Open Source Charger8232 • 2 days ago • 94%

github.com

cross-posted from: https://lemmy.ml/post/20306561 > Hi everyone! For... I guess over a year now? I've been observing and trying out lots of software recommended by the privacy community and internet as a whole. With that time, I've been able to slowly put together a list of all the software I personally believe to be the best for their own various reasons. I finally have enough to be able to share it with all of you! > > I'm also looking for feedback. I haven't tried all the software on that list, and I'm sure there's software I've never heard of that needs added. I'm looking for your feedback on what you think should be added, removed, or changed. That includes the list itself, if you think there are any design improvements. > > Do note: Any software marked with a ⭐️ I am *not* looking for feedback on. This is software that I firmly believe is the best of the best in its category, and likely will not be changed. However, if there is a major issue with the software **that you can provide direct proof of**, then there is a chance it will be changed in the next release. There are no grantees. > > The sections marked with ℹ️ are lacking, and can use your help! Some software there may not be the best one, or may have many software or sections missing. I am absolutely looking for help and feedback here, and would love your help! > > My goal with this project is to help people find the best software from many standpoints, and to prove that there really are good open source alternatives for almost anything! I hope this helps someone, and I look forward to your feedback! > > Thank you all for reading and taking the time to look through my list!

Privacy Charger8232 • 2 days ago • 97%

github.com

Hi everyone! For... I guess over a year now? I've been observing and trying out lots of software recommended by the privacy community and internet as a whole. With that time, I've been able to slowly put together a list of all the software I personally believe to be the best for their own various reasons. I finally have enough to be able to share it with all of you! I'm also looking for feedback. I haven't tried all the software on that list, and I'm sure there's software I've never heard of that needs added. I'm looking for your feedback on what you think should be added, removed, or changed. That includes the list itself, if you think there are any design improvements. Do note: Any software marked with a ⭐️ I am *not* looking for feedback on. This is software that I firmly believe is the best of the best in its category, and likely will not be changed. However, if there is a major issue with the software **that you can provide direct proof of**, then there is a chance it will be changed in the next release. There are no grantees. The sections marked with ℹ️ are lacking, and can use your help! Some software there may not be the best one, or may have many software or sections missing. I am absolutely looking for help and feedback here, and would love your help! My goal with this project is to help people find the best software from many standpoints, and to prove that there really are good open source alternatives for almost anything! I hope this helps someone, and I look forward to your feedback! Thank you all for reading and taking the time to look through my list!

Privacy Charger8232 • 1 week ago • 100%

I didn't want to make two separate posts for these, so I am combining them into one. The two hardest apps to find for Android were a music player capable of playing local files, and an ebook reader with a nice design. With some help from the community, I was able to find nice apps for both of those. All apps here are available to install via Obtainium. My goal here is to raise awareness for some unknown but high quality apps that I have found. # Music player: [VLC](https://www.videolan.org/vlc/download-android.html) **Credit:** [@HanShan@lemmy.nowhere.moe](https://lemmy.nowhere.moe/u/HanShan), [@thayerw@lemmy.ca](https://lemmy.ca/u/thayerw), [@Corngood@lemmy.ml](https://lemmy.ml/u/Corngood) I have tried plenty of music players, and most of them are either copies of each other, are lacking in features, or are just plain buggy. Despite what I expected, VLC is actually the best choice in this category. Besides being a must-have in general, VLC actually has fantastic support for music management. It has plenty of customization, however I found that the Black theme did not work. Besides that, it has support for folders, creating playlists, playback history, albums, artists, genres, shuffling, queue management, equalizers, sleep timers, playback speed, A-B repeat, and so much more. It is honestly exactly what I was looking for, with a sleek UI and very feature packed. It's nothing like the desktop app. # eBook reader: [Book's Story](https://github.com/Acclorite/book-story) It was a struggle to find an eBook reader with nice usability. I managed to find two that are very promising. One such reader is Book's Story. Book's Story offers a completely offline experience to managing and reading eBooks. It's what I would want if I were to code an eBook reader, with a nice Material design and a minimalistic layout. However, there are things I don't like about it. For starters, it doesn't correctly read my eBooks. That's honestly disappointing, since that means the app is currently dysfunctional, but I am including it in this list because I have high hopes for it. There is also no page turning view, which isn't bad, but it's a feature I look forward to. Overall, I don't currently recommend using this, but in the future I can easily see it becoming one of the best eBook readers out there. # eBook reader: [Myne](https://github.com/Pool-Of-Tears/Myne) Unlike Book's Story, Myne is able to read all of my eBooks just fine. Myne is an even more polished eBook reader, also with support for downloading eBooks from the internet in the app. It too lacks in a page turning view, and doesn't allow you to customize which screen is your default. The second one is slightly annoying because if you are offline and open the app the first thing you see is a 404 page. You can still view your offline ebooks, of course, but it would be nice to select which page is the default. Furthermore, while it was able to read my eBooks well enough, there are still a few minor HTML artifacts visible in the book. If I was able to merge the layout of Book's Story with the design and functionality of Myne, it would become the perfect eBook reader. I'd love to see where both of these projects go, and even in their current state they beat some of the most popular eBook readers in my opinion, such as Librera and KOReader.

