs; but I also tend to use physical storage a lot because of my shitty internet and cheap hardware. You also don’t necessarily need to pay for these services, but it’s polite and it can improve your experience.

Good luck on your privacy journey, and don’t hesitate to ask more questions. In addition to Lemmy, here are a few good resources:

• Privacy Guides
• !privacyguides
• Techlore
• Techlore Forum
• The New Oil

Thanks for the advice!

Just makes you wonder what else (if anything) is backdoored. I am seriously 🤏 this close to just switching all of my boxes over to OpenBSD.

The last time someone over there was approached about backdooring a related piece of software (which they refused), the OpenBSD devs manually screened the entire codebase, just in case something got in.

Really, the only things I’d miss would be Minecraft, KDE, and Mullvad Browser; and of course I’d have to buy a couple more WiFi dongles (or learn how to port drivers from Linux).

Good bot

To be frank:

• Good idea in theory
• Ancaps and cryptobros ruined it for the rest of us
• Monero is okay

The only places here with decent public transport are the major cities and a handful of towns. Where I live there’s only one bus, which stops for breakfast and lunch and doesn’t run after 7 PM. We used to have a train, but the tracks were removed in the '60s and half of what used to be the line is now underwater.

Not to mention that the Conservative government keeps finding new and inventive ways to cripple public services.

Then again, minimum wage isn’t enough own a car and pay for the insurance, so I probably won’t be getting a car anyway.

I suppose I do enjoy hiking…

Either bring a burner phone, or make sure you disable biometrics before you land. You could also consider wiping the phone and then restoring from a backup later on.

Also, learn about your constitutional rights and any relevant state laws (e.g. the CCPA in California). You probably won’t have to mention them, but they’re good to know.

1. I see. Guess I’d better load up a guide and get ready to break my internet!
2. Lovely. Running on Lockdown Mode now, and it’s actually not that bad!
3. Thank you! You can find my post here.

Which calculator is it?

It’s a Casio fx-CG50 (known as the Casio PRIZM in the USA). The TOTP generator is part of the Utilities app.

Thanks! As it happens, I have experimented with self-hosting before. It’s just that it can be expensive to do this and there are often age barriers (for some reason).

I have managed to host a static website completely for free, however. I used Codeberg Pages for the site, Cloudflare for the DNS (although I may move to FreeDNS), and EU.ORG for the domain. It’s not quite self-hosting, but it’s close!

Well thanks! As for the questions:

1. I had been distrohopping on the ThinkPad after Arch Linux started acting a little funny. FreeBSD just happened to be the OS that stuck.
2. I use WireGuard because it’s light and allows me to set custom DNS servers (allowing me to use ProtonVPN and NextDNS at the same time). My school has blocked most VPNs, but the official apps for ProtonVPN and Windscribe can get around it no problem, as can Tor, but I do lose my DNS.
3. I’ll give it a look, but I’m already quite happy with NextDNS.
4. Interesting. I did manage to get WhatsApp working in Pidgin a while ago, but it was a little clunky.
5. I might consider doing that, but I do need to use my webcam for the occasional intrusive Teams call. It is what it is and I do what I can to maximise my privacy.
6. Yeah, I’m not sure I want to go nuclear. My accounts are (with the exception of my abandoned Instagram account) on privacy-respecting services with more people than bad actors. I would say that all I should do is change my usernames and profile pictures, then unlink my websites while I scrub away personal details. After that, all I need to do is DM a few of my trusted mutuals about the change, so they don’t think I’m a stranger, and everything should be hunky-dory.
7. Good advice, although I tend to shop more in-person than online.
8. I don’t have a transport. I use a standard off-the-shelf boombox to play the CDs, and I use fre:ac to rip and convert them to Ogg Vorbis format. I like the idea of FLAC, but I don’t see the point in using it myself, as I already have hard copies of the media.
9. I used ^LA^TE^X in the past, but now I prefer Markdown. The syntax is easier and it comes out of Pandoc looking the same as ^LA^TE^X.
10. Sounds cool. This would also be relevant to the cybersecurity degree I’ve applied for at uni.

Thanks!

So funny story. I spent a couple of hours threat-modelling last year, and then I forgot where I put the docs. Really, I’m just maxing out everything as much as I can without it becoming too inconvenient. I’m mainly trying to reduce tracking and data mining by “evil” organisations (e.g. multinationals, billionaire-run companies, three-letter agencies, GAFAM).

If I find a template, I’ll be sure to send you a copy of my threat model.

Nice setup! I think I’ll maybe make one of my own!

I have a few questions, though:

• How did you set up your firewall? What did you use and what rules do you have in place?
• How did you harden iOS? I have read up and implemented a number of basic settings to reduce tracking, and NextDNS blocks the rest, but I wouldn’t consider my current iPhone “hardened”, per se.

I haven’t used my tablet in months, but I will always recommend Mull.

I like Okular, but I also use Xournal++.

I do, for three reasons:

1. Hackers. It’s unlikely that anyone would hack my webcam, but there’s always a chance. Maybe I’m paranoid, idk.
2. Hardware exploits. Three of my laptops are too old for me to update the firmware with fwupd, so I cover the webcams in case there’s some critical hardware-level vulnerability which could be exploited; or in case one of the three-letter agencies are in there.
3. Consequences. Despite the incredibly low chances of anything happening whatsoever, the possible consequences are too bad for me to want to risk it.

I’m paranoid, aren’t I…

Whoa, really‽

German is also good, but I personally feel that Proton provides a better experience than Tutanota or Posteo.

Ah, now Kaspersky itself isn’t a bad AV. However, given how much data AV software has the capacity to collect and where Kaspersky is based, I don’t trust it. In that scenario, I may as well switch to Yandex and start using Mail•ru instead of Proton.

If there’s anyone out there still using Windows or who otherwise needs an antivirus, just use ClamAV. It’s free and open-source, does a pretty good job of finding viruses, can be run as a daemon, and is extensible.

Want a different index? Fangfrisch. Want a GUI? ClamTk. Using Windows? ClamWin.

I honestly find it so strange that it took me around eight years to discover that this was a thing. I was forced to use McAfee, Norton, Kaspersky, BitDefender, and all of the worst AV software on the market before I eventually switched to Linux.

It’s not what I use it for, but you never know…

For example, there could be an important announcement from a content creator or business that you couldn’t find elsewhere.

It’s surprising how many people and places are only on one social (or antisocial) media.

Some people will find this useful. Yes, we should really just abandon Twitter in all its forms, but there are legitimate reasons to view its content; and if there’s a way of doing so without compromising our privacy, surely that’s a good thing?

They’re still not interested. It’ll take a paywall or something to get them to move on, although they’re not exactly fans of AI…

I still have Instagram, but only because my friends do; and believe me, I’ve tried to get them to move over to Mastodon, to no avail.

I wouldn’t trust the Daily Mail as far as I can throw it. It’s objectively the lowest quality, least factually correct, most sensationalist, and most extremely biased mainstream newspaper we have in the UK. Essentially the British equivalent of Fox News.