If you want to ban me, go ahead. I have no problem with that.
https://lemmy.ml/post/140015/comment/105195. Look at you. Why are you posting this image? Its pointless because commerscamOS has never been affiliated with GrapheneOS. You’re accusing communities to be racist without a proof, you’re accusing a me to follow some sort of agenda without any proff. That’s you. You always do that. At this point I’m genuinely amused, nothing more nothing less.
You have been banned from spite, grapheneOS, r/privacy r/privacytoolsio r/Firefox and now r/privacyguides for your content and your behavior. That’s all. No other reasons. And in my opinion you’re going to be banned elsewhere most likely, because at some point people get tired of people acting like you. The first person reply under your post said that you’re an asshole. Literally. That’s actual sad and explain all in my opinion.
I don’t know why @dessalines@lemmy.ml and @nutomic@lemmy.ml have not banned you already. You behavior is so evident. You are also the same person which months ago was defining GrapheneOS users as "WORTHLESS DESPICABLE RAT. and now you’re pretending to be the nice guy of the situation by telling people to be the “better person”. Again, that’s explain all.
Hi @krolden@lemmy.ml. The best thing you can do in this case is not feed the troll. It’s pointless and not productive to engage a discussion with an individual whose intentions are pretty clear. For the sake of your time and your mental health, the best thing you can do now is blocked him. Don’t give him attention. If you want to understand better who is this individual just look at the post made by B0risGrishenko on Reddit as well as his answers and last but not least the moderatons comments under the OP post. If you any doubts, don’t hesistate to write me on matrix. @tessaiga:matrix.org.
Hi! Really sorry for the delay.
Every new generation of pixel bring privacy and security improvements hardware wise. In particular, the new pixels have set a new standard for mobile security;
https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
I don’t know about DivestOS. However, GrapheneOS is dramatically better than LineageOS. That’s because GrapheneOS is focused on privacy and security rather than customization like LineageOS. GrapheneOS starts from the strong baseline of the Android security model and brings a lot of privacy and security improvements. While LineageOS doesn’t have real privacy and security improvements, it also weakens the android security model.
There is a very good article written by madaidan, who explain the security of Android and the problems about lineageOS; https://madaidans-insecurities.github.io/android.html
Google Pixels have no backdoors. Recently, Maxime Rossi Bellom , Philippe Teuwen and Damiano Melotti did a deep research about the Google’s Chip, called TITAN M, in order to give an understanding regard it’s attack surface as well as the known and previously vulnerabilities.
Presentation Material
There is also a repository on GitHub, which contains the tools they used in their research on the Google Titan M chip.
There is also a very interesting thread from Daniel Cuthbert, in which he showed some part about their presention. In the same thread, he also wrote that the Titan M is the reason why he switch from iPhone to Pixel.
We’re are talking about BlackHat here, not some random guy which claims things without any proof.
Regard the OS, GrapheneOS is far better than CalyxOS; it offers much better privacy and security improvements. You can see the list of the features here; https://grapheneos.org/features
A good start would be ‘how to develop a threat model’. There are very useful guide about it like the one written by EFF.
Security planning helps you to identify what could happen to the things you value and determine from whom you need to protect them. When building a security plan answer these five questions:
- What do I want to protect?
- Who do I want to protect it from?
- How bad are the consequences if I fail?
- How likely is it that I will need to protect it?
- How much trouble am I willing to go through to try to prevent potential consequences?
About Android’s security;
A difference is that Tails includes the uBlock Origin extension, which removes advertisements. If an attacker can determine that you are not downloading the advertisements that are included in a webpage, that could reveal that you are a Tails user.
https://tails.boum.org/doc/anonymous_internet/Tor_Browser/index.en.html
edit:
Site-specific or filter-based addons such as AdBlock Plus, Request Policy, Ghostery, Priv3, and Sharemenot are to be avoided. We believe that these addons do not add any real privacy to a proper implementation of the above privacy requirements, and that development efforts should be focused on general solutions that prevent tracking by all third parties, rather than a list of specific URLs or hosts.
Implementing filter-based blocking directly into the browser, such as done with Firefox’ Tracking Protection, does not alleviate the concerns mentioned in the previous paragraph. There is still just a list containing specific URLs and hosts which, in this case, are assembled by Disconnect and adapted by Mozilla.
Trying to resort to filter methods based on machine learning does not solve the problem either: they don’t provide a general solution to the tracking problem as they are working probabilistically. Even with a precision rate at 99% and a false positive rate at 0.1% trackers would be missed and sites would be wrongly blocked.