Privacy Charger8232 • 1 week ago • 98%

My mobile operating system of choice is GrapheneOS. I run it on a used Google Pixel 8, as I didn't have enough money for any of the phones in the Google Pixel 9 lineup, which offer a more secure ultrasonic fingerprint scanner. I used to use iOS, but I finally managed to switch. I wanted to share my thoughts on GrapheneOS, problems I had, and the apps that I use. To install apps, I first check if it is available on GrapheneOS's built in app store. If not, it is installed via Accrescent. Because Accrescent is still very small in support, most of my apps are installed via Obtainium. One app however, ProtonVPN, is installed via Aurora Store, because that is the only installation medium that allows me to sign in as a guest. I do have a Proton account, so signing in isn't an issue, but since I plan to use ProtonVPN until I can pay for Mullvad VPN, I might as well get as much anonymity as I can. I don't use the actual Google Play Store, despite claims of it being more secure, mainly due to me required to create a Google account. I only use Aurora Store for ProtonVPN. For apps that are not available for Obtainium but are available on F-Droid, I simply use the F-Droid repo inside of Obtainium. All apps are verified with AppVerifier. For games I have a very small selection. Simon Tatham's Portable Puzzle Collection is a game collection I have been using since before I even knew it was open source. Antimine is a Mines client, which is a classic. I also play a game called Zoysii, which is only available on F-Droid. It passes the time. Code Word is a nicely made Wordle app, with some extra features. Open Sudoku is a nice Sudoku app, however I found that almost all of the available puzzles to install are very easily solvable. 2048 by SecUSo is a decent app to play 2048 that is still maintained, however it currently does not have a dark mode theme. blichess is a fork of lichess that simply adds the option to play over Bluetooth, which I really like. My mobile 2FA app is Aegis, which is really everything you would expect. Audire is an open source frontend for Shazam, which I use for music recognition. I'm sure there are some better apps with different APIs, but Shazam works really really well, and that is what I am looking for in the app. Aves is my photo manager, as it allows for proper photo hiding. It is available through Accrescent, which is nice. It is one of few apps that required me to sign terms and conditions, but it doesn't matter since it doesn't have internet access anyways. It allows me to view extensive details about photos, and even remove metadata in the app. I use AndBible for Bible study, but the project seems to be abandoned and needs lots of improvements. I sincerely hope a good alternative is developed eventually. I would be willing to help out any way I can. For messaging I use SimpleX Chat for my most personal chats, but for mostly everyone I contact them via Molly, which is a hardened version of Signal available on Accrescent. When I am offline, I contact nearby people through Briar over Bluetooth, which is awesome while camping. I don't have any cellular provider, so I occasionally have to make sacrifices in terms of contact. The default GrapheneOS calculator has no dark mode, so I opt for OpenCalc as my default calculator. I tried both Etar and Fossify Calendar as a calendar, and have been much happier with Fossify Calendar. A lot of Fossify projects have been abandoned, sadly, so I may have to switch. I use the default GrapheneOS camera for most of my pictures, but when I need high quality shots I will use Open Camera. It supports HDR and some post processing. The GrapheneOS camera has incredible support for code scanning, such as QR codes and bar codes. I don't plan to use the Pixel Camera, since those apps work just fine for me. To edit photos I use the GrapheneOS gallery, but it is somewhat lacking. I plan to stick with it as they add new features. I have a ClearClipboard app that, simply, clears the clipboard when you open it. It's a small tool but I get very paranoid about clipboard access. I've found that my password manager doesn't reliably autoclear, which I will discuss later. The default GrapheneOS clock app is fine. I wish there was an OLED theme, but it's worked for what I need. DeepL is what I use for translations, because I cannot seem to find an offline translator app. It's very upsetting. For my keyboard I use HeliBoard with the proprietary swipe to type module, and it's great. There are a few weird autocorrect suggestions, such as not recognizing the word "A", but it's honestly not been a huge issue. I use Joplin to take notes. I had issues with Standard Notes when I was on iOS, and had switched to Joplin there. I now can't even imagine why anyone would even try to use Standard Notes, Joplin makes Standard Notes look like a joke. It has all (or at least all I care about) of the paid features of Standard Notes, for completely free. My