And me over here wanting to use parental controls to protect my elders haha

A win for you getting parental controls lifted, hopefully you can eventually prove to them that the phone is just fine (or even better) with your apps of choice.

My uncle has worked many years in IT and sometimes lectures me on digital privacy and security. But I got a glimpse of his phones and computers, it was disappointing. Bogus security apps and optimizations and a refusal to update Windows. Probably different situation with OP’s father, but quite emphasizes the importance of continuing education.

OP probably isn’t self-hosting it. I haven’t got around to self-hosting it either and:

• a majority of instances no longer include Google
• many instances return absolutely bogus results
• the ones that return reasonable results have a 50% chance of getting ‘Suspended: timeout’

The rate-limiting has hit once-reliable instances really hard in the past few months.

If I had to go WiFi-only, there would probably be hours-long gaps when I am unreachable. So my compromise is to use a non-KYC data-only SIM. Even if VPN is left off, it routes traffic first to a datacenter far from my actual location, and there is no longer a route for unencrypted calls and SMS and the associated spam. I don’t have a habit of streaming media on the go, so the data lasts quite a while and there isn’t much of an urge to use public WiFi.

Doesn’t fully eliminate the problem as IMEI is still sent and the cellular modem is still a rogue black box, but a step in the right direction. Knowing that the cellular modem can run whatever code with deep privileges as it wishes, I try to keep as little of my business on my phone as I can, with the bulk of my workflow centered around my laptop. Don’t get me wrong, I don’t think this automatically makes me immune, but I do think it’s a neat little exercise. Perhaps one could abstract the problem of the modem by getting a separate wireless hotspot.

My friends and family have accepted that they either need to get Signal, XMPP, or Matrix or I will be largely unreachable. The only remaining need for SMS and GSM voice calls stems from work, which is all handled by my work phone that is powered down, or at least disconnected, once I leave for the day. It sucks that this is not the norm, but it looks like I am quite fortunate that my friends, family, and employer all tolerate this workflow.

Take a look at “IoT” SIM cards, they’re a bit expensive and data-only, but might not be subject to the same KYC regulations.

Anyone else wanting to move to CoMaps but procrastinating because they’d have to go about downloading the maps again?

Wow! That’s much more that I would have thought. Can’t wait to liberate my dad’s phone over the holidays, he’s on board with me getting GrapheneOS on it. Will have to see what I can do to their home network as well though since mom’s stuck on a carrier-locked phone.

Me over here having to provide my own work phone because BYOD. At least it’s my old phone I upgraded from, so the cost is already sunk.

Even if they did, your messages are going to be scanned via your recipients who use Gmail without opting out.

Interesting, had no idea until now that there’s such a thing as first-party malware loaded with the BIOS. Admittedly I’m caught in an ivory tower with my Corebooted ThinkPad. Although I haven’t purchased one yet, I’d say you made the right choice going with Framework.

Lenovo’s ThinkPad line has a sterling reputation. Among the best in terms of quality, service, repairability, and Linux support.

As for the largely consumer-grade options of ASUS and Lenovo’s consumer-grade IdeaPads, they’re rather similar in reputation and quality. Not exceptional, but they’re both perfectly fine options as long as you avoid the budget laptop segment (plastic chassis, broken hinges, etc.)

Any difference in privacy would come down to the pre-installed software, which is irrelevant if you plan on using Linux. If you will be using Windows, it’s always better to install your own fresh copy to purge any potential spyware and bloatware installed by the manufacturer. The activation key for whichever edition of Windows it comes with is embedded in the BIOS, so it’ll activate automatically after a fresh reinstall.

the only way i escaped this until now as being able to afford the hefty price tags on linux-only hardware with something like system76 and i can’t afford it anymore since i no longer earn a software engineer’s salary.

