The title is a quote from Mastodon. I’ve always seen dislike towards snap so I was taken back when I saw this stance. The person who wrote this was referring to Tuxedo Laptops....
4get, SearXNG and Whoogle are pretty good proxies for most search engines. I’ve recently been enjoying 4get with DuckDuckGo, it works really well. No ads, no trackers, no bullshit. Just a lightweight page that allows me to search the web privately.
For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash...
For a good reason. Pixels are currently the only phones besides iPhones with proper hardware security. Only Pixels support hardware memory tagging, have a secure element (Titan M2) that supports the Android StrongBox and Weaver API, insider attack resistance and hardware key attestation. They also have a programmable USB controller, that allows you to fully disable any USB data connections while the OS is running. The GrapheneOS team maintains a list with hardware requirements at grapheneos.org/faq#future-devices
privacy-oriented distributions are more likely to be targeted by intelligence agencies
Since GrapheneOS is based on Android (AOSP), any vulnerability that exists in Graphene definitely also exists in AOSP. Graphene is often faster at fixing security vulnerabilities than Google. GrapheneOS makes some substantial security improvements to AOSP, so the chance of a bug in AOSP being exploitable in Graphene is much lower.
trusting your OpSec in the good will of someone it’s not a good idea, at least for me
That’s literally what you’re doing with the stock OS. Since it’s proprietary, no one can actually verify what’s actually going on. You’re literally trusting a billion-dollar big tech advertising corporation that participates In the NSA PRISM program. What you’re saying doesn’t make any sense.
Mental Outlaw recently made a pretty good video about this, where he showed how to access and analyze the data that’s been saved by Recall. It also shows how easily an attacker could grab all that data. www.youtube.com/watch?v=oSBDkPxivuA
SimpleLogin has a free tier, which is limited to 15 aliases. But if you have a paid Proton subscription, you can connect your SimpleLogin account and you get the premium version.
Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what...
I recommend building your own router. It might sound complicated but it’s not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you’re ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I’m very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.
It’s not cheap, but this setup doesn’t just serve as a router. It’s also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I’m speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it’s called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it’s very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.
Just switched to a new phone carrier, and they had a promotion that included a free phone: the Google Pixel 8. I’m not a fan of Google, but I am a fan of free, so I took the bait....
Consider yourself lucky for using a Pixel. These are actually the easiest devices to degoogle. You can replace the entire bloated and spyware-infested stock Pixel OS with GrapheneOS, a much more private, secure and minimalistic, open-source alternative. It is pretty easy to install, the web installer should be self-explanatory, but you can also watch this video: www.youtube.com/watch?v=ZAZlmYKrwfk (it does say for Pixel 7, but the steps are exactly the same on the Pixel 8 or any other Pixel, so don’t worry)
GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS)....
It doesn’t say anything. It shuts the device down almost instantly, and simulnateously wipes the encryption keys from the secure element, ensuring that the data stored on the SSD can’t be decrypted.
I have several years of Linux experience and I know how to fix my own problems, and I have experience self-hosting using Docker and Docker Compose, but I really feel that I don’t know how to self-host and that I just copy and paste commands without understanding it, I would really like to learn how to self-host by myself but I...
How do I make my immich available publicly?
I have self hosted immich on Debian on my homelab. I have also setup tailscale to be able to access it outside my home....
anti-snap stance is anti-consumer
The title is a quote from Mastodon. I’ve always seen dislike towards snap so I was taken back when I saw this stance. The person who wrote this was referring to Tuxedo Laptops....
no really how do we fix this?
United Airlines passengers to see targeted ads on seat-back screens (www.cbsnews.com)
Why do so many people still hate GrapheneOS?
For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash...
Alternatives to Adobe Creative Cloud for an easily frustrated boomer...
Not me. I have a client who’s a very sweet old lady who’s business is doing real bio science to treat cancer patients with cannabis extracts....
Transcribro: Private and on-device speech recognition keyboard and service for Android. (github.com)
Private and on-device speech recognition keyboard and service for Android. - soupslurpr/Transcribro...
Microsoft's Recall Feature Is Even More Hackable Than You Thought (www.wired.com)
Proton Pass for Linux (proton.me)
It's not escalation if they're made in Ukraine! (sh.itjust.works)
r*ddit
Networking Gear Recommendations? (starting from scratch)
Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what...
Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8?
Just switched to a new phone carrier, and they had a promotion that included a free phone: the Google Pixel 8. I’m not a fan of Google, but I am a fan of free, so I took the bait....
GrapheneOS Now Supports a Duress Reset PIN (grapheneos.social)
GrapheneOS provides users with the ability to set a duress PIN/Password that will irreversibly wipe the device (along with any installed eSIMs) once entered anywhere where the device credentials are requested (on the lockscreen, along with any such prompt in the OS)....
What tips or resources would you recommend to someone who knows about Linux and wants to self-host, but has no experience self-hosting?
I have several years of Linux experience and I know how to fix my own problems, and I have experience self-hosting using Docker and Docker Compose, but I really feel that I don’t know how to self-host and that I just copy and paste commands without understanding it, I would really like to learn how to self-host by myself but I...