Part of what I value in F-Droid is the additional layer in the build/release process, because it makes tampering more likely to be detected.
Barely and not really. “F-Droid can’t ensure the apps are safe. You still need to trust the upstream developers. We only do some basic check.” forum.f-droid.org/t/…/2
Depends on the particulars, and on the needs of the individual.
That’s not really how things like security works. It’s either more secure or it’s not. The security of a thing does not depend on needs. Now, does the application of it or does someone need it to be more secure? That’s where risk acceptance and the needs of the individual come into play.
I’m not going around presuming to tell other people what’s better for them, as one or two others in this thread are doing.
Same. I’m not saying “stop doing this.” I’m just trying to educate people and make sure they’re not operating with a misunderstanding. Needs of the individual and all that. I think some people just go crazy for something that’s not big tech, and then quit looking at the particulars.
If that were true, threat modeling wouldn’t exist.
I feel like we’re talking about different things. I’m talking about static concepts, if X is more secure than Y, not individual setups where something is tweaked. Threat modeling is tailoring the security to your needs. It doesn’t bend security of a static object or make the application of something less than what it is. It requires one’s actions to do that by not utilizing it.
Take bullet proof glass, for example. Bullet proof glass is more secure than regular glass. Now, do you need (does your threat model require) bullet proof glass? No? Ok, that doesn’t mean bullet proof is now less secure than regular glass, it’s just unneeded.
I decided to share this here too since sailors don’t seem to visit !opensignups and the murky waters of the orange sea should be seldom visited anymore....
the ground should absolutely be on the bottom because gravity.
Not necessarily. You typically want the ground longer so it’s the first in and last out. Type G has the ground on top. I vaguely remember hearing that’s because if it comes slightly out and something sharp or metal falls on the plug, you want it to hit the ground and not the live part…but I don’t know how reliable that story is.
Seriously. I don’t want to install something on my phone when the dev is just using a WebView, if that’s what it’s called. When the app is basically just a website with the browser hidden....
Sensors permission toggle: disallow access to all other sensors not covered by existing Android permissions (Camera, Microphone, Body Sensors, Activity Recognition) including an accelerometer, gyroscope, compass, barometer, thermometer and any other sensors present on a given device.
I just checked Lineage OS and it looks like Google Play Services doesn’t let you disable sensors permission. Can you do it on Graphene OS?
Yep, there’s a toggle to disable by default globally. I also individually checked Google Play Services, Google Play Store and Google Services Framework, and all three can be denied the Sensors permission.
This is due to Sandboxed Google Play: “GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives absolutely no special access or privileges on GrapheneOS as opposed to bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox.”
Today, I made switch to fedora silverblue and then rebased to ublue image because it has flatpak included in the image. I am also thinking about making my own image based on silverblue. there is a video made by bigpod a youtuber about how to make your own custom ublue image and I learned a lot from that video. I am using toolbox...
Yeah, I’m not saying it’s hard, just illogical. To me, it came across similar as: “I’m moving to this other distro because they have Firefox.” Your current distro also has Firefox, so why are you moving again?
Flatpak is the primary way that apps can be installed on Fedora Silverblue (for more information, see flatpak.org). Flatpak works out of the box in Fedora Silverblue…
Just seems very odd to distrohop for one main reason (flatpak in this scenario), without even checking if that reason is available in your current distro…which it is, out of the box.
I’m looking for a privacy friendly device to use as TV box which can play 4K HDR ~90GB movies without problem, do you guys think the orange pi 5 could handle this type of files?
A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a...
Except the device is already in your home, and most people leave their account logged in. That’s basically like you inviting someone into your house, they hang out in your spare bedroom…and they’re still there. So no need to re-grant consent to a situation that hasn’t changed. Unless you mean it auto-logs out (or you log out) and have to re-grant consent then? Most do require consent on logging in, and the average consumer would hate having to log in every time and would probably use weak passwords because of this.
But, you can at least kick them out (revoke consent).
I just don’t see how a proper law/regulation would fix/restrict this, except to make certain personalization attempts (targeted ads) illegal.
Most people have extremely weird ideas of what’s considered piracy and what isn’t. Downloading a video game rom is piracy, but if you pay money to some Chinese retailer for an SD card containing the roms, that’s somehow not piracy. Exploiting the free trial on a streaming site by using prepaid visa cards is somehow not...
