- 0 Posts
- 48 Comments
For those out of the loop: https://news.itsfoss.com/organic-maps-fork-comaps/
Wow this is big news, Comaps is the fork of Organic Maps: https://news.itsfoss.com/organic-maps-fork-comaps/
Let’s be careful to remember that there are different levels of effort and understanding required for different levels of security and privacy. GrapheneOS has taken the approach of offering harm reduction, with sane defaults and options that allow advanced users to take near-complete control over their device (within the limits of the Pixel hardware). This is obvious by their inclusion of the sandboxed Google Play Store as a major feature of the OS, as it is much better than the situation on Google’s Android. It is also not installed by default, forcing users to at least somewhat educate themselves in order to install it.
Accrescent is right in line with this philosophy, and is also not installed by default. Of course if your threat model (or desire) is to achieve the highest level of online anonymity and to have a completely FOSS system, you should not use it… of course you probably shouldn’t use FDroid either, in that case, and should build from source. However, you are clearly in a situation where your threat model does not require those lengths, and FDroid is more of a principled choice.
I think its pointlessly inflammatory to call Accrescent “dangerous” just because it allows for non-FOSS software. Now if you want to criticize whether or not it is fulfilling its stated goals, that is another story.
CIA surveillance birds 😱
For accessing reddit behind a vpn there is a very reliable system of frontends. Here is the instance I use: https://redlib.freedit.eu/
https://github.com/jersou/mouse-actions
It’s recommended by the easystroke dev too: https://github.com/thjaeger/easystroke/wiki
The two have completely different goals, and SimpleX’s goal (anonymity) comes with difficulties such as not having typical “accounts”, which means no true simultaneous multi-device support.
GrapheneOS devs have a problem with this guy https://discuss.grapheneos.org/d/20165-response-to-dishonest-attacks-on-the-grapheneos-project-by-robert-braxman
So it looks like the protocol was audited, but I don’t know about the app or servers. https://www.pindrop.com/article/audit-signal-protocol-finds-secure-trustworthy/
If you set up the system like openSUSE then it makes sense snapper would work. I’d look at the openSUSE docs, its not like btrfs is different in Gentoo right? https://en.opensuse.org/SDB:BTRFS#Default_Subvolumes
Apparently this is a tough problem for mobile devices… GrapheneOS (security hardened OS based on Android) took months to fix a leak someone reported, and had to collaborate with the VPN app providers to do it https://github.com/GrapheneOS/os-issue-tracker/issues/3442
I would be interested to know why you are pushing this product across multiple places on Lemmy. Your post, despite disparaging “viral marketers”, has a viral marketing tone with statements such as “I feel like I’ve been wasting money on my VPN ever since I found Riseup”.
Additionally, while I do believe a free VPN using an autonomous collective, resource pooling approach is a great idea, in practice this VPN has had… not a great history from my point of view. A quick search shows that in 2017 they were forced to comply with US Law Enforcement https://en.m.wikipedia.org/wiki/Riseup, see the Warrant Canary section. VPNs based in the US are known to be at risk, and this is another good example.
When choosing a VPN provider, server location is important, as well as company location. You are repeatedly encouraging people to Torrent from a VPN based in one of the most zealous countries opposing file sharing worldwide, and one that has already worked with Law Enforcement.
The GUI version was working a month or so ago, but a recent Tumbleweed update broke openVPN when using port forwarding via natpmpc. Bug report here https://bugzilla.opensuse.org/show_bug.cgi?id=1236718
Wireguard on the Proton GUI client on Linux is experimental, don’t use it except for testing. Use the manual setup, and make sure to test for DNS leaks.
FYI, for folks currently using a normal PIN and looking to use this, it’s intended that the 2nd factor PIN at least be different than the main unlock PIN. Otherwise you can just swipe up to dismiss the fingerprint prompt and get to the main PIN prompt; if its the same as your 2nd factor, that’s pointless.
I was told on the Graphene matrix channel that the most secure configuration for this is:
Main unlock method: 6 word diceware password
Secondary unlock method: biometric + 6 character 2nd factor PIN
Be aware that if you use this config that you will be prompted for the main unlock method (long password) at reboot, and also every 48 hours.
With Linux, you can literally do anything that you want. And lots of people are already doing just what you describe, making pretty and functional Desktop Environments and compositors for anyone to use. As a beginner I’d encourage you to check out all the major Desktop Environment options first. You can usually get any of these in most major distros (Cosmic may be less available and mature right now).
Article with others https://www.geeksforgeeks.org/best-linux-desktop-environments/
Then you can get into compositors, plugins, and other customization, where you can make your system look almost exactly how you want it:
https://extensions.gnome.org/extension/6099/paperwm/
https://github.com/Bismuth-Forge/bismuth
https://github.com/YaLTeR/niri
These just happen to include tiling because I love tiling haha… I’m sure there are other non-tiling projects you could try out as well.
Edit: sounds like you may have already rejected a bunch of the status quo Desktop Environments as too boring haha. Then I would encourage you to check out Cosmic, and then the experimental tiling compositors I listed above… I’m sure you will find them unique at the very least!
I use a text/limited voice only plan from https://tello.com/
This is hilarious… after bailing from using the run file a couple months ago and going back to the 550 driver due to instability, I finally decided to install the 570 manually today. Should have waited LOL, the timing…
Invidious still works very well, however it is an ongoing battle with YouTube. They ban an instance and the instance’s ban evasion routine tries again, or in the case of IP range bans migrates to another provider and the game goes on. Despite this, it is the only way I know of to access YouTube relatively pain free using a public VPN provider. By now YouTube has blocked a lot of public VPN IPs. To me, this advantage makes it worth it.
The best way to keep up with which instances are currently functional is via the Invidious Matrix room, https://matrix.to/#/#invidious:matrix.org. You can also check the instances list https://instances.invidious.io/ but it may get out of date sometimes.
Finally, I’ve found the best way to use Invidious is via FreeTube (Linux) or Clipious (Android).
Depends on what your definition of winning is. If we reach a state where it is literally impossible to run your own software without heavy hardware modification, which would exclude 99.9% of users, that would be like big tech winning in my book. That’s why right to repair is important, and we probably also need laws to prevent OEMs from disallowing the use of alternate OS.