[-] cambionn@feddit.nl 18 points 7 months ago

Average Joe wants an easy all-in-one solution. That's what Google, Apple and Microsoft offer. An ecosystem. If you want to fight that, you need to be able to offer that. So that's what Proton is doing.

Of course it's better to have it seperated. And the security and privacy nerds will likely keep doing that anyways. But Average Joe doesn't want to take a hassle and rather looses privacy than do that.

Issue is, things are only as secure as the least secure point. Average Joe using Google and Microsoft means your data also goes there when interacting. When Average Joe is swayed by a place that is privacy-friendly ánd convinient, it makes your weakest link also stronger.

Meanwhile, Average Joe is also more save then when he was using Google or Microsoft services. Even when he would be less save than if he had his stuff seperated.

It helps everyone.

With that in mind, I applaud it. But I won't use it. I use Proton for mail, Joplin for notes (encrypting them in Joplin and syncing with NextCloud), and my passwords are also elsewhere than ProtonPass.

[-] cambionn@feddit.nl 13 points 7 months ago* (last edited 7 months ago)

For one, USA isn't actually much better than China when it comes to tracking and privacy. They just have better PR about it. But in reality they equally suck.

That asside. There isn't some secret tracking chip, but any kind of wireless network will be used to track you by different parties. Cellulair, Wi-Fi (including Wi-Fi signaling when it's "off"), Bluetooth, etc. This is a fact regardless of OS or where the phone is made, as tracking often already starts to occur by catching the signals you send out.

As such, just degoogling won't resolve tracking issues in and off itself, it's just one of many steps to get less tracking.

Phones physically in China, regardless off where it's made, tend to get tracking software installed. Just take a burner if you ever go there. But that's not hardware. And most "USA" phones are also made in China anyways...

[-] cambionn@feddit.nl 19 points 1 year ago

No and no. It's not too late, and just watching sitcons won't teach you enough to start speaking. But if you just start actual studying and practicing you can learn it just fine. Watching TV can be used to practice listening, but on it's own it's not enough unless you're a wonderkid.

[-] cambionn@feddit.nl 7 points 1 year ago

Yes. WhatsApp metadata is not E2EE, Signal's is. So while Zuck can't read your message, he knowns when you're online, who you talk to, how often you talk to them, where you are when chatting, who are contacts in hour phone, etc. Honestly that E2EE is there more as a fake safety feeling than to protect you. Not even speaking about the closed source E2EE that you can't check they don't store a copy of keys from or scan before encrypting. Neither I would put above Meta.

And even if those people still use WhatsApp with others, if they don't with you Meta looses a lot of data about you.

I would suggest not asking people to switch, but just telling people you don't have WhatsApp anymore and they can reach you on Signal or send an SMS. If you keep it on the side while asking to switch barely anyone will. If you switch, well... after a year pretty much all my friends and family had switched, last few sending SMS. Sending photos en having group chats tend to get people to come over slowely one by one once they can't fall back on WhatsApp. And while SMS isn't encrypted, it also isn't full of trackers. So for most regular people, they are better off as trackers are a bigger threat to them than a possible man-in-the-middle reading your messages.

And in my experience, if you bring it with some tact and put the issue with you (i.e. I'm the crazy privacy guy") instead of them ("i.e. you shouldn't use WhatsApp. You are stupid for not caring about privacy") you won't loose friend or get into fights about it.

[-] cambionn@feddit.nl 12 points 1 year ago

Last time I was on vacation alone I googled the few things I knew I wanted to see/do, and the rest of the time I just went out and see where I end up. Looking where locals go and do that is also a great trick.

My experience is that most easily online findable things are very tourist-y. I preffer to see more of the non-tourist stuff. Knowing a local is then the best, but by lack there off, just go with the flow.

[-] cambionn@feddit.nl 7 points 1 year ago

Manjaro KDE. Easier and more stable than Arch, but still able to use Pacman, the AUR, and Arch documentation (obviously, I don't use their support channels, but Manjaro forums are helpful with issues). Been running it for years as main OS on all my PCs here.

[-] cambionn@feddit.nl 6 points 1 year ago* (last edited 1 year ago)

You can try getting your hands on an AsteroidOS compatible watch and flash it with that. It's basically Linux on your wrist. There is a health app here and the required sensor logging is here, which are in early development but work well in what it does, like step counting and heartbeat graph. Past days aren't shown further than a week but they are logged, so you could probably get it by hand in terminal after accessing the watch with SSH if you need to until it's implemented (I think it's on the to do list).

It's my daily watch for months now, sold my Galaxy Watch4 in favor for it. It works well, is completely FOSS, and works without internet, bluetooth, or phone. Altrough both can be enabled and phones can be connected with GadgetBridge or their own app. Both are in F-Droid. You won't find a more privacy friendly smartwatch solution really.

There is an issues with the current nightlies tho, so downloads are taken offline for now. So you need to wait for that or see if anyone has old files from before the issue.

Devs are quite active on Matrix. If you have no patience you can ask there if anyone has the files. Any kind of support is also allowed there, no matter if it's very noob or advanced level.

[-] cambionn@feddit.nl 33 points 1 year ago

I think ActivityPup isn't even integrated into Threads yet? On release they said soon, a week later they said it was long-time planning. Haven't heard about it since.