Why not a second-hand ThinkPad/Latitude/ProBook? They’re cheap and cheerful and well-supported by most distros.

the only viable alternative would be to build septic tank

Me realizing I’m ahead of the game because I live in a home with a septic tank. But when you have to pump that tank every 5 years, if you can’t do that yourself, it’s going to be a lot less anonymous than a centralized sewer.

Good starting point would be looking up forum or blog posts from people who have disconnected the modem/TCU on a particular EV model. No self-interested auto manufacturer (all of them) would intentionally provide an option in the user interface to take the telemetry system offline. Take note of any side-effects they report, if it needs to be reconnected for inspections, and if there’s any gotchas between software and hardware revisions.

Especially wrt. modern gas-fuelled cars for the typical driver as EV prices are artificially jacked up in many Western countries.

Keeping an eye on it since no other company is offering a similar lack of connectivity, but also not going to be surprised if it doesn’t deliver on its promises.

What privacy though? The situation with LinkedIn just like Instagram. Even though they aren’t open for scraping, there’s still no expectation of privacy among the users who post anything.

Everything in Owner and a secondary phone for all proprietary work and communication apps. The secondary phone is powered off or at least disconnected once I leave work. Google stuff and banking through a computer browser whenever possible.

If I were forced to use only one phone, the secondary phone’s contents would be on a secondary profile. This used to be my setup but switching between profiles throughout the day wasn’t my thing.

I like knowing what my computer is doing and that was noticeably less and less the case as I went from Windows 98 to 10 and all the major versions in between. Before learning about Linux, simply going through the options in debloat scripts made me realize how invasive Microsoft was behind the scenes.

I know that he’s not necessarily the best resource, but Rob Braxman’s videos were first to bring mobile privacy concerns to my attention. Also, while his promotion of his custom phone didn’t lead to me buying one of them, it did lead to me learning about custom Android ROMs and eventually buying a Pixel for GrapheneOS.

No, they respect my goals and seem to have accepted that I’m sometimes just unreachable. The only thing they might be annoyed about is my GrapheneOS and Signal proselytism. If anything, it’s more apathy than antagonism. They’ll agree with me on privacy issues but rarely ever give up the conveniences of Apple, Microsoft, Google, etc. in practice.

Enlighten me, I just want a bit of mindless entertainment while doing the dishes

A noble goal in mind and I’m glad that the output of ChatGPT works for you. I’m not against LLMs in principle, but anything freshly spat out by an LLM is for you and you only. If AI was only used as an aid but you understand the codebase, document it and make it clear. Otherwise, you leave the assumption of vibe-coding open.

HP also made laptops with a Blu-Ray drive built right into them. I got one for a few bucks at a flea market and ended up swapping the BD drive into my old ThinkPad.

I’d look for an alternative. Failing that, I would try every trick to fake that selfie.

The cheap secondary phone is the approach I have gone with for work apps. Powered up only when needed and doesn’t connect to my main home network.

Great for my tablet which is too weak to run IronFox smoothly. One annoyance is that it’ll insist on a refresh if your internet connection is interrupted or changes in any way. The reason for it is not immediately obvious and neither is the option to turn it off (Settings > Homepage > Ask to restart on connection change)

Glove Prints

Problem: Thin gloves like surgical gloves can still leave fingerprints on surfaces.

Source: https://en.wikipedia.org/wiki/Glove_prints

Mitigation: Wear thick, textured gloves

Finally found an explanation for why my phone’s fingerprint sensor works through thin gloves.

Have a NAS, Jellyfin server, and LLM on my LAN so far. Next step is to make them available outside my home, but I’ve been procrastinating.

The firmware isn’t open source and I only chose it for the employee discount, but the blue Yubico security key has held up well over hundreds of uses and several years jingling around in my keychain.

It’s prevalent among pdfs downloaded from academic publishers (text listing the receiving IP address and/or institution running down the margins). I wouldn’t be surprised if it’s also done with hidden white text or in the metadata.

