Charger8232

@Charger8232@lemmy.ml

This profile is from a federated server and may be incomplete. For a complete list of posts, browse on the original instance.

Raivo wiped all of my TOTP codes

9 months ago, Raivo OTP for iOS was sold to Mobime. Raivo was hailed highly in terms of privacy, but was dethroned to 2FAS Auth after that incident. Today, Raivo launched an update, and after updating all of my entries were completely wiped. I didn't have a backup, but even if I did you now have to pay in order to import/export...

Reminder: The DMV uses photos for facial recognition

This is half a decade old news, but I only found this out myself after it accidentally came up in conversation at the DMV. The worker would not have informed me if it hadn't come into conversation. Every DMV photo in the United States is being used for AI facial recognition, and nobody has talked about it for years. This is...

T-Mobile's Forced Arbitration

In an effort to increase my privacy, I decided to buy a Pixel phone second hand to use with GrapheneOS. Due to some miscommunications, the phone ended up being carrier locked with T-Mobile. GrapheneOS's own website advises against buying carrier locked phones in order to avoid the hassle of carrier unlocking it....

Charger8232 OP ,

If you consider raising awareness about a brand name to be an advertisement, then it does. I do see your point, though.

Charger8232 ,

I've been a fan of SimpleX for a while now. Privacy comes at the cost of convenience, and SimpleX is the most private messaging platform according to this spreadsheet.

Charger8232 ,

(Last I checked) From this spreadsheet, Discord is the fourth worst messaging platform in terms of privacy. Now a new row for "Has ads" will have to be added...

Charger8232 OP ,

That is very helpful, thank you! Is there any benefit to using UDP over TCP? I know TCP is more easily detectable with a port scan, and TCP uses ACK to make sure the data gets sent (and for that reason UDP is usually faster but lossy). How does that fit in with the context of DNS queries?

Charger8232 OP ,

This was very helpful, thank you! While I'm well aware of encrypted messaging apps, it seems more beneficial to encrypt all traffic, since not all traffic is just messaging and not everyone uses encrypted messaging apps.

Charger8232 OP ,

Why would they put in the effort when anyone who cares about secure communication just uses an encrypted messaging app?

Because not all traffic sent through cellular is messaging. People visit websites and whatnot when they're out-and-about. Not to mention that not everyone uses secure messaging apps.

P.S. I am very aware of Signal, thanks!

Charger8232 OP ,

doesn’t seem to understand encryption in general

I have some degree of knowledge in how encryption works, not so much how cellular carriers work (on a low level).

Charger8232 OP ,

Thanks for elaborating! I'm curious about two things

  1. How are DNS queries handled over cellular?

  2. Is traffic E2EE between the phone and the cell tower, or could anyone with a laptop sniff packets of phone calls OTA with Wireshark?

Charger8232 ,

"I have a mechanical car." hits different...

Charger8232 ,

Here are some helpful links from the EFF (Electronic Frontier Foundation) on the topic:

https://www.eff.org/wp/defending-privacy-us-border-guide-travelers-carrying-digital-devices

https://www.eff.org/files/2017/03/10/digital-privacy-border-2017-guide3.10.17.pdf

https://www.eff.org/files/2018/01/11/border-pocket-guide-2.pdf

https://www.eff.org/issues/border-searches

I'm sure there's more that I haven't put here, feel free to sift through the search page

Having lived in the U.S. my whole life, (and this doesn't speak for everyone), it's not the dystopia people make it out to be all the time. In fact, people will likely judge you for wearing a face mask. If you care about hiding your face, sunglasses and a cap is enough. Remember to be reasonable with your threat model!

Charger8232 ,

Thanks for creating your own post!

I also have a graphing calculator that can generate these.

This is a unique solution that I will add to my toolbelt for the future! Which calculator is it?

However, I fear that the cat’s already out of the bag.

Data gets stale! It's never too late to start, and it's always better to prevent future disaster than to dwell on old ones. I used to use Instagram + as my main chat platform, and now I have no worries because what's done is done and I learned better.

However, my sixth form cafeteria only accepts two forms of payment: biometric (handled internally) and debit card.

Dystopia... Have you asked if you can explicitly use cash? If you're up for it, push for the use of it in your school. I know plenty of students that use cash religiously for lunch.