[-] cambionn@feddit.nl 13 points 1 year ago

Tfw you're an Dutchy and simple home-prepaired sandwitches (read two slices of bread with some butter and cheese between them, nothing fancy), are the countries national breackfast and lunch. Warm food is for dinner traditionally 🤣.

Either way, sandwitches (no need to limit to peanut butter, a lot can be put on bread!), salads (pasta or normal), fruit, veggie, cheese, and certain type of meat (like smoked or dried sausage, or beef). They all make great parts for cold meals you can keep in your bag till lunch (speaking from experience). Some cheese & meat are even packed per small packages for easy take along as snack usage.

I would suggest you do go to restaurants a few times, just to try the local cuisine (or their variation of other cuisines). But it probably will be expensive for you indeed. Whenever I'm in Asia, I feel rich (and I'm really not). Even Japan, who is often said to be expensive, is cheaper than my country. Especially when it comes to food.

[-] cambionn@feddit.nl 26 points 1 year ago* (last edited 1 year ago)

Article says:

We’re also beginning the beta for our upcoming macOS desktop app for Proton Drive. [...] Once the macOS app is released, we’ll also work on our planned Linux version.

Based on Proton's trackrecord in development times I'ld say a far future, but I must admit they've been making meters lately when it comes to releasing stuff. It may be sooner than expected (or it might take years, we'd have to wait and see).

[-] cambionn@feddit.nl 121 points 1 year ago* (last edited 1 year ago)

Well outside of the general open source and E2EE stuff, there are a few more things.

They're under a non-profit foundation and charity to which donating is tax-deducatble. That means they have to publicice their financial numbers. Selling data would generate a sudden revenue, which would draw attention.

They also regularily do external audits, both from external audit organisations as individuals. This list was made in august 2022, you can likely find a newer list somewhere. I just did a quick search for you. https://community.signalusers.org/t/overview-of-third-party-security-audits/13243

Signal also runs perfectly fine without anything Google btw. It uses PlayServices only if you have it on your phone (otherwise it just uses WebSockets), as it preserves battery life. However, it doesn't actually send data to Google over PlayServices. Instead it sends an empty notification, which wakes the phone and is recognised by Signal as a trigger to make it connect to Signal servers to grab data directly from there. If you wish, you can check this in the code yourself. I guess you may also be able to confirm this looking at network traffic from and to your phone.

Also a note on the E2EE. Another important thing is that not only the message is encrypted, but also the metadata. Unlike most other chatapps like WhatsApp; who knows where you are, who you talk to, how often, etc. You could theoretically also check this by checking outgoing traffic if you wish.

This also means that unless they somehow secretly have a copy of your private key, there is no data for them to sell anyways. The fact that even in court they've didn't have data to show, them passing many external audits without this being a point (sometimes issues are found, which is normal. If audits are always perfect I'd be more warry. But never on this point afaik), and that nothing in the code nor internet traffic points to them possibly having this, makes me not that worried about the idea that they secretly got a copy of peoples private keys.

So overal while it's perhaps technically possible they secretly run something else on their server and build a back door to read your messages, they are many things that show they don't, and literally nothing that would say they do. And neither does there seem to be any reason why, since they can't sell it nor give it in court. So unless you believe they have some evil bigger plan, I don't see the reason to doubt.

And a little note. Privacy people can be crazy, and I say that in a positive way! If you can check it, people no doubt have, and issues would've been found. Yet many people deep into it still vouch for it. That says something. And the less crazy people profit of this. This is similar to why many big FOSS projects are considered safe even if you didn't check all code yourself. And before you say "but if everyone thinks like that", realise that the craziest don't trust other people either. While smaller projects could hide perhaps, the real big/famous projects like Signal, Linux, LibreOffice, etc would fall trough as soon as they start doing shit.

[-] cambionn@feddit.nl 10 points 1 year ago

Temple run. I used to play it a lot back in high school, unlocked everything with gameplay only including seasonal things like Santa Claus. It was fun enough, but updates would regularily reset my game completely loosing everything I archieved and unlocked, and the developers never gave a shit about that issue. I eventually gave up on it because of that.

1
submitted 1 year ago* (last edited 1 year ago) by cambionn@feddit.nl to c/feddit_nl@feddit.nl

Sinds Jerboa's update gister krijg ik de volgende melding. Alles lijkt nog te werken. Maar gezien de officiele app dit aangeeft, wellicht dat server admin een kijkje wil nemen naar het updaten van de server 🙃

0
submitted 1 year ago* (last edited 1 year ago) by cambionn@feddit.nl to c/lemmy_support@lemmy.ml

I've made two communities:
!vpop@lemmy.ml
!equestrian@lemmy.ml

At the creation of Vpop I accidentally set the language to something else. After creation, I put this back to undetermined.

When I try to visit https://lemmy.ml/c/vpop I get the following message:
404: couldnt_find_community
Whereas https://lemmy.ml/c/equestrian opens just fine. Both communities do load when loaded trough my home instance feddit.nl (https://feddit.nl/c/vpop@lemmy.ml and https://feddit.nl/c/equestrian@lemmy.ml)

Furthermore, while posts from the horses one show on lemmy.ml when filtering on new, posts from the vpop one don't. All post where set with the language button left on "Select language". Here also counts that on feddit.nl I do see them.

Do these issues have to do with the language setting? And how can I fix it so the community is properly findable/federated? Since I already changed the setting back I doubt that's enough...

view more: next ›

cambionn

joined 1 year ago