Tor is great at reducing tracking done by ad companies. I use Facebook and Reddit (a big chunk of my social media activity) exclusively over Tor. Step 1, block all Facebook and Reddit domains and subdomains at the DNS…
Once you’ve had the PIN scramble turned on for a while, it becomes second nature. I enter my GrapheneOS scrambled PIN about as quickly as the unscrambled PIN on my non‐GrapheneOS work phone. But it’s more of a defense…
GrapheneOS supports Android Auto now! I use it every day.
When I travel to Europe, my North America–only cell service doesn’t work at all. I definitely appreciate free Wi‐Fi at my destinations.
Cell signal is terrible for privacy, uniquely identifying each individual’s location at all times. Though Wifi can also be tracked, it at least is possible to use anonymously with MAC randomization as is the default on…
For games, the equivalent level of ownership comes from DRM‐free digital purchases. That means buying games from platforms like GOG, Itch, and Zoom Platform, and then backing them up. Steam is distantly behind in terms…
According to the commit message, the motivation is also to detect certain kinds of attacks against sshd itself, not just bruteforced login attempts.
A few more things: An SSH key can be freely reused to log in to multiple SSH servers without compromise. Passwords should never be reused between multiple servers, because the other end could log it. An SSH key can be…
I’ve seen lots of passwords accidentally typed into an IRC window. Never seen that happen with an SSH key.
I recently bought a 2024 Toyota RAV4. Throughout the purchasing process, I kept an eagle eye out for any data collection that I might accidentally opt into. This way I avoided a free trial of Toyota Safety Connect,…
100% of the spam I’ve gotten over Signal in the past few years (two messages) has been from cryptocurrency scammers, exactly the sort of people who would have $5 in cryptocurrency many times over to create new accounts…
I run OpenSMTPD, mostly because of how simple it is to configure but also how its privilege separated design has reduced the impact of bugs when they happen. (See Qualys’s sometimes complimentary comments in their…
How huge?
I’ve run my own email server for five years now. It’s surprisingly approachable when done piecemeal. I broke it into several pieces. 1. Switched from the GMail web interface and app to open source IMAP clients on phone…
Google Voice doesn’t support RCS either, so I roll my eyes when Google talks about interop.
Reminds me of this classic: https://web.archive.org/web/20160720140639/https://www.csd.u... You’ve given me something to think about. Luckily, I only have to amend my mental model a bit, to assume giving a permission to…
> IMEI According to the GrapheneOS FAQ: “As of Android 10, apps cannot obtain permission to access non-resettable hardware identifiers such as the serial number, MAC addresses, IMEIs/MEIDs, SIM card serial numbers and…
Yes, if the worry is that an app could offload data via the network, then turning off the network only provides a privacy benefit if the network stays off. That’s why the recommendation is to run Google apps in an…
GrapheneOS allows disabling network for a particular app, alongside the other permission settings. As a rule, I’ll give an app either file permissions or network permissions, but almost never both. A lot of apps are…
> After installing GrapheneOS, I wonder if it is possible to selectively stop connections to GrapheneOS servers. There are probably some connections to Graphene servers enabled by default. This is actually extensively…
That’s a great tip!
I don’t exactly like it, but isn’t it an effective measure to reduce scalping? So many .com domains are owned by entities who bought piles of dictionary words just to slap them on a SEO ads page, only willing to part…
There are downsides to country TLDs. What if you move? You might not be allowed to keep the domain from a country in which you no longer reside. Or if the country moves underneath you. Quite a few Brits lost their…
This is why I always purchase my domains for ten years up front, and top it up to ten again each year after. This way if the renewal fee increases beyond what I’m willing to pay after I’ve already got infrastructure…
I self‐host mostly because local copies of things give me some privacy (sites won’t know what my IP is searching for), and it also lets me work easily when Comcast is down… which is annoyingly frequent in my…
Tor is great at reducing tracking done by ad companies. I use Facebook and Reddit (a big chunk of my social media activity) exclusively over Tor. Step 1, block all Facebook and Reddit domains and subdomains at the DNS…
Once you’ve had the PIN scramble turned on for a while, it becomes second nature. I enter my GrapheneOS scrambled PIN about as quickly as the unscrambled PIN on my non‐GrapheneOS work phone. But it’s more of a defense…
GrapheneOS supports Android Auto now! I use it every day.
When I travel to Europe, my North America–only cell service doesn’t work at all. I definitely appreciate free Wi‐Fi at my destinations.
Cell signal is terrible for privacy, uniquely identifying each individual’s location at all times. Though Wifi can also be tracked, it at least is possible to use anonymously with MAC randomization as is the default on…
For games, the equivalent level of ownership comes from DRM‐free digital purchases. That means buying games from platforms like GOG, Itch, and Zoom Platform, and then backing them up. Steam is distantly behind in terms…
According to the commit message, the motivation is also to detect certain kinds of attacks against sshd itself, not just bruteforced login attempts.
A few more things: An SSH key can be freely reused to log in to multiple SSH servers without compromise. Passwords should never be reused between multiple servers, because the other end could log it. An SSH key can be…
I’ve seen lots of passwords accidentally typed into an IRC window. Never seen that happen with an SSH key.
I recently bought a 2024 Toyota RAV4. Throughout the purchasing process, I kept an eagle eye out for any data collection that I might accidentally opt into. This way I avoided a free trial of Toyota Safety Connect,…
100% of the spam I’ve gotten over Signal in the past few years (two messages) has been from cryptocurrency scammers, exactly the sort of people who would have $5 in cryptocurrency many times over to create new accounts…
I run OpenSMTPD, mostly because of how simple it is to configure but also how its privilege separated design has reduced the impact of bugs when they happen. (See Qualys’s sometimes complimentary comments in their…
How huge?
I’ve run my own email server for five years now. It’s surprisingly approachable when done piecemeal. I broke it into several pieces. 1. Switched from the GMail web interface and app to open source IMAP clients on phone…
Google Voice doesn’t support RCS either, so I roll my eyes when Google talks about interop.
Reminds me of this classic: https://web.archive.org/web/20160720140639/https://www.csd.u... You’ve given me something to think about. Luckily, I only have to amend my mental model a bit, to assume giving a permission to…
> IMEI According to the GrapheneOS FAQ: “As of Android 10, apps cannot obtain permission to access non-resettable hardware identifiers such as the serial number, MAC addresses, IMEIs/MEIDs, SIM card serial numbers and…
Yes, if the worry is that an app could offload data via the network, then turning off the network only provides a privacy benefit if the network stays off. That’s why the recommendation is to run Google apps in an…
GrapheneOS allows disabling network for a particular app, alongside the other permission settings. As a rule, I’ll give an app either file permissions or network permissions, but almost never both. A lot of apps are…
> After installing GrapheneOS, I wonder if it is possible to selectively stop connections to GrapheneOS servers. There are probably some connections to Graphene servers enabled by default. This is actually extensively…
That’s a great tip!
I don’t exactly like it, but isn’t it an effective measure to reduce scalping? So many .com domains are owned by entities who bought piles of dictionary words just to slap them on a SEO ads page, only willing to part…
There are downsides to country TLDs. What if you move? You might not be allowed to keep the domain from a country in which you no longer reside. Or if the country moves underneath you. Quite a few Brits lost their…
This is why I always purchase my domains for ten years up front, and top it up to ten again each year after. This way if the renewal fee increases beyond what I’m willing to pay after I’ve already got infrastructure…
I self‐host mostly because local copies of things give me some privacy (sites won’t know what my IP is searching for), and it also lets me work easily when Comcast is down… which is annoyingly frequent in my…