Not the OP, but there was a time about a year ago (can’t remember if it was pre- or post- Daniel leaving the team lead role) where graphene was very vocal about how they felt that the Google play store security model was superior to that of F-Droid and Aurora. They poured massive amounts of development in to making it possible to use the play store directly in the OS through the sandboxed plag services. They expressed very clearly that they felt the only safe places to get apps was either directly from the developer or through the play store.

Graphene hasn’t been as vocal about this kind of stuff since Daniel stepped out of the limelight, and I did a quick search for the old twitter posts that covered the topic but couldn’t connect to them on twitter. That could just be because I don’t have a Twitter account and Elon is jacking up Twitter access these days.

I’ve been using GrapheneOS for about a year and I’ve never seen F-Droid bundled in their installer or app store. They’ve been vocally against F-Droid for quite some time. Other more FOSS focused projects bundle F-Droid.

Is user data stored on air-gapped computers? I’d be very surprised if it was. Offline doesn’t necessarily mean innaccessible, and in fact user data must be accessible as a database on the company’s intranet in some way in order to perform the search and removal efforts. Plus there’s the (albeit small) possibility of rogue employees deciding to do something nefarious with their personal access to that info.

Trusted to do their job? Personally, I think so, and would go as far as to say the main contenders are not doing anything fishy with your data.

I think the trouble comes in with the fact that they become a high-value target to hackers because of how much information they have on their customers. I’m sure that they take a lot of technical precautions to safeguard user data, but for me personally, the risk is not worth the value proposition.

Certainly not, as a resource they are invaluable. Just a few trends that I personally take in to account when it comes to their leadership. Kind of like recognizing a news outlet has a slight political leaning.

Yeah there was drama between the current team and the original founder of Privacytools.io

Long story short, they disagreed on how to manage the site and had differences regarding ownership of contributed content, so the bulk of the team started up their own site in an effort to separate from the founder. Probably good given the monetization efforts the founder was starting to incorporate in the site (and is currently doing last i checked).

It does seem wrong to me that they archived the privacytools.io reddit though, I can only take that as them wnting to drive traffic to their new site and subreddit. They should have let their work stand on its own merits.

I’m unaware of any specific failings as well, but I think there can be some issue with the very specific set of priorities that shape their recommendations. It was one of their main admins that corresponded for Techlore at the Synology conference in the video mentioned by the OP, promoting closed source software. That’s all based on your values though, as closed source software can still be privacy respecting. All in all they are a good resource, but it seems like they, along with Techlore, have shifted focus to convenience and centralization instead of more rigorous compartmentalization and FOSS.

I’ve been following Techlore from the early days Go Incognito, and I’ve definitely noticed a change in his content too. He seems to have lost some of his idealism and is more focused on convenience and the just works mentality. The shift started to happen around the time he started collaborating with the admin team from Privacy guides more often.

I get it that a person may get to a place where their approach to privacy takes on a more general and unfocused approach, but his videos do seem a little tone deaf to the specific audience he spent years creating 😕

Haha well done! 😄

Tuta is where I’m at for now. They have stricter privacy than proton and are much more active in their app development. They have an Fdroid release for android and a desktop app for Linux which make life pretty nice.

I have had some connectivity issues with their servers lately though, especially on desktop. I don’t know if it’s my DNS setup or if it is unreliability on the server end. In any case it hasnt been too bad.

They seem like a great company, If I ever did move to a paid service I would probably go Mullvad or IVPN, but I just can’t bring myself to sign up for the $5 monthly with how infrequently I need it.

I hear you there. I’m still using their email somewhat, but am transitioning away from it. I do lean on protonvpn as well, haven’t found another trustworthy free service that I can use for those few times a month I need to be on some public WiFi.

Yeah 🥲. I used proton calendar for some time but ended up going in on WebDAV nextcloud centric calendaring. It’s been more complicated, but at least it is very open (while still being private enough for me)

Sounds like you’re ready for a different email service 😉

That’s a no on Proton calendar working with third party clients. The encryption makes secure syncing difficult, either decrypt it before transit and have it be insecurely sent, or share the decryption key with the third party app so that it can decrypt the data once it is received, which has its own concerns.

