Estudante de Engenharia Informática apaixonado pela área; algures em Portugal.

Administrador da instância

Computer Science student, passionate about the field; somewhere in Portugal. instance administrator.

  • 0 Posts
Joined 3Y ago
Cake day: Sep 10, 2021


I’m not familiar with any service that works at the international level, but over in Portugal, the biggest ATM network, Multibanco, has had a service called MB NET (now integrated with the newer MB WAY app), which allows you to create temporary cards with 3 different behaviours: one-time, monthly, multiple uses. The first one always has 1 month of validity, while the others only expire after a year, and you can define a maximum capacity.

It works perfectly well in foreign online services, but you have to have a card from one of the associated banks (presumably from their Portuguese branch?).

Can’t use cash online, (nearly*) anywhere.

  • Mullvad is the only service I know that accepts payment through mailed cash.

Another commenter said goldwarden implements that through the Remote Desktop XDG Portal, which only GNOME and KDE support at the moment (wlroots doesn’t implement it yet).

Oooh, that looks very neat, thank you!

BitWarden is really good. Has (nearly*) everything I want, works well across all platforms and the free plan is very featurefull. Even though I don’t really use any of the premium features, I still pay for the plan, to help fund development, it’s only 10€ a year.

  • I say nearly because I’d love to have some form of autocomplete in Linux Wayland, outside of the browser extension. I believe one of KeePass apps does this (but only for X?)

What does Windows do? Genuine question, I’ve not used it since the 7 days. Regarding Linux, that’s true for stuff installed through regular package managers and whatnot, but Flatpak is pushing a more sandboxed and permission oriented system, akin to Android.

This has nothing to do with the mobile app, which also has password/biometric unlocking, it’s about the desktop electron app.

No problem, glad to have more people know about it, it’s very useful!

Unfortunately, no. I believe you can’t really get this level of control without root access.

Ah right, airplane mode makes a ton of difference. I also tend to have it enabled as much as I can, usually when I’m home (and thus reachable through VoIP services) or at work. And I (almsot) never turn it off, I just leave it in airplane mode. I limit the charge to 75/80%, with ACCA, so I get even less juice.

And I’m sorry, I also dislike big phones with huge screens and batteries, there’s no real need for that. But I know that you can fit better batteries in smaller phones as well. My previous device was smaller than the Pixel 4a, but had a bigger battery, while having almost identical weight.
I wish manufacturers would make smaller phones, really. I’m very unsure what other device I will get after this one dies or gets broken…

After my 6 year old Redmi 4X’s screen touch decided to die, I got an opened-not-used Pixel 4a (in perfect condition) at the end of 2022, because it was one of the few small-ish phones that had good modding support (Pixel phones are ofc known to be very good to degoogle). I love it. Feels good, works well, has a great camera (got a GCam mod too), etc. Only downside is the smaller battery (3100 vs 4100 mAh), but honestly it isn’t that big of a deal, I can just carry a powerbank on my backpack or, you know, use my phone less.

Back then, it was the perfect choice for me. Now, I don’t know, haven’t been keeping up with current models.

I understand.
You could look into getting a domain either way, it really is pretty simple — you go to a registrar website (I like, choose your domain name and purchase it. To get the email stuff going, it’s just a bit of copy pasting between their guide and the domain’s control panel.

Like I said, this domain stuff is useful outside of Migadu and similar services, but for a more 0-config option, I think disroot is alright. You also have a and StartMail (from StartPage).

If you have your own domain, I recommend Migadu. They take care of all the boring parts of hosting email, while being cheap and very reliable. All you have to do is[1] follow their guude to setup some DNS records and double check everything is right. After that, you have a working email account with unlimited addresses, inboxes and a bunch more nice features.

[1]: Besides getting a domain name, which you should get anyway, since it gives you more control over your digital identity and makes it much easier to migrate providers in the future.

Yeah I feel you. It’s often hard to be fully alert of what you’re sharing all the time. I have slip ups but it’s usually fine, I’m only mega careful regarding things that could give away the city/town/village I live in, and where I work. If I ever really want to talk about it, I will use a different (often temporary) alias.

While this may be a good end goal, these comments are really more harmful than anything else. Removing your dependency on some proprietary service can be very far from trivial, or even doable, there is a wide-range of internal or external factors preventing you from ditching it.
For example, part of my work and a bunch of good online friends of mine use Discord, so I keep it around. If you do any social gaming as well, you’ll also most likely find it hard to ditch the platform, as it’s grown deep roots in the community.