Some shows I enjoy (i.e. Helluva Boss)

Hazbin Hotel is one of my favorites

My local timezone just happens to be the same as UTC

That is truly a lucky thing, as it reduces a lot of fingerprinting.

I’m still salty about Apple removing the headphone jack and then every other phone company following suit.

Me too, but fret not, as there are adapters and (most likely, I haven't checked) non-disposable USB-C earphones.

I will never use Amazon Echo or Google Home.

I will never use Alexa. Or really anything that turns my home automated.

"Alexa, open the door."

"I'm sorry, your voice is not recognized and your plan has been cancelled. Please contact support and we will respond within 3-5 business days."

Obviously that will never happen, but it's not so unreal...

Start using multiple browsers

I used to stick to only one, but found out that it's easier to be as private as I can and "move down the assembly line" until something works.

Use cash more often

I withdrew almost all my funds from my bank and only used my card if I ran out of cash on a run.

Anonymise social media

No helping you there. I found out that even the smallest details I put out collectively could be used to uniquely identify me, after making only two posts.

Try to get family to ditch Meta

If you can, great. Otherwise, just try not to get posted on their socials.

Look into BIOS and UEFI hardening

Really just use an open source BIOS and slap a password on it (with Heads if you want) and you're all set. Careful not to brick your PC.

Buy a privacy screen protector and faraday equipment

One note about privacy screen protectors: If your brightness (specifically white point) is too high, people can see it. You can enable "reduce white point" on iOS, and set it to 100%, and that works well even on max brightness. Smudges can also let people see. Turn your phone horizontal (if you're testing in public) and tilt it slightly to see how much people can see in your current environment.

Good luck! You have a pretty good setup! I hope you make the improvements you want, and learn along the way!

Charger8232 ,

Cool! Thank you!

Charger8232 OP ,

Thank you, I'll check it out!

Charger8232 OP ,

This is a good guide on how to harden iOS. Basically iOS made as private as possible.

Charger8232 OP , (edited )

A few notes on the article

  1. The article is 3 years old

  2. One type of attack, for example, would identify users by minute differences in the clock times on their computers.

This is unreliable, I would like to see how exactly it was done.

  1. It references some exploits that have been patched

  2. One of the points mentioned is simply "He was the only one using Tor on the network at the time", which still didn't deanonymize him from Tor's perspective.

  3. Anybody can operate Tor nodes and collect your data and IP address

Anyone can operate a node, nobody can collect your decrypted data, because of E2EE. Guards can see your IP address, which is why you can use a VPN behind Tor.

I stopped skimming after that. Anyone who wants to continue can, but I'd say the article is mostly stale.

Charger8232 OP ,

Thanks for sharing! Most IP addresses are specific enough to locate cities by themselves, just a note.

Charger8232 OP ,

What are these ethical movie streaming sources?

Netflix, Amazon Prime, places that host copyright free movies, etc.

Have you tried this process? https://mashable.com/article/how-to-blur-your-house-on-google-street-view

I have not, thank you!

Charger8232 OP ,

Do you know if the funding issue is resolved?

I do not.

Charger8232 OP ,

  1. Since this is a fresh install of Secureblue, I have the default rules in place. I will eventually take a day to crack down and find out what rules I want.

  2. This explains now to harden iOS

  3. Thanks for letting this inspire you to make your own!

Charger8232 OP ,

Are you just meaning not piracy?

Yes.

Charger8232 OP ,

I need to read up on NAT and CGNAT, I'll reply again tomorrow. Cheers!

Charger8232 OP ,

Yes, the purpose is for less fingerprinting in case my browser doesn't spoof it properly.

Charger8232 OP ,

Running on Lockdown Mode now, and it’s actually not that bad!

I have only had issues with it twice, been using it for a year

  1. Images on a website wouldn't load (for security reasons)

  2. Some apps break, but you can disable it per-app

Charger8232 OP ,

I am looking into buying a Samsung S9/S10 to install LineageOS on.

If you have the money, check out GrapheneOS!

Part of me wants to download my music from Spotify and store it somewhere, but iPhone Drive isn’t the greatest when it comes to that. Maybe somebody has (free/FOSS) suggestions?

Spotube does this really well

Charger8232 OP ,

I remember I tried out Spotube on my computer but the code wouldn’t work.

It's buggy, but it works good enough with some effort.

How does Graphene differ from Lineage, in any way that it is preferable?