I appreciate this comment. I agree with both sides of the argument to an extent, but feel that there is some unbalanced thinking with this rejection of Fdroid that’s been happening. Its a hugely important service.

The general public’s apathy towards privacy is quite frustrating. I think there are laws that are pretty much what you outline here to one degree or another in various countries. Whether people respect them or whether the government respects them is a totally different thing though.

Techlore, The New Oil, and The Linux Experiment. All three have YouTube channels as well.

Getting a functional nextcloud server. I self-hosted mine, but there’s lots of VPS options that are pretty easy to set up.

It’s basically a drop in replacement for the majority of proprietary productivity suites (i.e. Google drive, onedrive and icloud). One service covers a lot of bases.

Not necessarily bad, the lower the number the harder it is to fingerprint you. In other words, your browser stands out much less and is less noticeable from the masses than the OPs browser.

Generally the more security/privacy tweaks and add-ons you apply to your browser the more secure it gets, but you tend to stand out from the masses more because of the changes, resulting in the 1 in 4,000 type stat. It becomes easier to differentiate your traffic from others.

Whether anonymity or security is more desirable depends on your threat model.

Edit: “Your browser fingerprint appears to be unique among the 186,867 tested in the past 45 days.” Evidently I stand out quite a bit 😂

Glad it helps! Yeah DNS level adblocking is hugely helpful both in terms of privacy and security.

I hear you man. That exact thing happened to me back with the Pixel 2.

You know, I’ve heard of people having success getting the carriers to remove the lock on the bootloader sometimes. It may be worth calling Verizon’s support line and asking them to do it.

Here is a good debloater that should allow you to remove some of the cruft from Google. It utilizes Shizuku which is a fantastic tool for accomplishing stuff without rooting your phone. I know I’ve seen debloating guides on YouTube that walk you through the stuff you can get rid of.

Something else that could really help is using a DNS blocking service to filter out requests to ad/tracking domains. I use NextDNS right now because it has some pretty comprehensive filters that are very easy to setup. Here’s a video that goes over setting it up. Pi-Hole or Adguard are self-hosted options, I used Pi-Hole for awhile and liked it, but switched in order to simplify my digital life a bit.

Edit: also, here is a guide from a reputable privacy site that covers a more technical approach to degoogling stock android. You can do a lot more than you might think.

Absolutely, there are some really good ways to mitigate the data flow even if you can’t stop it entirely. The OS is a big deal, but I think the most fundamental change to make is the apps and services you use.

You’ve probably already done that to a degree, but see if there are more changes you can make.

Alternativeto is an excellent way to explore your options, but also the techlore and the new oil youtube channels are fantastic resources for limiting privacy leaks.

I’ll post a few debloater apps that I’ve run across when I get home too, I haven’t used them but I know there are options for removing some of the tracking elements of stock android.

That’s good to see a comment with a link, that’s what helps people make informed decisions, not simple statements of opinion.

Thats true, but introducing ads or crypto is not morally evil or a reason to not use a browser for most. It is the data collection that can accompany the ads or crypto transactions that’s the problem for most of us. What are the details on how the ads or crypto currency is currently handled in Brave? That might be a good reason not to use it.

It does have advantages over hardened Firefox, as chrome has better security features than Firefox (as the grapheneOS devs love to remind people). I don’t like it, but it’s true. Someone who’s threat model prioritizes security over privacy is going to want a chrome based browser.

I’ll add a reason against using it that I feel strongly about, it furthers the chromium webview monopoly that nearly every modern browser is a part of. I’ll stick with Firefox for that reason alone personally.

This is not a helpful comment 😄 give some reasons, don’t expect people to simply listen to a statement of opinion.

I know the name but haven’t seen the show, I’ll have to check it out. Its funny, years ago I watched the movie Antitrust but it all went over my head. Recently I watched it again and nerded out to the linux/Foss ideaology in it.

There were some small things that I can’t remember very well (like looking in to lineageOS), but I think the first wake up call to how deep I was in to the google ecosystem was when I stopped my youtube premium account and started looking for alternatives. I found newpipe and got hooked on privacy respecting software like it was a drug. Techlore was a big part from that point on. I watched through go incognito one video at a time while I was at my night job.