OP was talking about Lineage, not Graphene.

If an app doesn’t have data it cannot share it.

If you don’t install the app, it cannot breach your privacy.

You don’t need direct internet access to leak information, for example, an app with access to your calendar has indirect internet access.

Keep your existing phone and OS.

Use it differently. Decide what information you store on it, which applications you install or disable, what permissions you grant and what services you use.

Just installing an OS to “debloat and degoogle” is not ever going to change anything unless you change your habits and you don’t need to change OS to do that.

You already know the answer to this question.

The Hollywood hacking depictions are equivalent to seeing syringes being used on film. To the uninitiated it looks “real”, the reality is somewhat different.

Source: I’ve been an ICT professional for 40+ years and have had hundreds of (medical) needles poked in me over much of my life.

Privacy breaches come in many guises … this is one of them.

Yeah … that thought occurred to me as well.

I wonder if there’s a way that you can legally monetize the process, so the organisation who left a gaping hole … or several bazillion in this case … gets an education in corporate security and the researcher gets paid for their efforts. A corporate symbiosis if you like.

If course the non legal way is extortion … but that tends to go towards warfare and mutually assured destruction, rather than collaboration.

Perhaps this opens the door to a white hat penetration testing department at the corporate regulator who issues fines (which pay for the work) … but I’m not seeing any evidence of an appetite for anything even remotely resembling such a set-up anywhere on Earth.

Espionage on the other hand …

Seems like prima facie evidence evidence to me that Intel is about to go bankrupt. It reminds me of the “Intel Inside” warning labels of the 1990’s … seems like a good idea, until you realise that it’s sinister and counterproductive.

😂

Education.

In my experience, Sarcasm and Satire appear to have cultural hooks that prevent them from translating well online.

I’m not a Telegram user, but the internet says: https://www.ticktechtold.com/export-telegram-chat-messages/

VLC over a VPN?

Not just the EU, the rest of the world. The whole point of OSS was to distribute knowledge across all of humanity, not just be used as a way to make trillions of dollars in profits by a few billionaires working off the backs of OSS developers.

“Your proposal is acceptable.”

I only noticed the € vs $ because I was searching for the case, so all good.

It’s telling that they continue to attract fines. I saw the ones you mentioned also but didn’t have the energy to start digging.

Despite assertions made to the contrary in this thread, I’m not at all convinced that they’re doing anything other than maximising shareholder value to the exclusion of all other considerations, including making a risk assessment in relation to paying fines versus compliance with the law.

Interesting, when you read that article, it says that Meta will appeal, searching for the GDPR fine and the appeal, all I found was more fines, but no records of the results of any appeals.

Also, it was €1.2 Billion, not $1.2 Billion.

Again, you vastly underestimate the size of Meta.

In the last quarter of 2024 it shows a net income of $20,838 million. A $20 million fine would change that 3 into a 1 and again, that’s net income for just for three months.

Source: https://investor.atmeta.com/investor-news/press-release-details/2025/Meta-Reports-Fourth-Quarter-and-Full-Year-2024-Results/default.aspx

What are the legal implications of hosting this information in a different jurisdiction and are there places where this data would be legally protected?

Think about it in terms of risk / reward or if you like, shareholder value.

If the value of the data exceeds the fine combined with the risk of it being discovered, the data will continue to exist.

Factor in the cost of actually guaranteeing that deleting something across all online, nearline, offline and archived data stores and the chances of anything being purposely deleted are not high.

Accidental data loss, sure, purposeful data loss, I can’t see it happening.

And?

I’m going with … never.

Perhaps you should ask the moderator of the community from where that post was removed.

I’ve been using Adguard public DNS for over a year across my LAN and it works great, with much less hassle than a pihole, which I previously used for years.

I miss the ability to add random hosts to either black or white lists, but in reality only used it sporadically.

All google advertising does that. It’s blocked in my network too.

There is no mention of e-ink, OP has an Android device, I have an Android device, I read eBooks on it daily, I use FBReader. I’m not sure what all the kerfuffle is about.

On Android I use FBReader. I paid for the Premium version.

https://play.google.com/store/apps/details?id=com.fbreader

Where are you hearing this?

And now you know why we’ve been telling you not to use Telegram.

You don’t need to.

By using metrics like IP address , age, gender, race, religion, city, workplace, application, website, favourite song, colour and flavour, throw in a few more questions and you can lucratively target specific groups of people.

By COMBINING those metrics you can target extremely small groups of people, groups with precisely ONE member.

No need for a unique GUID at all.

Effective for whom?

The users who’s data was disclosed, or the company that made the disclosure?

I discovered that I watch enough YouTube to warrant paying for a premium subscription. I’ve turned off viewing history (after one video, so the homepage renders).

This isn’t a solution for everyone, but it works for me.

I hear you, but in the last year I’ve begun wondering if full public disclosure isn’t a better way to go these days.

The sheer volume of breaches is overwhelming and in my experience (of over 40 years as an ICT professional) many companies sweep their failures under the carpet, hide behind crisis management teams and marketing speak, and ridicule those bringing issues to their attention.

Their disclosure is abysmal if it’s made at all and there are precious few who reveal precisely what data was exfiltrated or how the issue was remediated.

This way anyone can verify the issue and companies cannot hide, everyone sees precisely what’s leaked and can act accordingly.

If you know of a more effective way, I’d love to hear it.

So far the Wayland implementation requires embedded X11 which puts everything in the same environment again.

I’ve not yet discovered how to run separate Wayland screens across the network from a Docker container and I’m also not sure if either Chrome or Firefox actually support native Wayland, from memory they didn’t last time I checked.

I don’t know. When I built this, several years ago, none of that existed.

This is true.

However, I’m running trusted software, not the backyard efforts of someone randomly selected off the internet.

Additionally, the Docker container is running on a dedicated Debian virtual machine with only Docker installed.

What’s of deeper concern is that all instances are running on X11 which means that they all share information via the clipboard for example.

That’s precisely what I do.

Excluding Chrome, Firefox and Safari means that you are now relying on some random developer to understand security and privacy and as a software developer for over 40 years I can tell you that this is a fools errand.

Don’t get me wrong, the big three absolutely have privacy issues, but they can be mitigated in many different ways without compromising on security.

For example, you can force DNS requests to one of your choosing, you can run them in incognito mode, refuse cookies, run them inside user accounts without personal information, etc.

I tend to run individual instances of a browser in incognito mode and am very conscious of which tabs are open in which instance, so websites cannot steal information from other tabs.

What makes you think that new hardware coming from a manufacturer is more secure than second hand hardware?

There’s numerous examples of hardware being compromised before it even got into its original packaging, let alone those intercepted during shipment.

In other words, at some point you need to realise that there are no guarantees in life.

One way to implement this: https://chinwag.au/verification/

I’ve been using Linux for almost 25 years and I’ve never once considered mouse or keyboard incompatibility, and that’s including ADB, PS/2 and DB9 devices, let alone USB.

As far as I know, you can intercept any signal from any such HID device and map it to whatever action you want to achieve at whatever level you need it.

I’m happy to be wrong, but I’d be surprised.