I’d assume this will be a non issue once they implement ActivityPub. They can enable whatever account restrictions on their gitlab instance, but if I don’t want to provide this information to report a bug, then I can use another instance or self host my own, without the account restrictions.
The end goal of this proposal is to build interoperability features into GitLab so that it’s possible on one instance of GitLab to open a merge request to a project hosted on an other instance, merging all willing instances in a global network
There are good and save keyboards in F-Droid, but, well, the problem is Android itself. F-Droid is essential to obtain apps which respect privacy, but this only patch some holes when Google itself control the entire OS.
Mobile phones and privacy is an oximoron, because of this, I never use my phone for important data.
Desactivate GPS/Localisation service, at least if you dont use it
Review permissions of all installed apps and set them to desactivate after use in the app settings
Disconnect WiFi when you go offline
Don’t use public WiFi, at least without VPN, even if it is only a free one (eg. like Calyx, FOSS, trustworthy, no account, encrypted, without datalimit, but only 1 server from the Calyx institute, anyway save enough for an occasional use, Techradar review).
Common sense (the user is the biggest privacy hole)
Willing to expand on that? They are well audited, and changing your ip helps to disassociate from your approx location (also allows for multiple browsers to come from a common ip).
Also of course a vpn isnt going to make you invisible. Fingerprinting can allow you to uniquely identify browsers through using a handful of metrics.
Yes, and maybe the accounts posting the racist Gnome meme, and the anti Indian copy-pastas. All of these accounts are created on the same instance, because of poor moderation.
just curious, I get that anti trans posts suck and should be removed, but what’s wrong with anti Wayland posts? it’s just tech talk, not harming anyone.
My thoughts exactly. Next is: "OMG did you know there's the all seeing eye on the dollar notes! That means you're being spied on wherever there is cash!!!!"
Stuff like this just makes me wanna roll my eyes.
Because if it uses the internal VPN feature, EVERY system app can bypass it, and the Captive Portal app and others certainly do.
Only GrapheneOS fixes that afaik, providing their own Servers for captive portal, connectivity check, SUPL proxy server (strips off data and Google still has to manage because monopoly)
Same with Graphene, there’s no way around that if you want the phone to work. But I can’t agree with Lineage being better. They’re user debug ROMs, the dev’s are never willing to call a release stable, don’t even remotely have the hardening that Graphene does, and walking around with an unlocked bootloader is a huge security threat both from a physical and remote exploit that would attack the boot partition/space. Add to that you don’t have verified boot working, so you’d never even know it’s happened, or attempted.
Then there’s the microG problem of apps that need the play store verification to work, banking apps that won’t work, even apps that don’t do license checks and simply need to prove they’ve been paid for will be dead most of the time. Plus, Lineage out of the box is still contacting Google, yes, you can undo that, but how many are aware of that and actually finish de-googling it? If I was stuck with a phone that wasn’t a Pixel I (may) use it, but given a bunch of apps I want to work wouldn’t, would probably just sell the phone and get one that’d run Graphene. If you take user bias out of hit and logically compare them, saying Lineage is better than Graphene is basically impossible to do. You can run Graphene and have a phone that in most cases runs 100% normally, most apps that bitch about modified phones are perfectly happy running on it and the user gains the security and privacy upgrades, without the downsides. Clearly they still need to make smart app choices, but they also don’t have a phone that isn’t a constant pain in the ass.
OK, I never claimed one did. We’re talking the masses here, including the masses of people who still like privacy. Not one off use cases where people are content with F-Droid only phones, most aren’t. Most want the line of Privacy, Security, but also still have smartphones that are smartphones and not a bunch of outdated many times abandoned apps that look like they’re from the KitKat days. If you’re OK with that cool, but the majority typically isn’t.
The problem with graphene is that is shamelessly promotes proprietary software. They have build tools to try to make it safe to run non-free programs (proprietary software) but that entirely misses the point.
When you run non-free software you do not control the program, it controls you. There is no way to know what it really is doing and you can’t make changes to it or even see what it is doing.
The problem with graphene is that is shamelessly promotes proprietary software.
How does GrapheneOS “shamelessly promote” proprietary software? I don’t think I’ve ever seen them do this. Maybe you’re referring to Sandboxed Play Services? But that isn’t “shamelessly promoted” or recommended, it isn’t even included in the OS, its just an optional app that can be installed for those who need it.
They have build tools to try to make it safe to run non-free programs (proprietary software) but that entirely misses the point.
I assume you mean Sandboxed Play Services again? That’s far from the only feature or benefit that GrapheneOS gives. They do much more work than just Sandboxed Play Services or making it safe to run “non-free” programs. They make it safe to run ANY program, regardless of license.
In no way do they “shamelessly promote” proprietary software. Assuming you mean the sandboxed play services, their neutured, have no priveilged access and youre 100% in control of what they can and cant do.
I’d take that above some band-aid workaround like microG, which does need priveilged access, and fails to do what the actual play services do.
There is no way to know what it really is doing and you can’t make changes to it or even see what it is doing.
So what youre saying is that you personally audit the entire code, including when updates happen, and then “make changes” when you see fit? If so, Congrats. Youre the 1%. Most dont code, can’t read it, and sure as shit dont have the ability to change anything, that’s simply a talking point for the blind trust of FOSS apps. Context (and reality) matter.
