It stems from a blind hatred for GrapheneOS and its users as a whole.

I have wondered why they haven’t taken the opportunity to come out with a Graphene-lite for non-Pixels

The issue I see is simply a lack of developers to do so. Trying to split the team between two mostly different projects would most likely cripple both.

This spreadsheet is a very helpful comparison of the different messaging apps. I’ve been using SimpleX for quite some time now, and the only issue I have is some lag on the iOS client.

Aegis is Android only.

In terms of privacy, using a normal credit/debit card provides very little protection.

Thank you so much! Have you personally used BiglyBT? If so, is there anything I should know?

This is a good guide on how to harden iOS. Basically iOS made as private as possible.

GitHub: A place to host open source code!*

*If you do what we want you to do

On multiple occasions I was given the choice to try a Quest. Never once did I.

I once asked a friend if he trusted the lock on his phone (brand new iPhone 15 Pro Max, latest and greatest). He told me he did. I asked him if I could use his phone while it was locked, and he told me “No, I don’t trust you. You would probably hack it or something.” That statement says two things:

1. He only cares about attacks on privacy on a personal level, which is the mental flaw lots of people have.

2. He doesn’t actually trust the lock on his phone, but refuses to admit it.

By the way, here’s a few fun gimmicks you can pull on iPhone users:

1. See if you can swipe left to view widgets on the lock screen. I was able to get someone’s address this way. He told me the whole time “There’s nothing you can find there.” and then afterwards said “Ah, crap.”

2. If there is a lock screen mini widget (under the time) for a clock or related feature, tap on it and it will open the clock app. You can also get there if you can swipe down to access control center if the “timer” button is enabled there. You can then make it look like you unlocked their phone, and start reading off their alarm names. This one has freaked out a lot of people.

3. If they realize how you got there and try disabling control center access on the lock screen (as they should, FaceID is fast enough people!), you can see if you can access Siri and say “View my alarms”.

Note to self: Do not live in Nevada.

Do you recall the exact issue?

No, sorry. Some Reddit/Lemmy commenter.

Is it something fancy?

No, although invisible ink would be somewhat cool. Have any ideas for a “password pen”?

TIL. It’s definitely neat. Thank you for that!

No problem! :) You can also thank whoever on [email protected] posted it (I wish there was a search box…)

The exception, Qubes OS, has Fedora 37 (which has gone EOL since last december) in dom0

Yikes, any reason for that?

Is it what’s elaborated upon in this video? If not, would you mind elaborating?

More backstory time! I have never used a cellular carrier, and only watched that video about a month ago (because it didn’t exist prior). The first part of my life was spent electronicless (because kids really shouldn’t have phones… look at me now mom, I’m talking to strangers on the internet by routing through a global censorship circumvention network!). The next part was spent somewhat disconnected, only had access to a non mainstream social media (it has since been merged with another one made by the same company, and became paid. Capitalism.) through WiFi + never went out much. I then finally had unrestricted access, but still never went out much. Then I started to go out much more, and the places I went to didn’t have WiFi. That, in turn, led me to take up network hacking as a hobby. I never managed to hack the network in question (WPA2-E). Finally, I got my first job around the same time I learned about privacy. That meant I had the money to get a cell plan, but I had the knowledge to know why that was a bad idea.

It’s funny, my mother recently called me because she was stressing about trying to find me a carrier (apparently?) and started saying “Your sister offered to add you to her plan if-” and I told her “I don’t want a carrier, but thank you!” and she said “Oh… Well that solves that problem.” and looked very relieved.

Edit: I guess your question is asking ultimately why I don’t want a carrier, and it is due to the points that were also brought up in that video, yes.

There is a typo: Three O’s in “Outlook”. Also, please add a row for services that include padded encrypted messages. Love this project!

Edit before I get shot down: I am aware the repo says “If you see errors or would like something added, please submit an issue here.”, but Github is not private and therefor I will not create an account. Apologies for the inconvenience.

it’s worth reviewing what Privacy Guides has to say on this.

Interesting! Considering my threat model includes my ISP as an enemy, it would make sense for me to use a VPN behind Tor: However my threat model doesn’t care if my ISP knows I am using Tor, as it would only be collecting data uncorrelated with my activities. Although it could cause legal trouble if a presidential threat (for example) over Tor happened at the same time as my usage of Tor. The change I will make is this: I will resume my current usage until I am able to use a paid VPN plan to speed it up.

but please consider to review Proton VPN on port forwarding

See above, no paid plan yet ;)

Unfortunately, at least for torrents, you’re no longer able to rely on Mullvad VPN.

Bleh, and I was really beginning to like them for allowing cash payments!

Easiest (and also one of the best options) is probably the use of a VM 😅.

Fair, although didn’t GNOME Boxes have some sandboxing issues?

there is merit in forsaking Anonaddy for SimpleLogin if decreasing the amount of trusted parties is desired. However, this comes at the cost at moving more into the the direction of putting all your eggs in one basket.