password manager is KeePassDX, which is honestly exactly what I would want from a password manager. The only issue I've had is that it sometimes disables biometric unlock and makes you unlock it yourself, which is super weird. Besides that, I will be using it until either it dies or I do. For eBook reading I use Librera, but the UI is honestly atrocious. The best eBook reader I have ever used is Apple's stock Books app, and I honestly wish something of that polish existed on Android. Librera will work but it's not nice to use. I have LibreTorrent in case I ever need to torrent something on the go. It's fine, I wish torrent software would include a hard toggle to disable seeding, but it's worked as intended. In a similar category I use LocalSend to transfer between any of my devices. I haven't tried KDE Connect because LocalSend has never caused me problems. The only issues I have encountered were because of strict VPN settings. I eventually plan to use Mullvad VPN, but until I can afford it I am using ProtonVPN as I mentioned. I have no real comments because I have only used ProtonVPN. IVPN is on my radar, but Mullvad VPN is still at the top of my list. IVPN is available via Accrescent. I also have Orbot in case Proton or Mullvad are blocked. Music players have been a struggle for me. All of them have their own various issues. All I really need is a nice way to play mp3 files offline and sort them into playlists. A night timer is nice. Vinyl Music Player is what I use for now, since Fossify Music Player seems to be abandoned. I'm open to some open source alternatives here, since the ones I have tried all have issues. Ideally these should be available by Obtainium. I use Organic Maps for navigation. Support is alright in my city. OsmAnd has a pretty bad UI but it's gotten better. Organic Maps I've heard has a few issues, and OsmAnd has a premium tier, but I don't really care. I am just sticking with Organic Maps. I'm happy with it, so it's fine. I have RadioDroid installed to try it out. It lets you listen to radio stations over WiFi. I'm jealous of Motorola users for their built in AM/FM radio receiver antenna. I might not keep this app, since it's fairly useless when you think about it. Either way, maybe a GrapheneOS phone will come along with a built in antenna. I have Tor Browser installed just in case I ever need to visit an Onion site or use a Gecko based browser. My main browser is Vanadium, and I did try Mull but it doesn't block advertising redirects even with uBlock Origin. Vanadium is fine for now. I have Trail Sense as a compass and emergency survival app. I hope I never have to use it for survival, but at the same time, I hope this app saves my life. It's cool to see how many sensors it utilizes to help you out. Tubular is a fork of NewPipe that has SponsorBlock support. I like it, it's not as polished as I would want but it's plenty usable. I wish it had DeArrow as well, but I'm sure it won't be long until it's added. I use the Fossify Voice Recorder for voice recordings. It's what you would expect, not much to say here. For weather, I use Breezy Weather. For some reason some features were unavailable on the F-Droid version, but after installing with Obtainium I now have plenty of features at my disposal. It's almost as good as the iOS weather app, and has plenty more features. The accuracy where I am is slightly iffy, but it's good enough that I can rely on it. I use a passphrase to lock my phone, and use biometric unlocking to ensure no one can shouldersurf passcodes. GrapheneOS only lets you add up to 4 fingerprints, which is a good enough limit, but I do wish it was higher. If I wanted only 4 fingerprints, I would choose that myself. I backup GrapheneOS using my own USB stick and the built in backup option. Some apps such as SimpleX refuse to be backed up automatically, but I can simply manually export the database and backup that file. Even without any Google frameworks installed, GrapheneOS has been a really seamless and polished experience. The issues I would raise are actually with Android itself, such as weird management of app signing, but overall GrapheneOS has been incredible. GrapheneOS is honestly the minimum every person should expect in terms of privacy and security on their phones, because nothing else even comes close to GrapheneOS in those categories. The gap between iOS and GrapheneOS is absolutely massive, given that so many of the apps I use are Android specific.

Linux Charger8232 • 3 weeks ago • 95%

The codenames for every major Debian release are named after characters from Pixar's Toy Story franchise. Debian's unstable release is fittingly named after Sid, an unstable character from the Toy Story movies.

Privacy Charger8232 • 3 weeks ago • 100%

I am in the process of moving away from Spotify by downloading my music offline. The files vary in types (.webm, .m4a, etc.), and I would like a way to sort them into playlists on Android. What are your suggestions?