This table compares Android ROMs based on a lot of metrics. Basically, Lineage isn't as private as people think, but Graphene does it proper. Let me know if you have specific questions :)

Charger8232 OP ,

Alright, so:

When you visit a website without using a VPN/Proxy/Tor, the website can see your public IP address. That public IP address is unique (with exceptions I'll get to in a moment) to your home router. NAT means that each device connected to your router (Wi-Fi) has a local IP address, hidden to the website, but your routers IP is still unique to the website. That means that, even if you switch devices, if you visit a website using your home network the website knows that it is your Wi-Fi and not somebody else's. That means that you can get tracked across websites just by correlating public IP addresses. Ads can see this IP address too. The public IP address by itself is enough to narrow down your location to the exact city, in most cases. So, when you visit a website, the website knows

  1. The city you live in
  2. Can correlate your public IP address (ad networks usually do this, not the website itself) to all the other websites you've ever visited

If your ISP uses dynamic IP addresses, that means your public IP address changes every month or so, so that #2 only has a history of about a month. CGNAT (Carrier-Grade NAT) means that multiple routers share the same public IP address, which removes #2 altogether. This still lets websites know the city you live in, but it reduces mass internet surveilling.

I may have gotten a few minute details a bit off, but that's a basic shake down of how it works. TL;DR: Your IP can uniquely identify each of your devices if you don't have NAT, your router if you do have NAT but not CGNAT, and the city you live in. Find an ISP that uses IPv6, dynamic IP addresses, and CGNAT, and use a elite proxy, free VPN, and Tor with a private DNS for maximum privacy.

Charger8232 OP ,

Pleasure to finally meet you, albeit under less than ideal circumstances. I've been anonymously surfing this community for the better part of a year now, and only made an account in the past month. Your name has shown up a lot in most of the notable comments I've read. You've grown quite the reputation, even spreading to friends I know from other communities. Again, nice to meet you. Would you like to have a constructive and calm discussion regarding your concerns?

Charger8232 OP ,

Simply edit the URL

Thanks for this! It's a trick I learned a long while back but have since forgotten. Good reminder!

Charger8232 OP ,

I am currently in the process of researching Libreboot. Have you had any concerns or problems when using it? Thanks!

Charger8232 OP ,

Thanks for these recommendations!

but why not go all the way in?

I've tried Qubes in the past, and I'm not ready to tackle the learning curve yet. I want Secureblue to be the bridge to learning Qubes first.

I’ve switched Proton for Mullvad VPN, because I really like the idea they are going for

I've considered using it from a fingerprinting perspective, but I don't have the finances to switch yet.

I think that in general I’d recommend just getting a cheap laptop/NAS and run your own Jellyfin, and slowly start building your own music collection.

Oh?

Charger8232 OP ,

Thanks! I'll check that out

Charger8232 OP ,

Thank you for your openness to a rational discussion! For transparency's sake (since I have a firm belief that correspondence with higher powers should be publicized), I am willing to address your points one by one publicly.

TailsOS is not for “fun” purposes.

While you are correct that Tails is not designed for entertainment purposes, because I have a passion in technology and privacy alike, I find it an enjoyable experience to use Tails, learn about some of its features, and overall have a peace of mind that none of my "shenanigans" will affect my daily operating system.

I use a Faraday bag to store my device when I’m in public

Nobody uses their phone like this. When you stop using the communicator as a communicator, you have made the phone essentially a glass brick you lug around for no purpose.

I hardly use my phone for communication purposes, as phones have been designed to be used for a multitude of different tasks. Some of these are: gaming, photography, a calculator, note-taking, music streaming, and many more. Phones today are essentially used as portable pocket computers. While I do use my phone for communication, I am not constantly in contact with people in my social circle. It's a healthier way to use a digital device, because it means when you are at work or with friends, you aren't constantly distracted using your phone. This helps me to live the moment, and be present. The Faraday bag adds extra security while doing so. I am by no means telling you how to use your phone, but that is how I use mine. After all, it's my phone, not yours.

“NSA style” zomg cool blonde hair tech whiz kid?

This was a poke at this comment: "If you want paranoid levels of security, consider following the NSA’s Rule of Two, which means two completely independent layers of encryption."

