Melody Fwygon

lol you are so wrong.

TL;DR: I think this video oversimplifies the analysis according to the cards and gives Graphene OS undue weight without going into sufficient detail as to why each scored under each category.

I actually don’t agree with this video; and firmly believe it is more than a little biased.

For example, the Pixel, AOSP and Android are given several undeserved points due to lack of proper information or understanding of how certain features work. I imagine this is the case too for the iPhone; if a bit less so.

The review apparently doesn’t deep dive into settings or attempt to maximize privacy by turning off unwanted ‘features’ when settings switches are available to the user; nor does it assume that you set up accounts in as private of a manner as reasonably possible or toggle off as many default-on consent switches as needed.

While I would support scoring and dinging each case or instance for “Privacy Settings that don’t actually work”…this video really doesn’t do a lot of legwork and leans on the anecdotal evidence of scary news stories too much.

Worse was the fact that the entire video felt like they were shilling for Graphene OS; which is known to have a slightly unfriendly maintainer and community surrounding him to say the least.

No mention of Lineage or other privacy oriented Android ROMs were analyzed. AOSP too, was unfairly lumped in and dinged for specific points of the Default Pixel configuration…and yes there are major differences between AOSP and Pixel Android; even though Google tries to be less in-your-face invasive than the other OEMs. Not enough credit is given for the “On-Device” smart features implemented properly on the Pixels.

Out of personal experience; I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock. Not quite as private as Graphene; but not quite as invasive and much more enforcing of privacy. The debloating provided by a clean AOSP-like ROM, such as Lineage, as opposed to a “Stock Android” configuration from a major OEM is stark.

Most importantly I personally feel that the privacy model chosen for the video is far too thickly detailed for an average person. Most of the privacy concerns listed on each card contained concern points that might only tangentally apply or don’t apply at all to mobile phones. The way that each card was scored and applied felt low effort. None of the points on any of the card(s) were weighted with average users in mind.

I really hope someone goes into a much deeper dive; this video is basically clickbait that parrots the commonly parroted advice in the privacy community; which isn’t even good advice, it’s just ‘One-Size-Fits-All’ style advice which gives the user no room to make necessary ‘Privacy vs Convenience’ tradeoffs that they themselves could have made if they understood proper threat modelling.

Actually; (basically) SIP over (basically) IPSec sounds pretty correct. Wish the dense technical manuals I read had explained it that way; makes a lot more sense to me as a Net Admin type of IT person.

I do remember reading that the protocol was basically encapsulated. Dunno about any encryption; probably there’s not any at the IPSec level. I do know that the SIMs themselves probably contain certs that have some value; I just don’t know if they handle any encryption or if they’re just lightweight little numbers for authentication only.

If I’m understanding how 'WiFi Calling" works; it’s still “identifying you” to the cell provider the same way; via your SIM. The only difference is they don’t get an exact location because you’re not using any cell towers typically.

I do suspect SIMs and eSIMs are still doing all the heavy cryptographic signing done on a typical phone network though…they’re just not screaming your IMEI/IMSI all over open or even encrypted airwaves; nor is a WiFI signal triangulate-able typically due to it’s short range.

They certainly make it easier to do so; by making it a switch you can toggle; which allows you to generate an identity; or choose not to and roll with the identity they’ve already seen.

Agreed.

Without concepts of privacy; things will soon fall into fascism.

(People can’t DM you)

This is false. However, you must generate an “identifier / group / channel” for them and share that link out-of-band to them." Basically it means nobody can slide into your DMs unless you yourself consent to it and forge a connection with them to do so. It does offer a way to invite other users to chat; but the other user must consent as well…which makes it far safer usually.

Now we wait for someone to build an absolutely wonderful chat app on top of this wonderful bit of PoC code…

I genuinely hope someone does. Imagine what this could do if this was routed over Tor using Private Services.

Run this over that; and you’d have a bullet-proof text chat. Wrap a nice GUI client around all of that and you have a proper secure, anonymous messenger with no problems. With a little more build-out; you could even implement the Matrix protocol over this wire-line and basically have full inter-federation and moderation over a secure wire protocol; allowing for complete privacy and client integration.

TL;DR: Matrix over PQChat over Tor. Think about it. A Post-Quantum Dark-Matrix web.

Can it? Maybe. It’s not impossible; but it isn’t practical and most ISPs limit their shenanigans to grabbing your unencrypted DNS requests.

Will it? Probably no; aside from the previously mentioned DNS redirections; they’re not interested in most people’s packets, only in how many they deliver.

Should you care? I won’t tell you not to take precaution, but I do urge you to consider your threat model carefully and consider the tradeoffs. When Security & Privacy goes up, Convenience and Functionality WILL go down. Balance your needs. Don’t put yourself in a state of Privacy fatigue.

Are there easy fixes? Maybe. I think a VPN or using Tor would solve your concerns here anyways; it’s not required that your modem be running OSS that you can control. If you can achieve it; that’s still good for you; but it’s not something to be sweating if your modem isn’t capable and your invasive ISP is the only effective option.

