No, it is Meta and these companies fault, but I focus on things I can actually control. Just spewing the party line default Lemmy opinion of “capitalism is the problem, blah” doesn’t do anything to solve the problem.
Educating people so they understand how the surveillance works, and explaining that there are alternatives, actually gets us closer to a solution.
Its reliant on running a normie phone and OS, and running the native FB, instagram, or other apps in the Meta constellation. These apps create persistent services that internally backchannel sensitive browser data back to them via internal ports. All browser traffic on devices running these apps should be considered compromised.
The solution is to run Graphene or other de-googled OS and avoid Meta apps like the plague.
My friends dumbass 12 year old kid was told he wouldn’t be given access to any social media until he was at least 16. He claimed he understood, and then proceeded to make an Instagram account with his real name and started sending pervy messages to various insta thott accounts.
Basically as a parent you have to give them access to very limited apps and make them repeatedly demonstrate they won’t misuse them. Then as they get older, assuming they don’t do anything stupid or illegal, training wheels gradually come off.
Yeah that makes sense. And I don’t mean you personally. My commentary was to solidify that many have criticized Braxman but from my perspective we need voices like his to bring awareness to privacy issues caused by Big Tech. We need different options and information in order to make informed choices. So I don’t know why people would shit on someone offering information and alternatives.
I suppose your level of enthusiasm for this offering tracks strongly with how credible you consider Rob Braxman. I have heard people here and elsewhere say he’s a quack or even a psyop. I do know that he’s one of the few sources to talk about client side scanning, the illusory nature of Apple’s “privacy” and other modern privacy issues.
We need robust options for privacy. Googled Android and Apple iOS are horrible options for genuine anonymity and privacy. So, I welcome any competition in this space.
If you have your VPN client and torrent application set up correctly, your traffic would all be routed through the VPN and the network would see your VPN IP and not the actual IP of your machine. If you have a private tracker you can probably test this on their site as many will show you which IP they see as you seed.
A few considerations with this- Some VPN services do not support or allow torrenting. Also some trackers have issues with you using multiple IPs etc. so your account could be flagged if you have used different VPN nodes over time.
Yeah these have basically been ineffective for P2P such as torrenting for many years. The media companies can just outsource their Anti-Sharing campaigns to third parties and it is fairly trivial for them to do discovery from non-obvious or even residential IPs. They just have to open a given torrent long enough to see who is in swarm and start sending nastygrams to those ISPs.
The best way to protect yourself is seedbox/VPS in a jurisdiction with no filesharing enforcement, or at a minimum join a reputable private tracker, because then all participants are vetted and there will never be a snitch in swarm.
If you really need it to be secure and private, and are communicating mostly with known acquaintances within a reasonable radius, with low bandwidth requirements, LoRA with encryption is the best bet.
It is a higher bar of entry but at least you can be confident your messages won’t be intercepted in any useful form.
There are one or two accounts on Lemmy who seem to show up in every privacy or graphene thread and shit-talk GOS.
I say if there is something wrong with GOS or the code itself, identify it and prove it. The founder may have been “problematic” or whatever, but it doesn’t sound like that person is even associated with the project anymore.
I have personally daily-driven GOS for a year. It has worked well for me. I use a lot of FOSS apps. I use some traditional Play Store apps and avoid logging into Google and I manage permissions closely. I’d say GOS gives you options. Maybe some people would like other customized degoogled OS better, and that is fine. Just… for the love of all that is sacred, don’t use vanilla Googled Android.
This. Unfortunately it doesn’t matter how careful you are if your boomer parents got curious about whether they’re really 1/32 Cherokee or not. Now the data brokers and glowies effectively have a profile on you by association.
Also remember in most western nations the cops don’t need a warrant to steal your trash from your bins and profile your DNA, or follow you for days and wait for you to drop a cigarette butt or use a straw at a restaurant.
I’m less worried about this scenario: “We are investigating one specific person whom we have probable cause to believe committed a specific crime. Oh look, he has a Gmail account. Let’s subpoena his video searches with a valid warrant.”
I’m extremely troubled by this scenario: “We don’t like people who search for videos on guns/surfing/cats/whatever. Let’s subpoena a list of those people and start investigating them on no other basis.”
