Yes, I have the same issue with DDG for something like a year now. I can’t use it anymore for basic searches, I feel like the bing api they are using is getting worse and worse.
I think that’s a good setup. If you must have Facebook Messenger, my advice would be to maybe use a work profile for apps that track you. Compartmentalization is the key word here. Apps like Shelter make it really easy. I have to use WhatsApp and that is an app that is in the “unsafe” profile, aka work profile.
I have a question about the work profile: would it make sense to isolate the PlayStore too, as it‘s google? Because this is the main painpoint for me, as I cannot move to a custom rom with my phone currently
If you dont root that will Not be possible. Playstore is a key Feature of most Android Roms that ship with the phones. I run grapheneos. There i have Google Services disabled im my core Profile and have a separate Profile with Gplay. I know, that due to imei and other factors Google could easily track me possible but that’s Not my worry
What, social lives? Get outta here with that nonsense and be a hobbit like the rest of us :)
Seriously though, if you’re thinking on a phone I’d reccomend just creating a second profile instead of getting a whole new device. The apps won’t be running when the profile is running, and as a bonus you can usually restrict the profile’s permissions. Also consider checking out web wrappers (e.g. frost) or PWAs.
On a desktop you can always just use the web version, bonus points if you auto clear cookies or have a separate profile.
Edit: if you already have a spare then that might work better than profiles.
I think that a spare device with disabled GPS and maybe even disabled microphone (can i do that?) would work best. Some of the features on Instagram can’t be accessed on a browser
Not sure I trust a random repo here. I dont have the skill to look through the code. In this regard I prefer - after all - gboard. The changes me login credentials get stolen by google are smaller than the chanches I am duped into installing a random keyboard from github. Just based on my threat model and my skillz.
Holy crap, I didn’t know about this fork before now. I kinda thought that OpenBoard was sorta… abandoned at this point, but seeing the improvements from this fork just made me go and try it again. Normally I just use GBoard with it’s connections disabled (CalyxOS, so that is possible to do in a secure way), but trying this out now to see if I can dump Gboard entirely.
So helpful, I’ve been trying to find a replacement for gboard for so long that has the gliding functionality, plus clipboard and easily accessible microphone for speach to text typing (using Futo).
Can finally really consider replacing Gboard for good.
I did not found it because it is needed to switch to “new” branch. The installation of the library is not trivial (adb and such), so I ended installing AnySoftKeyboard. Thanks for your help.
Do you find its sometimes hard as hell to follow replies? I never remember having that issue with Infinity, yet seem to have it all the time with Eternity.
This sounds like the kind of thing you could use Huginn for… I’m still picking up how to use it expediently but it does sound possible.
Update: I have since abandoned Huginn due to an incredible amount of instability when using it with an external Postgres instance. Can’t say I would recommend it unfortunately
Because if it uses the internal VPN feature, EVERY system app can bypass it, and the Captive Portal app and others certainly do.
Only GrapheneOS fixes that afaik, providing their own Servers for captive portal, connectivity check, SUPL proxy server (strips off data and Google still has to manage because monopoly)
Same with Graphene, there’s no way around that if you want the phone to work. But I can’t agree with Lineage being better. They’re user debug ROMs, the dev’s are never willing to call a release stable, don’t even remotely have the hardening that Graphene does, and walking around with an unlocked bootloader is a huge security threat both from a physical and remote exploit that would attack the boot partition/space. Add to that you don’t have verified boot working, so you’d never even know it’s happened, or attempted.
Then there’s the microG problem of apps that need the play store verification to work, banking apps that won’t work, even apps that don’t do license checks and simply need to prove they’ve been paid for will be dead most of the time. Plus, Lineage out of the box is still contacting Google, yes, you can undo that, but how many are aware of that and actually finish de-googling it? If I was stuck with a phone that wasn’t a Pixel I (may) use it, but given a bunch of apps I want to work wouldn’t, would probably just sell the phone and get one that’d run Graphene. If you take user bias out of hit and logically compare them, saying Lineage is better than Graphene is basically impossible to do. You can run Graphene and have a phone that in most cases runs 100% normally, most apps that bitch about modified phones are perfectly happy running on it and the user gains the security and privacy upgrades, without the downsides. Clearly they still need to make smart app choices, but they also don’t have a phone that isn’t a constant pain in the ass.
OK, I never claimed one did. We’re talking the masses here, including the masses of people who still like privacy. Not one off use cases where people are content with F-Droid only phones, most aren’t. Most want the line of Privacy, Security, but also still have smartphones that are smartphones and not a bunch of outdated many times abandoned apps that look like they’re from the KitKat days. If you’re OK with that cool, but the majority typically isn’t.
The problem with graphene is that is shamelessly promotes proprietary software. They have build tools to try to make it safe to run non-free programs (proprietary software) but that entirely misses the point.
When you run non-free software you do not control the program, it controls you. There is no way to know what it really is doing and you can’t make changes to it or even see what it is doing.