Anyway, it’s better to take small steps in the right direction than trying to make a U-turn and fail miserably.

Interesting, my Discord profile is also very hardened, and while it prompts me for confirmation, it’s always doable in a moment

If you’re on Tor, that’s the very unfortunate reality atm. If you’re on a VPN, you may try switching providers or servers inside the same provider. I can recommend Mullvad, which works very well, even if you get some CAPTCHAs.

Yeah, they have upped their “paranoia” quite a bit in the past couple of years. A while back, I discovered while trying to register for Claude (wanted to give it a shot, was disappointed) and was so satisfied by their interface and prices I’ve used it again in 3 other occasions. There may be other similar services out there, you should give one a try next time Discord prompts you for a number.

Depends a lot on your threat model, of course, but here’s what I do:

  • use a temporary (but recoverable) email
  • use smspool or similar to verify my phone for less than a dollar
  • run Discord in a hardened Firefox profile (hardened browser settings + uBlock)
  • turn everything relevant off in Discord settings just in case
  • don’t share PII in conversation
  • use a VPN (or Tor)

Using a hardened browser and not giving them your real phone are likely the most effective steps, everything else is either less relevant or overkill. As I said, depends a lot on your threat model and on your requirements (some things may be unachievable if you’re forced to use Discord by your employer, for example).

Never heard of Heroic, I just rock the same setup as you. Steam for games I have there, Lutris for everything else except Minecraft (for which I use MultiMC).

Revolt is an amazing project and has a lot of great energy behind it, but one must not forget the issue that is scale. Discord is absolutely humongous, serving millions of concurrent users with pretty good performance overall. I’d love to see Revolt reach such userbase, but realistically, two 2nd year CS students are unlikely to get there. For a platform to reach such volume there needs to be money, which is likely to come with strings attached. Though what you say is true – Revolt has strong open-source roots while Discord has always been a VC fueled company, so I’ll keep my hopes hehe

Regarding Nitro, I agree it is a bit too much, but I actually think a subscription of sorts with bigger upload limits, streaming quality and so on (the original point of Nitro) is a pretty nice model to sustain a platform since it helps cover the cost of all needed infrastructure. Of course, Discord Nitro has since gained a lot of extra fluff and nothing impedes Discord from both selling a subscription and our data (which they’re likely to do), but the premise is quite reasonable.

Like others have said, on Discord the data rests entirely on their servers, without E2EE (so completely visible to them). They claim not to sell any data to anyone on their privacy policy (at least last time I checked, might not be up to date), and if you believe that (which isn’t entirely unreasonable, though I’d find it unlikely) the platform is probably more decent than the other giants. It also lets you browse communities without a real account (you can just open the browser app with a guest temporary account by just giving a name), which is really neat for exploring certain communities, as you were saying.

Now, I’d like to add a couple of points.
First, it’s easy to dismiss this because of the general anti-privacy stance regarding Discord, but it is absolutely undeniable that they have the absolute best platform to run and manage an online community based on chats. They have, in my opinion (and I’ve tried nearly every platform that is remotely known), the best implementation of text and voice channels, reactions, roles, onboarding, events, statistics and bots as well. Guilded was (is?) an excellent platform in terms of features as well, but they lack the massive network effect Discord carries, which is another undeniable big factor. As much as I dislike it, the network effect is really strong and, in my experience, with exception of very close friend circles and generally privacy-oriented folks, realistically adopting other alternatives is really tough.
Second, the corporate feel you mention is a bit lost on me. Certainly they are not as down-to-earth as some community-run projects can be, however they are visibly better than similar platforms like Slack.

Why all this? Am I a Discord shill?
Quite far from it. I don’t like them, nor do I hate them. Hate is a pretty strong word which unfortunately is thrown around quite a lot in topics as this one. Discord is really not ideal from a privacy perspective but let’s not completely disregard its many merits. I find that more often than not, conversations in pro-privacy circles revolve around hating on companies and platforms and dealing with absolutes, but the truth is that privacy need not be dealt in absolutes. It’s all relative and dependant on each person’s needs, and failing to see that more often than not harms the whole cause and people trying to get in.

Anyways, went a bit offtopic, sorry for that. Rant over, I suppose.

I can’t seem to open those links, it says the job offer no longer exists? 🤔