Things like cellebrite and pegasus are rapidly evolving tools based on specific zero day vulns that are known only to (and jealously guarded by) the respective tools devs. No one would have any meaningful way of validating whether Graphene is secure against those specific attack vectors or not unless they did test it, but “trust me bro” on the part of a dev doesn’t inspire confidence. I would assume any zero day vuln in AOSP is very likely present in most derivative systems based on it.
This. It is worth a few hundred bucks to get a separate “normie” phone and run all your Googled apps on there. It may not even need a sim or a data plan… Just use it on WiFi at home or office. This doesn’t need to be a flagship device… Just something “good enough”.
Then run all your personal stuff on your other degoogled phone. This is the one with your sim and primary number. Don’t do any work or Google crap on there.
Yes. I would use the privacy focused ones (there are several in Fdroid). If your threat model includes anonymity against state actor, such that they will be attempting to trace your writing style, you can be certain they could and would also just subpoena google for matching translation requests. It would be a lot easier to back into identifying you that way.
Basically the only way to be 100% secure would be to create your own “private tor” by building a botnet, then making sure to burn/recycle the nodes, and only access it via a proxy gateway consisting of a raspberry pi that you purchased with cash, and paid a homeless dude to plug into the router at a public library in a city where you don’t live.
But realistically most peoples use cases fall somewhere on the spectrum between normal browsing and this extreme scenario. If you are doing something that illegal you probably need better opsec across the board. Most of the arrested darknet dudes got caught because of sloppy opsec in other areas, not because the Tor network failed.
I know the EU is still kicking around the concept of making itself a root CA and each country an intermediate in that chain, then legally mandating the installation of that CA on all devices. This is dangerous as hell as it effectively defeats the purpose of TLS and gives the government(s) a way to decrypt all HTTPS traffic using those bogus cert chains.
I feel like anyone who has to do anything that “deep cover” is probably doing some hyper aggressive prevention techniques as well like creating a botnet and their own “private” Tor which they recycle machines frequently, or using stolen/compromised VPS and only connecting to it via proxy chains, or something similarly complex.
We should be donating and developing projects to open source hardware so there are decent alternatives to Google/Samsung/Apple. I understand the supply chain is complicated and there are many hurdles to this, but it is a known problem and many diverse interests should theoretically have their own incentives to change things.
I’ve successfully used stuff like Google Maps and even Uber, with sandboxed Play Services.
There is some niche functionality that doesn’t work. For example I use the Sam’s Club app to scan and purchase stuff in the club and that all works fine, but when attempting to use the app to pay for gasoline at their pumps, it gives a connection error.
Another thing to consider is that the US (and probably most 5 eyes countries) have agencies with a “store now and decrypt later” policy. They theoretically could be capturing certain types of traffic and storing it in the massive NSA fusion centers. If you come under suspicion at some later date and the quantum technology has advanced, you could be hosed. Now what’s the legality of storing “precrime material” without a warrant? I wouldn’t think it is legal but that doesn’t seem to stop the 3 letter agencies these days.
Yeah one important key is not logging in. If you use Aurora store to install apps, and don’t log into any Google apps, Google can’t be certain of your identity enough to tie it to your previous Google account. I guess they could probabilistically match you based on stuff like your location in Maps app vs. a previous normie device known to be “you”.
One thing I’d like to test is the implications if you log into Gmail on the hardened Vanadium browser and then log out. I would think it would still be pretty safe on Graphene because Google would have no access to other apps activities on the device and even location requests don’t get routed to Googles geolocation service unless the user specifically turns that back on.
GrapheneOS on a Pixel 7 is one of the best decisions I ever made. You can sandbox the shit out of all apps and granularly control the permissions in addition to outright cutting off network access to apps that would otherwise be doing background telemetry garbage all the time.
If you’re terminally online and just can’t imagine life without all the first party Google apps, you’ll disagree with me. But otherwise it is a great decision. F-droid and Aurora Store are awesome. (You can still manually install and use stuff like the Google camera app, Maps and others. Just never sign in to first party G Apps, be careful with your permissions etc. and you’ll retain 90% of the functionality while not having the privacy downsides.)
Yeah I would also like a crystal ball here. I am somewhat interested in the 10 if I can run GrapheneOS. Otherwise I’m going to explore other custom ROMs with broader device support.