Privacy Charger8232 • 4 weeks ago • 93%

I was bored, so I compiled a list of 77 of my favorite open-source privacy-focused software. This ranges from Android apps to desktop apps to websites to operating systems. I scraped the programming languages used for each one from their respective repositories, and created a simple scoring system to score each programming language. Obviously there is some bias, since Kotlin is very popular for Android apps and not much else, and it's not an exhaustive list, so some data might be off, but it was still fun to make! Just wanted to share it with all of you, in case anyone else finds it interesting. ### The full ranking ::: spoiler Full ranking 1. C++ 2. C 3. Kotlin 4. Java 5. JavaScript 6. TypeScript 7. Python 8. Shell 9. C# 10. Dart 11. PHP 12. Ruby 13. HTML 14. Makefile 15. Go 16. QML 17. Pascal 18. CSS 19. Clojure 20. Blade 21. Crystal 22. Batchfile 23. Swift 24. Emacs Lisp 25. Svelte 26. Rust 27. CMake 28. Haskell 29. Lua 30. Vue 31. Roff 32. XSLT 33. Assembly 34. NSIS 35. Objective-C 36. SCSS 37. Less 38. PLpgSQL 39. Objective-C++ 40. Inno Setup 41. Meson 42. WebAssembly 43. ASL 44. PowerShell 45. Rich Text Format 46. GLSL 47. Common Lisp 48. Haml 49. Scheme 50. Dockerfile 51. Perl 52. AIDL 53. M4 54. Mustache 55. D 56. MDX 57. SourcePawn 58. M 59. Pug 60. Lex 61. EJS ::: ### Scores for each programming language ::: spoiler Language scores C++: 13070 C: 11734 Kotlin: 7195 Java: 6727 JavaScript: 5356 TypeScript: 5002 Python: 4250 Shell: 1903 C#: 1873 Dart: 1872 PHP: 1844 Ruby: 1499 HTML: 1389 Makefile: 990 Go: 975 QML: 955 Pascal: 917 CSS: 888 Clojure: 878 Blade: 832 Crystal: 738 Batchfile: 708 Swift: 577 Emacs Lisp: 556 Svelte: 366 Rust: 351 CMake: 342 Haskell: 326 Lua: 300 Vue: 288 Roff: 268 XSLT: 176 Assembly: 167 NSIS: 130 Objective-C: 128 SCSS: 90 Less: 77 PLpgSQL: 66 Objective-C++: 61 Inno Setup: 59 Meson: 41 WebAssembly: 25 ASL: 22 PowerShell: 21 Rich Text Format: 21 GLSL: 18 Common Lisp: 16 Haml: 14 Scheme: 13 Dockerfile: 12 Perl: 12 AIDL: 11 M4: 7 Mustache: 7 D: 5 MDX: 5 SourcePawn: 2 M: 2 Pug: 2 Lex: 1 EJS: 1 ::: ### The original data (NOTE: I am NOT looking for criticism on any choices made here) ::: spoiler Original data ### HuggingChat TypeScript 62.1% Svelte 36.6% Dockerfile 0.4% JavaScript 0.4% HTML 0.2% Shell 0.1% Other 0.2% ### GPT4ALL C++ 48.2% QML 32.3% Python 8.5% CMake 5.4% JavaScript 3.9% C 1.0% Other 0.7% ### Audacity C 37.6% C++ 35.3% Python 18.1% Shell 2.8% Common Lisp 1.6% QML 1.3% Other 3.3% ### Duplicati C# 87.3% JavaScript 5.7% HTML 3.2% Less 1.8% Python 1.2% Shell 0.4% Other 0.4% ### Vorta Python 99.2% Other 0.8% ### Filen (Desktop) TypeScript 96.3% JavaScript 2.1% HTML 1.2% NSIS 0.4% ### Monero C++ 81.7% C 11.7% Python 3.2% CMake 2.0% Makefile 0.5% Shell 0.4% Other 0.5% ### Ivy Wallet Kotlin 99.7% Other 0.3% ### Brasero C 98.1% Makefile 1.5% Other 0.4% ### VSCodium Shell 83.8% XSLT 16.0% PowerShell 0.2% ### GNU Emacs Emacs Lisp 55.6% Roff 23.8% C 16.4% M4 0.7% Objective-C 