The problem with graphene is that is shamelessly promotes proprietary software.
How does GrapheneOS “shamelessly promote” proprietary software? I don’t think I’ve ever seen them do this. Maybe you’re referring to Sandboxed Play Services? But that isn’t “shamelessly promoted” or recommended, it isn’t even included in the OS, its just an optional app that can be installed for those who need it.
They have build tools to try to make it safe to run non-free programs (proprietary software) but that entirely misses the point.
I assume you mean Sandboxed Play Services again? That’s far from the only feature or benefit that GrapheneOS gives. They do much more work than just Sandboxed Play Services or making it safe to run “non-free” programs. They make it safe to run ANY program, regardless of license.
In no way do they “shamelessly promote” proprietary software. Assuming you mean the sandboxed play services, their neutured, have no priveilged access and youre 100% in control of what they can and cant do.
I’d take that above some band-aid workaround like microG, which does need priveilged access, and fails to do what the actual play services do.
There is no way to know what it really is doing and you can’t make changes to it or even see what it is doing.
So what youre saying is that you personally audit the entire code, including when updates happen, and then “make changes” when you see fit? If so, Congrats. Youre the 1%. Most dont code, can’t read it, and sure as shit dont have the ability to change anything, that’s simply a talking point for the blind trust of FOSS apps. Context (and reality) matter.
You just proved that they promote proprietary software though. Like it or not they encourage users to not seek freedom which is something I can not promote
I did no such thing, and they’re not “promoting” anything, you’ve clearly never used Graphene, nor familiar with the definition of the word Promote. The Play Services aren’t installed by default, nor are they even mentioned as an option during the installation. It takes a user intentionally going into the Graphene apps store, and installing them after the fact. They also make it a point to mention that most apps work fine without them. Maybe actually read how they work, because you’re clearly unaware. Some people want them, and microG is shit, which is why they developed that option.
Agreed with Mr random. Graphene gives users options, it’s literally the cleanest phone install I’ve ever seen, there is no extra fluff installed. The users have to choose what they install. Full agency . We should celebrate more options for users.
I agree and also avoid using their Sandboxed Play Services. Their values are security and “making sense”. Its great to have the play services and store just working but as user apps. You can isolate them in a work profile without a problem.
There is no alternative, their point is that microG is not FOSS but a hacked together version of the proprietary play services parts, it may be verrry insecure as it needs to run as system app and often doesnt get updates. And it still talks to Google and actually sends lots of data.
Their approach is very economic. They ship regular play services, framework and store, but with a compatibility layer. This saves efford a lot and avoids breakages or blocking services (Aurora) over time.
Literally everyone can run GrapheneOS, thats the point. You dont need to use the sandboxed Play, but if you need it, it works.
It annoys me too that their preinstalled apps all suck.
AOSP filemanager is needed for portals ans USB, but it sucks
that gallery??
clock is old and damn blue
sms app uses very old runtime, showing a warning
aosp contacts
They promote Vanadium and literally installing binaries from some random Github release.
F-Droid basic uses the new libraries and should be preinstalled as user app. They have reproducible builds now.
And I wont use Vanadium, as it doesnt support Firefox Addons. It may be hardened in some way but without Noscript and Ublock in my eyes no browser is really hardened if it can run every Javascript or block all, breaking 90% of websites.
I like that they don’t foce apps on me , I’d rather install what I need myself. F-droid is not the best app as I see it. I use neo store so do not want extra bloat.
Regarding Firefox , you are either running chrome/vanadium or chrome/vanadium plus Firefox. Since webview. So what you have with Firefox is at best the in use browser features. Open a link in an app and you still use the webview. Firefox on android has it issues as well (sandboxing) . So 1+1 = 2 issues. Using a VPN / DNS with adblock makes ublock unnecessary.
Oh no, its just GrapheneOS, other Android forks disallow changing keyboard and disabling network permissions! Has to be the most deluded form of advertisement.
As far as I know they use openPGP and that works automatically between proton users but can be set up to work from and to anyone. The other partner just needs to use a client that supports it (like the objectively best client, Thunderbird ;) ) unfortunately pretty much no one uses openPGP so emails will very seldom be E2E encrypted.
Apparently the Proton clients support web key exchanges so you wouldn’t have to import the key of users that use OpenPGP (if they have imported the key to the exchange) so in theory that would make it better. I have yet to use that functionality in Thunderbird though, since again, pretty much no one uses openPGP.
I have sent one legit openPGP email and that was to my country’s financial inspection asking for an internship. Unfortunately they replied unencrypted and included my email in the reply, lol. It’s fair enough though, since I used a feature that’s probably intended to report fraud and crime.
They’re the maintainers of the most popular JS PGP library and they’re pushing for some major upgrades to the PGP standard. There’s no competing standard. Proton is pretty much the only popular encrypted mail provider that actually does interop well enough.
