I tried the second approach for some time, but using NoScript became really annoying, since I never knew which scripts are necessary, and which are used for tracking or some other bullshit. It was always trial and error, and just felt tedious and unnecessary. I wish NoScript would have a built in whitelist of scripts that are known to be necessary for websites to function, this would avoid breakages and make it much more comfortable to use.
And basically 99% of the modern web doesn’t work without JS. I don’t know why there are still so many people running around and saying “disAblE jAvAscrIpT!!!”, yeah like how the fuck am I supposed to use the web??? At that point, I could also just delete my web browser, it would literally have the exact same effect.
You don’t control any VPN services hosted on someone else’s (e.g. a cloud provider’s) infrastructure. They have full access and can technically do anything. And they see your incoming and outgoing connections. This is stupid, and doesn’t give you any privacy benefit. There are good and trustworthy VPN providers like Mullvad, IVPN and Proton. Just acknowledge that.
I’ve been using OpenCalc, but CalcYou seems great too
A privacy policy is only legally required when you actually collect user data. Most devs don’t write a privacy policy for no reason, so seeing one can often be suspicious. Btw if you are worried about a FOSS app tracking you without disclosing it in their privacy policy, if this is the case, F-Droid would display it under the Anti-features section.
Yes, I use and recommend Clock You: https://f-droid.org/packages/com.bnyro.clock/
+1 for the Minecraft Clock mentioned in another comment tho
It’s actually a problem with Google, because the only reason GrapheneOS doesn’t pass the Play Integrity API check is that Google enforces a whitelist of allowed operating systems. Even though GrapheneOS is 10x as secure as the stock OS, Google doesn’t allow it. Since this is a highly monopolistic practice, the GrapheneOS team is talking to regulators to finally stop this: https://grapheneos.social/@GrapheneOS/112916691727814901
Because it’s Google’s proprietary garbage app. Use FOSS alternatives from F-Droid instead.
Using 2FA on all accounts that offer it is just as important. And make sure to use a good, open-source TOTP client like Aegis on Android or Tofu on iOS.
Definitely make sure to backup your seeds in an encrypted format (e.g. Veracrypt container or GPG-encrypted files). If you lose your seeds, you lose access to your accounts.
I like to use the automatic backup feature in Aegis, which syncs my encrypted vault to my Nextcloud server. You can also enable compatibility with Android’s backup API and use that if your ROM includes a backup solution like Seedvault.
I don’t self-host my primary mail server either, but it’s fine for my aliases (I use self-hosted addy.io but SimpleLogin can also be self-hosted). I use PGP to encrypt everything on my addy.io instance, and only decrypt it in my email client.
LineageOS for microG is a custom build which already includes the patch to enable signature spoofing. This still means that microG is running with root privileges. It btw also includes the F-Droid privileged extension, which is yet another app running with elevated privileges and adding unnecessary attack surface. Installing microG is the quick and easy workaround to get Google Play services, but it’s more like a dirty hack that reduces security. GrapheneOS is currently the only ROM that properly integrates the official Google Play Services using the Android app sandbox. This also increases app compatibility, and it’s the reason why most banking apps work without any issues on GrapheneOS, while they are broken on Lineage, Calyx and other ROMs that use microG.
That’s pretty sad to see, Techlore is one of the main ways how I got into digital privacy and security, but ever since they removed GrapheneOS from the mobile OS recommendations section on their resources page, I don’t feel like it’s a trustworthy source anymore. Removing the most private and secure mobile OS from your OS recommendations, while claiming to give people privacy and security-focused recommendations is pretty hypocritical. Instead they recommend CalyxOS which rolls back default AOSP security features, LineageOS which doesn’t even work with a locked bootloader and microG which requires root access. It just feels like a bad joke.
Absolutely