No, Tails doesn’t solve this issue at all. It’s built for maximum anonymity, not security. It also uses Tor for all connections, which will get your bank account locked immediately. Qubes is a good option for security, but it’s way too complicated for most users. Stop making up some random shit and accept that mobile devices running modern operating systems are reasonably secure and definitely more secure than your ordinary desktop.
I’m talking about the security model of the platform, not the way you use your devices. If you do your online banking in a browser on your computer and your system gets infected with malware, that malware can access all the files on your computer. Including application data of your browser. It can access your cookies, which your bank’s website uses to store your login information. Such an attack is impossible on a mobile device, since apps can only access their own data, and inter-process communication is heavily restricted. Additionally, mobile operating systems like Android have complex permission systems, as well as kernel-based mandatory access control like SELinux/SE for Android. Your typical desktop OS has none of that. Android also has a strong implementation of Verified Boot, which makes sure that malware can’t persist on your system partition, even after your device gets infected. I recommend this video if you want to learn more about mobile device security: https://youtu.be/yTeAFoQnQPo
A phone is more secure than most desktop computers. https://youtu.be/Wd4Pa03LvLk
GrapheneOS even significantly improves Android’s already pretty good security model.
Oh sorry, my bad. I meant it’s not some third party app that has to be installed with root privileges, but rather just a well integrated part of the system, which uses Android’s permission system to deny internet access.
I remember having used Shotcut many years ago
If the machines are on the same network, try LocalSend
GrapheneOS has a built in Firewall that doesn’t require root privileges. Also, you don’t trust the GrapheneOS devs who arguably create one of the most secure operating systems on the planet, which is open source and can be verified by everyone, but you trust Calyx devs who regularly go months without releasing any Android security patches and include highly privileged third party apps in their operating system. Makes a lot of sense.
CalyxOS has pretty bad security. They install F-Droid and microG with root privileges, don’t release updates regularly and lack many security features of GrapheneOS.
I like Thunder and Eternity
GrapheneOS is amazing
Yeah Vultr is great
As far as I can see on their website, they don’t mention end to end encryption or zero-knowledge encryption. If that is true, it means that they are able to read all your emails (and so can the government if they order them to reveal the data). They sometimes use some pretty confusing marketing slag in general. It’s misleading because they advertise things like in-transit TLS encryption, which is standard nowadays. Even Gmail, Outlook, iCloud, Yahoo and other mainstream email providers have this by default. This is nothing special and they hope that people think it means the same as E2EE. If you care about data ownership, you should also care about (end-to-end) encryption. Only when you are the only key holder, you can be sure that no one can access your private stuff.
Sure, you go ahead and try it out for yourself to see if it works. Just wanted to let you know that selfhosting an Email server is not easy. Regarding ethics, I like Proton because they support privacy, open source software, and they never sold out to VC. Their website is accessible via Tor, they accept Bitcoin payments and they actually care about their users. That’s probably the most ethical email provider you can find.
You need to update Pihole
They probably don’t allow email. Most VPS providers (even paid ones) block SMTP port 25.
I wouldn’t actually selfhost email, it’s not particularly easy and there are many issues you will probably encounter. I recommend ProtonMail, it’s $3.50/month if you only need email and for $8/month you also get calendar, cloud storage, a password manager and a great VPN. Also, they are very focused on privacy and encryption and their apps are open source. Alternatively you can go with IVPN or Mullvad, both are great. Digitalocean has been fine in my experience, have you had any issues with it?
You can get it from F-Droid
Basically every bank blocks Tor and many even block VPNs. Also, Tor Browser is not particularly secure. It’s been designed for fingerprinting resistance and network anonymity through the Tor network. The Tor Browser is based on Firefox, which lacks many important security features like site isolation, Control Flow Integrity or any meaningful sandboxing. I absolutely hate Google and their monopolistic business practices, but Chromium is by far the most secure browser. Especially when it’s running on a secure mobile operating system. GrapheneOS goes even further than Android and deploys a hardened memory allocator (which was actually ported from OpenBSD), which significantly reduces the risk for memory coruption. On the newest generation of mobile SOCs (ARMv9), GrapheneOS enables memory tagging by default. Again, find me a desktop platform with MTE. This once again proves my point that mobile devices are simply more secure. Every single piece of hardware and software in your phone has been built with a strong focus of security.
I absolutely agree on this one. Look at the Lemmy instance I’m on. I’m a big fan of Monero, but unfortunately there aren’t many places that accept XMR.