What kind of CPU is in that laptop? The vast majority of x86 CPUs from the past 10 years include hardware acceleration for AES encryption so that the performance hit is negligible.

I want shows like Hell’s Kitchen but for tech stuff - criticizing people’s phones, gaming setups, and server rooms

idk man, but I’d still much rather have encryption, even if I’m up against the alphabet boys:

• They’ll be up a creek if I escape, die, or vanish into the woods first
• If I hid a disk somewhere, I’d rather know they found it when they come to torture me, than have it inspected without hearing a word
• If all else fails, they’ll at least have to expend a modicum of effort and resources to fight me

What’s the point of life if crippling, paralyzing fear is all there is to it? I work on being a good steward of my privacy as much as it brings me joy and satisfaction, not so much that it consumes every waking hour.

Whatever it is, review your threat model. What’s done is done and there is little that can be done to redact any evidence you may have left on the internet. Are you able to stop doing whatever it is that is putting you at risk of legal trouble?

If it’s an drug or psychological problem, you need to seek professional medical attention. Many people die or suffer life-changing illness each year fearing that their doctors will rat them out for substance abuse. Don’t be one of them. Patient privacy laws, at least in the US, prevent your doctors, therapists, etc. will protect you if you go and seek help. The main thing that they would have to disclose is if you make direct, credible threats to other people.

If it’s a criminal operation or worse, lawyer up and good luck.

I’m ready to be called milquetoast, and while I see where this comes from, it comes off idealistic if we are to communicate with people in the present day in any practical way. Do not forget how much of an improvement it already is over the likes of proprietary messaging apps and how much effort it already is to move people to Signal. It is surprisingly difficult for common folk to grasp the concept of anything but a phone number when it comes to messaging apps.

I’m interested to see if anyone else has run into the same situation and found a good thought process for it. Problem is, if I need to pull anything from a pseudonym over to an identifiable portfolio, that pseudonym is no longer useful. But I can’t really justify getting a personal domain name if all it’s doing is hosting a glorified resume.

Using a bridge can sidestep telemetry that comes with official apps/clients. The services will also see a ping from your bridge server rather than, say, a direct ping from your mobile device. Make sure to self-host if you want to avoid introducing new parties to your communication stack.

Conceptually, it’s a messaging app done right. Not haunted by legacy identifiers like phone numbers, can be run in a decentralized manner, and a more secure invite system.

In practice, it tends to burn through battery, and it’s already hard enough getting people to use Signal. People also seem to have a hard time grasping the concepts of invites, or anything that’s not a phone number for that matter.

I’ve stopped using it due to the battery issue and I don’t want to fragment my communication strategy further. It ought to have a privacy advantage by virtue of not needing a phone number, but at the end of the day, my messages are also getting swept up on the other end by non-privacy-respecting phones.

Maybe leeching (cursory search suggests subpar upload performance), but your hard-earned money would be better spent helping out a more ethical VPN provider than thrown to the sharks.

Most of the popular open-source ones are fine. VSCodium if you want a rich GUI or perhaps Geany if you want a lightweight but beginner-friendly editor. Only things you’ll have to watch out for are editors with online features like AI integration, particularly Microsoft VSCode and the new notepad.exe with AI.

What a shitty banking app. The malware explanation could just be customer service boilerplate. They might have just implemented some commercial fingerprinting/analysis/security library in the app that freaked out at the minimal fingerprint of the GrapheneOS profile and defaulted to locking you out.

As individuals, we need to continue defending and advocating for our privacy - using privacy-respecting phones and software even if it’s difficult and organize against surveillance capitalism, or at least donate to existing advocacy groups. And the developers that make privacy-respecting alternatives more accessible. Not much of an easy way out since we’re up against Big Tech on a profoundly uneven playing field.

But for immediate issues like this, I would get a cheap separate phone with regular Android to handle the app if the bank doesn’t offer the same services through a browser. Try to keep it on an isolated network and only power it on when necessary.