You just proved that they promote proprietary software though. Like it or not they encourage users to not seek freedom which is something I can not promote
I did no such thing, and they’re not “promoting” anything, you’ve clearly never used Graphene, nor familiar with the definition of the word Promote. The Play Services aren’t installed by default, nor are they even mentioned as an option during the installation. It takes a user intentionally going into the Graphene apps store, and installing them after the fact. They also make it a point to mention that most apps work fine without them. Maybe actually read how they work, because you’re clearly unaware. Some people want them, and microG is shit, which is why they developed that option.
Agreed with Mr random. Graphene gives users options, it’s literally the cleanest phone install I’ve ever seen, there is no extra fluff installed. The users have to choose what they install. Full agency . We should celebrate more options for users.
I agree and also avoid using their Sandboxed Play Services. Their values are security and “making sense”. Its great to have the play services and store just working but as user apps. You can isolate them in a work profile without a problem.
There is no alternative, their point is that microG is not FOSS but a hacked together version of the proprietary play services parts, it may be verrry insecure as it needs to run as system app and often doesnt get updates. And it still talks to Google and actually sends lots of data.
Their approach is very economic. They ship regular play services, framework and store, but with a compatibility layer. This saves efford a lot and avoids breakages or blocking services (Aurora) over time.
Literally everyone can run GrapheneOS, thats the point. You dont need to use the sandboxed Play, but if you need it, it works.
It annoys me too that their preinstalled apps all suck.
AOSP filemanager is needed for portals ans USB, but it sucks
that gallery??
clock is old and damn blue
sms app uses very old runtime, showing a warning
aosp contacts
They promote Vanadium and literally installing binaries from some random Github release.
F-Droid basic uses the new libraries and should be preinstalled as user app. They have reproducible builds now.
And I wont use Vanadium, as it doesnt support Firefox Addons. It may be hardened in some way but without Noscript and Ublock in my eyes no browser is really hardened if it can run every Javascript or block all, breaking 90% of websites.
I like that they don’t foce apps on me , I’d rather install what I need myself. F-droid is not the best app as I see it. I use neo store so do not want extra bloat.
Regarding Firefox , you are either running chrome/vanadium or chrome/vanadium plus Firefox. Since webview. So what you have with Firefox is at best the in use browser features. Open a link in an app and you still use the webview. Firefox on android has it issues as well (sandboxing) . So 1+1 = 2 issues. Using a VPN / DNS with adblock makes ublock unnecessary.
Oh no, its just GrapheneOS, other Android forks disallow changing keyboard and disabling network permissions! Has to be the most deluded form of advertisement.
Not sure I trust a random repo here. I dont have the skill to look through the code. In this regard I prefer - after all - gboard. The changes me login credentials get stolen by google are smaller than the chanches I am duped into installing a random keyboard from github. Just based on my threat model and my skillz.
Holy crap, I didn’t know about this fork before now. I kinda thought that OpenBoard was sorta… abandoned at this point, but seeing the improvements from this fork just made me go and try it again. Normally I just use GBoard with it’s connections disabled (CalyxOS, so that is possible to do in a secure way), but trying this out now to see if I can dump Gboard entirely.
So helpful, I’ve been trying to find a replacement for gboard for so long that has the gliding functionality, plus clipboard and easily accessible microphone for speach to text typing (using Futo).
Can finally really consider replacing Gboard for good.
I did not found it because it is needed to switch to “new” branch. The installation of the library is not trivial (adb and such), so I ended installing AnySoftKeyboard. Thanks for your help.
Been using it for a couple of years now I think. Haven’t seen a reason not to like it.
There’s a thread in GitHub where the privacyguides.org guys discussed some flaws in the encryption but that was at the very beginning, I remember reading those have been solved apparently.
Pricing, well, it seems cheap but honestly I think it’s just because we are used to seeing outrageous prices for ridiculously small amounts of storage. Thinking about it, 30 eur for 100gb is not cheap at all, like some other comment says when compared to physical drive prices. Plus, offering lifetime is a common marketing technique to attract customers used by small or starting businesses. I don’t know if that is the case here but it certainly isn’t an automatic red flag for me. I don’t know if they are gonna be around next year or 5 years from now, but I’m willing to take the risk. They claim to have lots of users and be cash flow sustainable, plus they keep developing and are getting into business features to attract that kind of customers, certainly doesn’t look like a business on life support to me.
App and code-wise, they are much better than they were a year ago. Android app is still a bit janky sometimes but I don’t use it a lot so I got not much to say, other than I can see my files and upload something small once in a while just fine. The desktop client is amazing, the best functioning client for Linux that I have used from any service, or from the few services that have a Linux client at least. The clients are open source and since the service is e2ee you don’t really need to see the server code if the client encryption is done correctly, which apparently there is no sign that it isn’t, as mentioned before.
Overall I would say you can use it, but keep a backup somewhere else just in case, which is just the thing that anyone should be doing anyways.
At e.g. Hetzner you can get 10TB for 25 EUR so no, that is not cheap at all, even if it might include some additional services compared to the Hetzner offering (which is not end to end encrypted but for costs of disk space that should not matter).
You are the one who introduced that detail about Hetzner. Nobody discussed using their hosting service. People were discussing cloud storage options and prices.
privacy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.