Typically, using your own VPN should suffice. Depending on your situation you can do other things as well. If you are unable to download these tools on the school network in question; do not attempt to do so again. Use a public or other network connection elsewhere to obtain the tools you need to bypass their crap.

For example, NextDNS could be helpful. By running their client app; ( https://github.com/nextdns/nextdns/wiki/Windows ) you can make sure all your DNS requests are encrypted. Similarly you could simply set up a local DNS server that you point Windows at which can redirect those requests over DNS-Over-(HTTPS or TLS) to a DNS provider of your choosing.

The CEO is oftentimes a company policymaker; I think it would be foolish to ignore that fact.

I’ve been boycotting C-f-a for at least 15 years now; and I don’t tell my friends or suggest that my family eat there either; except as an emergency uber last resort. The gas station (burritos/sushi/hot-dog-warmer) would be suggested first.

My current partner(s) know and respect my feelings for the company and they feel roughly the same anyways; and so we never eat there.

No. There’s no issue legally.

You might take a hit to your reputation with that company; but if they already were presenting enough red flags for you to back out of an interview; I wouldn’t consider that to be a problem.

If you cancel an interview it’s not a big deal. No money changed hands. No agreement was ever reached. Their emotional feelings are irrelevant; the whole point was to help both sides decide if you could work with the other.

I use an instance that does not display or parse downvotes or permit them locally.

So I don’t see the phenomenon. I don’t care about downvotes. I only see the upvotes; which are a far better indicator to me as to how useful a post I made is. If someone posts trash or extremist things; I block them. If they try to argue in bad faith or with far too extremist of a viewpoint, I block them.

The bot doesn’t always get the most upvotes but it does have it’s uses. As someone who has used the Ground News app in the past; I have a sense of their rating scale and I do find that it helps classify things; although you should always use your own discretion and not just blindly trust the bot.

But most people who downvote this bot, do so for completely wrong reasons. Usually they’re upset because they disagree with the assessment of the bot, or do not understand it’s scale. Maybe they don’t like their viewpoint’s position being laid bare for all to see.

Maybe that should be explained more; and there’s posts on Ground News’ website that EXPLAINS how their rating system works. Perhaps the bot should link them.

The issue with too many streaming services is largely the same as not enough streaming services

An average person will have a wide variety of favorite shows. Let’s say there’s 25 of them. For this example; Access to each of these 25 shows are non-negotiable to you and you feel you MUST have access to them.

If Service A and Service B are the only options; they both get to set the price. So to get access to a “complete” collection of content that you want you’re paying both of them $50 each. It’s most likely that half will be available only on A and the other half on B.

Now imagine that there are 10 different services. Each service is owned by one of the big ten networks that makes your 25 favorite shows. We will call them by their number from 1 to 10. Now each of your 25 shows have 10 places they could be.

On average; each network is likely to have 2.5 shows you like. Maybe a few have made some sweet deals with others; but no one place will have even 7.5 of your favorite shows…because these deals are costly and nobody wants to make less money per view.

Now each service; because they’re struggling to compete with each other will settle on a price of $10 each. But you still end up being forced to subscribe to all ten of them because no single provider has everything you want and no combination of less than all of them can provide complete access to all that you want to watch.

Even worse; any one of these ten can raise their price arbitrarily because they’re tired of competing and can’t break even. This means your total spend could be up to $500 eventually as they each creep towards demanding more money like a cable provider.

Your argument is irrelevant.

Don’t they, err, already do this?

No, They don’t. They have stolen that initial choice from you by paying companies to be the “default” choice. They do this to capture those who are lazy or indolent about their choices, or to entrap those who are too un-savvy to change the preference.

Even if the punishment is largely symbolic and Google only pays a tiny (compared to it’s massive size) fine; I’d still call that a significant win.

• Google can be REQUIRED to give users A CHOICE of Search Engines.
• Google can be FORBIDDEN from giving their OWN ENGINE an advantage in search results or advertising
• Google can be FORCED to ALLOW THIRD PARTIES access to the SAME APIs used in Chrome and Chromium.
• Google can be FORBIDDEN from BLOCKING THIRD PARTY FRONTENDS from using Google Search, Youtube and more.

I use SimpleLogin; and for the most part they don’t show up like this most of the time.

That being said; I also don’t deeply do investigation unless the emails being sent from the alias vary from that alias’ purpose.

Typically as long as the emails remain from the same relative sender (From: field in header) and the subject matter of the emails do not materially differ from what I initially get on the alias; I don’t really fiddle with them.

But since the alias typically is a fixed sender; I also have them configured to include the actual From: header in the alias From: fields. This allows me to quickly block with granularity from my inbox any stray emails that might wander onto an alias without making it necessary for me to kill the entire alias. (Assuming the alias is still in use and worthy of preserving)

But then again I don’t have nearly the spam problem that most do. I have segmented inboxes for various needs; and my GMail catches most of my crap being the biggest inbox. Between SL and GMail spam filters alongside of additional inbox filters I have setup there; most of the spam I get is generally funneled to the correct place and spam is minimal.

Tuta does.