I am not blonde, by the way. Nor a minor.

iOS is a privacy nightmare. https://gist.github.com/iosecure/357e724811fe04167332ef54e736670d And its security has been worse than that of Android for years now. https://www.wired.com/story/android-zero-day-more-than-ios-zerodium/

Thank you for providing helpful links! While I am well aware of the privacy invasive nature of iOS, I currently don't have the funds to switch to my preferred alternative, GrapheneOS. This is my personal preference, and YMMV.

GrapheneOS is complete snake oil. Read more here to know about “security” cultists in FOSS/privacy community.

https://old.reddit.com/r/privatelife/comments/ug9qnc/writeup_criticism_of_rprivacyguides_grapheneos/

https://old.reddit.com/r/privatelife/comments/13teoo9/grapheneos_corporate_foss_loving_witch_hunting/

It's not very appropriate to discriminate against a group of people, even if their views do not align with yours. They are still people, after all. While I don't share your views about GrapheneOS, I do appreciate providing sources to back up your claims. Kudos to you for using old.reddit.

This post is a massive joke.

This is not nice and does not contribute to the post at all, and is therefore unnecessary. If you have negative opinions regarding a post, consider simply downvoting and potentially having a conversation with the creator (me) about it.

This person made a rough guide, and not merely shared their own setup.

If my post has been perceived as a guide, I apologize. It was not my intention. I'm not exactly sure if you were referring to a privacy guide, or a guide on how to format answers (which many people have followed). I don't see any parts that encourage people to use the same services that I use (as a privacy guide would), but I could be wrong. Would you mind elaborating with specific examples?

And if someone is going to suggest their setup, let alone a guide, there will be people who pick it apart. Most will be trolls, some will be constructive.

This is the sole reason I placed the rules directly in the post, to discourage that behavior. Obviously it's not foolproof, but it has significantly helped prevent it.

“Hardened iOS” is an oxymoron at some level, for example.

I agree that, in some sense, it is an oxymoron: considering that iOS cannot be fully hardened due to multiple factors. The reasons I chose to use that terminology are explained below.

If you use iOS, stop trying to conform to “cool” privacy notions, and be okay with it.

I tried my best to refrain from using terms that beginner privacy enthusiasts would not understand, which led to certain creative solutions to be used, such as "hardened" as an adjective to describe a more locked-down service. If you have any suggestions on alternatives, I am happy to hear them!

Switch to Android and harden it when comfortable.

I do not have the finances to switch to a device capable of running Android yet. I am doing the best with what I can. Thank you for understanding my situation!

Yes I mocked the post, but I did not berate the user, and I consider it fair enough.

Mocking any content created with detail and care is not a kind thing to do, and goes against c/privacy's 6th rule "Be nice :)", which I am sure you are well aware of, considering you are a moderator in that community.

I come with a lot of privacy/anonymity experience so I suggest things in a more hardline manner, while being able to see through if someone is okay with a more basic threat model. I am not a snobby elitist. I make guides for threat modelling, smartphones and computing.

Interesting! Would you mind linking to a few of your guides? I am very interested in reading them.

“Hardened iOS” and “GrapheneOS” often crosses my tolerance limit.

It is interesting for you to compare hardened Android (which you have stated is preferable) to iOS (which you have stated is not private). Would you mind elaborating on why GrapheneOS is not regarded as highly in comparison to other hardened Android ROMs, in your own opinion? Also, disregarding how privacy invasive Apple devices are, do you believe that Apple's Lockdown Mode (at least) delivers on security features?

It sounds to me from experience that the person is no longer “reachable” in a reasonable manner, unless drums are loudly beaten.

I am happy to hear that I was able to exceed your expectations, with quiet instruments.

One thing I am known for is not abusing mod powers, and giving people plenty leeway. But even then, being the mod, you probably view it as an imbalance

Would you mind elaborating on why I may see your messages as an imbalance, as a result of your status as a professional moderator of this community?

If it is a simple debate in public, I welcome it as well.

I am glad you are open to a clean, transparent discussion. I look forward to hearing from you.

I cannot promise an immediate debate unless I am free, given my life circumstances, but we can try.

That's alright, we all have hardships in the real world. Take your time.

I will admit one mistake, I did not know and assumed Secureblue is a misspelled Silverblue

It is a good quality to be able to admit your own mistakes, and I commend you for that. Until recently, I, too, was unaware as to what Secureblue is.