The developer has hit a bit of a roadblock reworking a back-end system and is requesting help, but it has a great feature set already and is super customisable.
I just had the time with it, honestly. So many things are broken, like spelling and dictionary integration. I know the dev is reworking some things, but even the last release doesn’t work very well. Respects privacy, sure. Works well, naw.
Just installed last week, and the dictionary integration with two different languages works fine for me. Autocorrect is not yet supported, if I remember correctly.
Prediction on dictionary, and prediction in general is broken. You essentially can’t type out anything aside from the base diction without getting crazy suggestions. Kind of a deal breaker.
I haven’t tried it yet and indeed I just read his post from 3 weeks ago on how to get back on better tracks. I will give it a try but I couldn’t see from its description that it would go beyond its focus on privacy, at least for the moment
Well what else do you need tho, it has glide typing, incognito move and auto correct is in development although would take a while. It’s not perfect but it’s already very much a fully decked out keyboard or it will be once suggestions are added.
Well my question was specifically about smart prediction (beyond autocorrect). I have found scores of privacy friendly keyboards. The one I have been using for a year is from simplemobiletools (they have a full suite of apps and I use most of them ie contacts, gallery, notes…) but I miss the prediction feature. As you say even autocorrect is not yet supported in florisboard…but that wouldn’t be enough for me. Personalised dictionary based on typing would be a start, but swiftkey goes beyond, it proposes the next words before you type them
It is also in the works along with auto correct… You really should try the keyboard first before coming to that conclusion. I am not saying it has everything now but don’t assume the developer isn’t planning to add more, that’s not a good assumption.
Currently florisboard doesn’t have prediction nor autocorrect prediction.
Due to complications in the development of that feature (either too heavy to run or not smart enough for prediction…) and the development of the app got stuck, until maybe recently where it seems to get some dev attraction on some topics.
Tho the prediction is still stuck. So you won’t have yet prediction or smart things in this keyboard.
Punish them for their complete inability to block spam calls. Million bucks per successfully connected call would fix it overnight and then our phone would be worthwhile as phones once again.
You realize the telcos themselves know exactly where the spam calls are coming from, right? You can be damn sure that functionality was a top priority from day 1 because (just like for all subscribers) they need to know the spammers’ usage in order to bill them for it.
They just don’t bother passing that information along to end users or law enforcement because nobody’s forcing them to.
They dont actually thanks to VoIP and other countries telcos being shit and pushing through whatever is sent with the call, which is exactly where that disconnect happens. Ive been in Telecom a long time, and the push to fix that problem was very real long before Indian scammers were spoofing calls for IT scams. Once you go to IP, the “real” link isnt there, and CID becomes no more than a data string which is no longer tied to anything physical as far as telecom infrastructure, which they have to accept in the current set up, which is why said the whole thing has to start from scratch.
The other issue is the way non ILECs send the CID is exactly how the scammers spoof, to cut that off, all CLECs would loose the ability to send CID data, businesses wouldn’t be able to send a main phone from their 3000+ extensions etc. Its far from a simple soulution which is why its still an issue.
You can be damn sure that functionality was a top priority from day 1 because (just like for all subscribers) they need to know the spammers’ usage in order to bill them for it.
CID data being injected has absolutely nothing to do with a line being used regardless of what the outbound DID actually is.
frequency of 'spam' calls should have significant gone down with the implementation of cid verification (stir/shaken). it has on all our lines; home and office--cellular and pots.
FCC recently begged congress to let them punish spam calls. It turns out that they currently have to research then forward to the justice department for it to do its own research then file an order against a specific name, then the company changes its name and throws the fine in the trash can, and the cycle repeats
Yes. Brave focuses on providing random data points each time it’s asked (e.g. screen size). A hardened Firefox will try to provide a generic fingerprint.
Apples to oranges more or less, I’m unaware of any proof that one or the other is considerably better across the board. Though my gut does tell me that randomization is a lot better in the specific situation of regularly signing in and out of accounts.
I share with my wife and just got the family plan. It’s overkill probably but it makes it simpler and I don’t have to think about 2 separate subscriptions.
i wish people would stop viewing this guy as someone who is a guru extreme online privacy.
Bazzell is good at one thing primarily, and that is Real Life privacy/hiding, when one’s adversaries on nongovernmental. that is his specialty and what he should be respected for.
Bazzell is not a huge expert in thwarting mass surveillance or thwarting nation-state adversaries in technology. otherwise he wouldnt be giving recommendations that involve closed sourced software or cloudflare lol.
He is a practical guy and knows enough to keep his clientele’s privacy for the types of adversaries he is accustomed to going up against (not nation state or federal gov)
Agreed! I tend to see what he can offer on regards to privacy for real life stuff like home address, data broker scrubbing (his extensive lists I mean), etc. But when it comes to the technology portion of it, I go with what I prefer, albiet I still hear what he has to say in case he introduces me to something I didn’t know about before.
privacy
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.