Filter-based solutions in general can also introduce strange breakage and cause usability nightmares. For instance, there is a trend to observe that websites start detecting filer extensions and block access to content on them. Coping with this fallout easily leads to just whitelisting the affected domains, hoping that this helps, defeating the purpose of the filter in the first place. Filters will also fail to do their job if an adversary simply registers a new domain or creates a new URL path. Worse still, the unique filter sets that each user creates or installs will provide a wealth of fingerprinting targets.
https://2019.www.torproject.org/projects/torbrowser/design/#philosophy
This is literally documentation taken from the Tor Project.
Hi! It doesn’t make sense at all. Blocking ads & trackers is not a good approach to achieve privacy. It’s quite weak actually for many reasons…
First of all, because enumeration badness doesn’t work; it’s not possible to create a list of every possible “malicious domain”. And even if it was possible, websites could develop their own first party tracking and then share the information to third parties like Google or Facebook.
Second of all, because apps and websites can detect what domains are blocked, thus they -or malicious actors- will able to uniquely identify users more easily.
Third of all, because extensions add more attack surface since they use privileged script in order to work.
That’s why Tor doesn’t use any ad-blocker.
For more information about enumeration badness and browser tracking you can see here and here
- •
- 3Y
- •
- •
- 3Y
- •
From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.
Actually, signal minimize metadata. The sealer metadata is encrypted, only the address remains unencrypted. Also, signal received subpoenas in 2016 from from the Eastern District of Virginia and in 2021 from from the United States Attorney’s Office in the Central District of California. Those subpoenas requested a wide variety of information that fell into this nonexistent category, including the addresses of the users, their correspondence, and the name associated with each account. In fact, signal only provided;
- Unix timestamps for when each account was created
- Unix timestamps for date that each account last connected to the Signal service.
in spreading FUD and promotes Windows over Linux.
Madaidan doesn’t spread any FUD and doesn’t promote windows over linux. He wrote a purely objective technical analysis about Linux security; many security experts share this view, such as:
-
Grsecurity, the Foundational security for the Linux kernel.
He also wrote:
Note that these analyses are purely objective and do not account for threat models or other user-dependent factors.
Users should choose a software according to their own user case and threat model. I personally use Fedora 34 with KDE plasma as desktop environment, I prefer Linux over Windows because of the foss ideology. However, the problems pointed out by madaidan and other security researchers still remain. You said that madaidan spread fud, but you didn’t show any evidence. Madaidan himself uses Linux (I think qubesOS + Whonix because he use Tor for everything)
And his Chrome shilling is highly related to his hatred for Firefox’s anti racism political stance
First of all, madaidan uses Firefox, he said that many times on Spite. Second of all, this is a very serious accusation, you should show proofs.
Have had a lot of one to one experience with him, his sockpuppets and his friends.
That doesn’t mean they spread FUD about software. Drama it’s really a waste of time.
Edit: typo and things that are not revelant to the discussion.
Bromite it’s more privacy friendly. Doesn’t have any telemetry or trackers, is shipped with real mitigations against fingerprint, an adblocker, and others features, including:
-
remove click-tracking and AMP from search results
-
always-incognito mode
-
make all favicon requests on-demand (supercookie mitigation)
-
reduced referer granularity
-
enable all network isolation features
You can see the full list of features here
These features are enabled by deafult so, you’re going to blend in crowd with others bromite users which is really good because it’ll way harder uniquely identify a single user.
Security wise, bromite is better. Chomium based browser come with useful security features, like site isolation, CFI and JIT hardening. Instead, Firefox lacks several security mitigations, especially on android. You can see more here. Moreover, bromite uses security enhancement patches from GrapheneOS project.
Keep in mind that security is also important as privacy. Actually, security is the first line of defense to protect your privacy.
- Firefox
Firefox comes with telemetry and trackers enabled by default. However, you can disable the telemetry , in the stable version of Firefox android about:config page is blocked so, you can’t disable all the telemetry. About the trackers I’m not really sure, I think that you can’t disable them using the browser’s settings. Firefox Is shipped with enchanted privacy protection, a tool which protect the users against cross site tracking, social media tracking, cryptominers, fingerprint and more. Ideally, you’d use the standard protection, because is the one enabled by default thus used by majority of users. In Firefox you can use add ons, but keep in mind that every add on installed make you more fingerprintable. I linked some articles regarding these problems here.
- Iceraven
Irevanven it’s a fork or Firefox with some modifications and not up to date, which is really bad, every software should be always up to date, it’s most important form of protection you have. You can see the full list of features here
Fork of Firefox are almost always not up to date, they doesn’t add useful privacy and security enchantments. Instead, they just remove telemetry and other closed source components like pocket. On Firefox , beside the stable version on android, you can disable pocket, telemetry, google safe browsing and basically everything.
I didn’t find information about stix and icecast.
I use an instance of InvidioUs to stream YouTube music.