Nice pick. I use Debian Stable and am extremely picky with what I install, even minimising Flatpak installs and network connected programs.

Thank you! It was actually the community you moderate (c/privacy) that helped me pick it out. I, too, am somewhat picky about my installs. I am currently sticking to strictly Flatpaks.

I am eager to hear your responses! Please, get back to me when you can.

Cheers!

Charger8232 OP ,

Reading this, my only thought was "This setup is eerily similar to the one I aspire to have." Good job! I may reply with questions if I feel up for it.

Charger8232 OP ,

I've tried it a few times, but couldn't get it to work for reasons I don't remember. I will try it one more time and give my feedback.

Charger8232 OP ,

Update: I finally got it working! The UI is a bit weird, but it works. Thank you!

Charger8232 OP ,

SomeOrdinaryGamers has a Deep Web series for the “fun”.

Thank you, I'll check it out!

I can attest to that, being my MO as well. Smartphones have made us isolated, anti social and dumber.

The same effects were seen with the introduction of the first commercially available computers.

Either use these terms or just leave them out.

There is nothing wrong with what I said.

Well, for one, they openly harass and witch hunt people (Micay instructed mods in his Matrix chat), and Micay went on to call almost everyone complicit in his claimed swatting attempt in April 2023, for which there is no evidence provided or in media. He also abuses “autism” label to avoid public accountability for his lies and crybullying behaviour.

Linus Torvalds himself has called these security cultists “masturbating monkeys” for the annoying things they do. People like Brad Spengler have been an annoyance to Linux community. And many people dislike the disregard for open source culture, privacy, anonymity and performance in the name of security, since most of them love advocating for corporate closed source security.

All of this is irrelevant to the GrapheneOS project itself. What the creators did had no effect on the focus and implementation of GrapheneOS.

When I get pissed off, I try steering people in a better direction.

That does not excuse your actions. There are kind, constructive ways of helping people in the right direction, what you did was neither of those.

If you use it, use it, but iOS in no measure stands above Android for privacy, security and anonymity purposes.

I never claimed it did. In fact, I implied the opposite.

Non-root smartphone guide: https://lemmy.ml/post/128667

Linux/Windows computing guide: https://lemmy.ml/post/511377

Threat model guide: https://lemmy.ml/post/34223

Guide for protestors: https://lemmy.ml/post/34220

Have you considered publishing a proper article on a place other than social media?

People often leverage powers to ban or silence debating just to not “lose”.

Another way of trying to win a debate would be to blatantly ignore and refuse to acknowledge points brought up by the opposing side. Here are the ones you missed:

If my post has been perceived as a guide, I apologize. It was not my intention. I’m not exactly sure if you were referring to a privacy guide, or a guide on how to format answers (which many people have followed). I don’t see any parts that encourage people to use the same services that I use (as a privacy guide would), but I could be wrong. Would you mind elaborating with specific examples?

I agree that, in some sense, it is an oxymoron: considering that iOS cannot be fully hardened due to multiple factors. The reasons I chose to use that terminology are explained below.

I tried my best to refrain from using terms that beginner privacy enthusiasts would not understand, which led to certain creative solutions to be used, such as “hardened” as an adjective to describe a more locked-down service. If you have any suggestions on alternatives, I am happy to hear them!

I do not have the finances to switch to a device capable of running Android yet. I am doing the best with what I can. Thank you for understanding my situation!

Mocking any content created with detail and care is not a kind thing to do, and goes against c/privacy’s 6th rule “Be nice :)”, which I am sure you are well aware of, considering you are a moderator in that community.

It is interesting for you to compare hardened Android (which you have stated is preferable) to iOS (which you have stated is not private). Would you mind elaborating on why GrapheneOS is not regarded as highly in comparison to other hardened Android ROMs, in your own opinion? Also, disregarding how privacy invasive Apple devices are, do you believe that Apple’s Lockdown Mode (at least) delivers on security features?

It seems you ignored over half of my message.

I look forward to hearing the responses you missed!

Charger8232 OP ,

Graphene is not an OS but an AOSP fork.

GrapheneOS is a standalone mobile operating system based on the AOSP. Android's kernel is based on the Linux kernel. If GrapheneOS is not an OS, then you are saying Android isn't one either. Would you mind elaborating on why you believe GrapheneOS is not an OS?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • worldmews
  • mews
  • All magazines
    •