Looks like a good “best practices” sort of list. Would be nice if there was a bit more explanation as to why some of them are recommended (just because it’s good to understand why you’re disabling something rather than blindly following a guide), but still good!
To add to that other (much more in-depth) comment, I remember reading on the GrapheneOS FAQs that disabling everything you’re not actively using will generally improve security as you’re reducing the number of potential ways for an attacker to get in (phrases like “attack vectors” and “surface area” were used).
On a separate note I didn’t even know 2G towers were still active anywhere; they’re shutting down the 3G ones here!
I’m not the writer of the article, but here’s an answer you can find on running a quick search.
According to this article from the Electronic Frontier Foundation (EFF):
What is 2G and why is it vulnerable?
2G is the second generation of mobile communications, created in 1991. It’s an old technology that at the time did not consider certain risk scenarios to protect its users. As years have gone, many vulnerabilities have been discovered in 2G and it’s companion SS7.
The primary problem with 2G stems from two facts. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and your phone will never be the wiser.
Cell-site simulators sometimes work this way. They can exploit security flaws in 2G in order to intercept your communications. Even though many of the security flaws in 2G have been fixed in 4G, more advanced cell-site simulators can take advantage of remaining flaws to downgrade your connection to 2G, making your phone susceptible to the above attacks. This makes every user vulnerable—from journalists and activists to medical professionals, government officials, and law enforcement.
This is probably becuase the headphones have a bug that can be exploited - normally this should not be possible at all.
JBL does have an app (at least for my android), so I would recommend getting that and checking for any firmware upgrades.
Other then that there isn’t probably any easy way for you to prevent it (well except for the wired-only mode as you say - through lighting to jack and female jack to usb-c cables).
Furthermore I own a similar model, the 550BTs. The “Tune” line does not support USB Audio at the 5xx range of models
Additionally you must not chain adaptors as it will sound terrible and you will get the lowest quality output.
My 550BTs have included a 2.5mm -> 3.5mm jack cable and it has a 2.5mm Jack on it for wired audio output. An official Apple Lightning to 3.5mm jack dongle will work but the OP would rather not use cables…Therefore a Bluetooth model is probably needed.
I strongly recommend the 550BTs, and the 660NCs as well
What platform? I find NetNewsWire to work well on iOS and MacOS. I haven’t heard anything privacy-invading about it. Its been around for years. It’s also open source and free on the app stores, so that means it’s been somewhat vetted.
Shame I was few used it but I think it is interesting that people actually reporting issues and seems to be expected to fix.
I simply would just use a step down in security, that’s why I am using brave in first place. Oh don’t run my no script Firefox, oh don’t run on Librewolf. Guess I try brave now. Oh don’t work striked guess standard it is
Not to mention that people have telemetric on. Because I don’t think most that willing to have websites break for security would like telemetric on.
I use some kind of temp mail quite regularly. Some websites I visit offer free download of stuff in exange for email address to get newletter (and other marketing/ad bullshittery). Temp mail is ideal for this.
I found a service like this 8 or 10 years ago. That one also let you reply to emails from the temp address. You couldn’t send a new email to initiate a conversation but you could reply to one to continue a conversation. Unfortunately I didn’t save that link so don’t know what the service was now, so it’s good to know about this.
privacyguides
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.