I am using Anonaddy for that reason specifically, plus the severe lack of features in SimpleLogin’s free version.

I hope an offline password manager is involved to some capacity.

As mentioned, I will switch to KeePass soon. Some of my passwords are stored completely offline, however. Pen and paper never fails, I even dedicated a specific pen for it! On a related note, take a look at this

Do you happen to know how they currently fare against each other in security/privacy features (beyond what’s found on the linked spreadsheet)?

Once I get an Android phone, I will try out Briar (because I am obsessed with the idea). I personally reached out to SimpleX regarding the spreadsheet, and the response I received back outlined that SimpleX pads the encrypted messages both during transit and in cold storage, which they said a lot of other messengers don’t do. A comment on the original post for the spreadsheet mentions that the spreadsheet doesn’t outline which services route through Tor (which Briar does, of course). The spreadsheet is very thorough, and SimpleX is still a relatively young project, so I don’t have much I can say. I’ve tried using it on iOS, and my friend and I both agree it’s terrible to use sometimes due to lag and choppiness. I currently testflight the app, but still no change. Either way, if you want, you can use SimpleX’s built-in support chat if you want to reach out to the team yourself. They are very friendly and don’t talk like a CEO, but there can be delayed response.

Ah, we’ve found the password manager, KeePass (be it DX/XC) is indeed excellent.

Yep! One related note, KeePass on Tails is outdated for some reason. Have any idea why?

I also planned to add this to my original message: I have never once had a cellular provider, which to me has been the biggest privacy boost since burning Windows at the stake.

Noted, thank you!

Thank you very much for your detailed response! I’m comfortable pushing the boundaries of a normal operating system (I kind of have to, I’m a programmer, after all!) but I wouldn’t consider myself a power user.

I will keep looking into it, thanks!

Oddly enough, at the time only having installed a few Linux distros in my life, Qubes OS was very easy to install and ran just fine on my medium-grade hardware. Lots of people mention having problems with it, but I got really lucky it seems. Thanks for your suggestion!

I believe I may have live booted it once (when I needed to perform an action that live booting with Ubuntu couldn’t do), and I really enjoyed the look and feel of it for the short time I used it.

Or it was a different one, but let’s just assume it was Alpine ;)

If I would have to distill your philosophy, it would be something like “be protected from attacks targeted towards low(er) hanging fruit”. Would that be fair?

It may help for me to elaborate a bit. My number one enemy (like most) is Google. I have been completely Google free for 1-2 years now (with the exception of YouTube on iOS, as the alternatives ultimately require a Mac to install, which I don’t have), but I haven’t used Google as a search engine in over 4 years. Besides trying to give as little information as possible (I am currently experimenting with setting up a hard firewall block against their IP addresses, if you have any recommendations on how that could be automated, potentially in Python, please let me know), I also try to give as little information to other companies (Microsoft, etc.) as I can. Now, certain authorities have the permission to request data from companies, not just privacy disrespecting ones. That means that part of my threat model entails certain defenses against such agencies, to make it hard enough to correlate that data with my person. I don’t go overboard, in case anyone is worried. I’ve seen the bondage between paranoia and privacy, and I’ve set myself clear boundaries I won’t cross. So, my main goal is to protect against companies trying to collect my data (bleh, how cliche), but it doesn’t hurt to put in place some decent practices in case the world turns for the worst. I am protecting against attacks from the government towards low hanging fruit, but when it comes to large corporations, I don’t play nice.

If you want an overview of my setup, here it is:

• Tails occasionally (because it’s fun)

• SecureBlue (Soon!)

• Tor Browser when using personal accounts (email, Lemmy, etc.)

• ProtonVPN on all devices 24/7 except when using Tor (for speed) or large downloads/torrents (may look into Mullvad VPN)

• Mullvad browser as a default browser

• Librewolf for functionality Mullvad Browser doesn’t have (Yubikeys, etc.)

• Firefox for streaming some videos that require a specific DNS configuration (Soon looking into how to put an extreme sandbox on it)

• uBlock Origin for all browsers

• GrapheneOS (Soon, finances be blessed)

• ProtonMail + Anonaddy, use disposable emails for accounts that “don’t matter”

• Very, very strong and unique passwords + 2FA/FIDO for everything applicable

• As much FOSS software as I can

• Signal as my main messenger (to help bridge the gap for my friends) until GrapheneOS, then SimpleX (Please take a look at https://privacyspreadsheet.com/messaging-apps !)

• SearXNG as my main search engine (with Google turned on, because my threat model does not go against them collecting data not correlated with me)

• Bitwarden as my password manager until GrapheneOS, then KeePass

• NextDNS as my DNS resolver (which gets overridden by the VPN’s DNS on iOS)

I’ve come a long way since I first (unknowingly) started my journey in 2019(!)