Blocking older known malware still blocks them, so that’s good (and saves bandwidth because the connection never happens, so this is really good).
If the site is hijacked, it needs blocked till it’s unhijacked. So this is good as well.
This is not really a point?
Number one above, stopping the connection before it happens, is really the best benefit, in my opinion. And if they boast a high false positive, you need better lists. You keep saying “they don’t block this or block that.” They are (nothing is) a one stop shop. Simply because they don’t block what you’re cherry picking does not make them bad. Use multiple layers. You say “don’t use a blocklist, use MS Defender instead.” Why not use both the blocklist, MS Defender, and even more stuff? Multiple layers. Defense in depth.
I went to thetvdb.com site yesterday and much to my surprise, they won’t let me in unless I subscribe or turn off my adblocker. Is there any workaround for this?
I want to get back into reading, so I’m thinking of getting a Paperwhite. But I have no idea if it’s possible to transfer files to it from a computer, and I have no experience with pirating books....
Amazon’s logic is you paid a subsidized/cheaper price that is offset by included ads. You can buy it without ads (more expensive, obviously) from the start.
The Boost android client for Lemmy is displaying these dark pattern ads pretending to be system notifications. What security/privacy conscious Lemmy clients do you recommend? (lemmy.ml)
Raspberry Pi is now manufacturing 70,000 Pi 5s per week, will surge to 90,000 in February (www.tomshardware.com)
FearNoPeer (A private tracker) is open for signups (fearnopeer.com)
I decided to share this here too since sailors don’t seem to visit !opensignups and the murky waters of the orange sea should be seldom visited anymore....
Age range (lemmy.zip)
this plug doesn't have the little holes (lemmy.world)
I deleted all my post from my reddit account, can they still monetize them?
Deleting a post is simply marking a piece of text so nobody sees it, but I think the text is still stored in their servers....
Why are there so many apps that could be websites?
Seriously. I don’t want to install something on my phone when the dev is just using a WebView, if that’s what it’s called. When the app is basically just a website with the browser hidden....
Anyone tried this 4x 10gbe + 5x 2.5gbe router? (forums.servethehome.com)
Very solid price, the cheapest I’ve seen for something like this. Has anyone tried it with OPNsense or other software?...
I have started using fedora silverblue
Today, I made switch to fedora silverblue and then rebased to ublue image because it has flatpak included in the image. I am also thinking about making my own image based on silverblue. there is a video made by bigpod a youtuber about how to make your own custom ublue image and I learned a lot from that video. I am using toolbox...
"TV box" reccomandation
I’m looking for a privacy friendly device to use as TV box which can play 4K HDR ~90GB movies without problem, do you guys think the orange pi 5 could handle this type of files?
Any good alternative to Niagara Launcher?
Hello fellow pirates, did anyone know any good alternative to Niagara Launcher?...
Marketing Company Claims That It Actually Is Listening to Your Phone and Smart Speakers to Target Ads (www.404media.co)
A marketing team within media giant Cox Media Group (CMG) claims it has the capability to listen to ambient conversations of consumers through embedded microphones in smartphones, smart TVs, and other devices to gather data and use it to target ads, according to a review of CMG marketing materials by 404 Media and details from a...
Fuck Subscriptions. Here is how to setup Streamio like a pro
Credit: u/No-Refrigerator9154...
It's funny how google pretends the music on YouTube isn't straight up piracy and everyone just goes along with it
Most people have extremely weird ideas of what’s considered piracy and what isn’t. Downloading a video game rom is piracy, but if you pay money to some Chinese retailer for an SD card containing the roms, that’s somehow not piracy. Exploiting the free trial on a streaming site by using prepaid visa cards is somehow not...
What site should I trust?
Even the site that considered safe in the megathread, there’s report of malware and trojan and I don’t know what site to use
"You have an adblocker installed" workaround
I went to thetvdb.com site yesterday and much to my surprise, they won’t let me in unless I subscribe or turn off my adblocker. Is there any workaround for this?
E-Books, best places to get them?
I want to get back into reading, so I’m thinking of getting a Paperwhite. But I have no idea if it’s possible to transfer files to it from a computer, and I have no experience with pirating books....