0.6% C++ 0.5% Other 2.4% ### GitLab Ruby 69.2% JavaScript 17.3% Vue 6.8% PLpgSQL 2.9% Haml 1.4% HTML 0.9% Other 1.5% ### Codeberg Clojure 87.8% Shell 3.9% CSS 2.3% HTML 2.2% Batchfile 2.2% PowerShell 1.0% Other 0.6% ### Wikipedia (MediaWiki) PHP 82.7% JavaScript 15.3% Less 1.1% CSS 0.8% HTML 0.1% Vue 0.0% ### 7-Zip C++ 79.3% C 17.6% Assembly 1.6% Makefile 1.5% ### PeaZip Pascal 91.7% Inno Setup 5.9% Batchfile 1.8% C++ 0.4% Shell 0.1% C 0.1% ### qBittorrent C++ 71.0% JavaScript 14.1% HTML 11.5% Python 1.1% CSS 0.8% CMake 0.7% Other 0.8% ### osu! C# 100.0% ### 2048 CSS 54.9% JavaScript 38.1% HTML 6.5% Ruby 0.5% ### Wireshark C 95.2% C++ 2.4% Python 1.1% Perl 0.3% CMake 0.3% SourcePawn 0.2% Other 0.5% ### nmap C 38.0% Lua 29.0% C++ 17.3% Shell 4.6% Python 4.3% Makefile 1.9% Other 4.9% ### VirtualBox C 67.2% C++ 25.2% Python 2.8% Objective-C 1.7% Assembly 1.4% D 0.5% Other 1.2% ### Docker Go 97.5% Shell 1.5% Dockerfile 0.5% PowerShell 0.3% Makefile 0.1% Python 0.1% ### calibre Python 79.2% C 17.1% C++ 2.8% HTML 0.3% Shell 0.2% XSLT 0.1% Other 0.3% ### Thunderbird JavaScript 60.5% C++ 21.5% HTML 6.6% CSS 3.8% C 1.8% Java 1.7% Other 4.1% ### Betterbird Batchfile 66.5% C 18.3% C++ 10.1% Shell 5.1% ### draw.io (Desktop) JavaScript 96.0% Shell 4.0% ### Joplin TypeScript 71.4% JavaScript 22.3% HTML 1.9% CSS 1.3% Java 1.2% Mustache 0.7% Other 1.2% ### LibreOffice C++ 86.6% Java 5.5% Python 1.8% Makefile 1.6% XSLT 1.5% Rich Text Format 1.4% Other 1.6% ### Proton Mail (Web) TypeScript 92.1% JavaScript 5.2% SCSS 1.5% MDX 0.5% Swift 0.4% CSS 0.1% Other 0.2% ### F-Droid Java 65.3% Kotlin 33.1% Other 1.6% ### Aurora Store Kotlin 96.8% Java 2.8% AIDL 0.4% ### Neo-Store Kotlin 100.0% ### Obtainium Dart 98.7% Other 1.3% ### Droid-ify Kotlin 99.6% Shell 0.4% ### IzzyOnDroid PHP 97.2% Python 2.5% Shell 0.3% ### Accrescent Kotlin 100.0% ### GNOME Software C 97.0% Meson 1.2% Python 1.1% Other 0.7% ### Flathub TypeScript 74.0% Python 24.2% JavaScript 1.1% Shell 0.4% SCSS 0.2% Dockerfile 0.1% ### SearXNG Python 74.7% Shell 9.9% HTML 6.1% Less 4.8% JavaScript 2.7% CSS 0.9% Other 0.9% ### GrapheneOS Makefile 87.1% C++ 11.3% Shell 1.6% ### GNOME C 97.3% Meson 2.3% Python 0.4% ### KDE Plasma C++ 45.6% QML 41.2% C 5.5% CMake 2.3% Python 2.2% JavaScript 1.9% Other 1.3% ### Arch Linux C 98.4% Assembly 0.7% Shell 0.4% Python 0.2% Makefile 0.2% Perl 0.1% ### HeliBoard Java 45.4% C++ 34.7% Kotlin 19.2% Other 0.7% ### Blender C++ 76.3% Python 14.6% C 5.0% GLSL 1.8% CMake 1.2% Objective-C++ 1.0% Other 0.1% ### FreeCAD C++ 52.7% Python 44.5% C 1.5% CMake 0.8% NSIS 0.2% Lex 0.1% Other 0.2% ### Krita C++ 90.2% Python 3.0% C 2.3% CMake 1.6% HTML 0.7% Rich Text Format 0.7% Other 1.5% ### GIMP C 95.5% Scheme 1.3% Python 1.1% C++ 0.7% Meson 0.6% Perl 0.4% Other 0.4% ### Flameshot C++ 87.8% CMake 5.8% Shell 3.3% Python 1.7% Roff 1.1% C 0.2% Other 0.1% ### Inkscape C++ 94.1% C 1.7% CMake 1.5% HTML 1.4% Python 0.3% ### Aegis Java 96.0% HTML 2.1% Roff 1.9% ### VeraCrypt C 68.8% C++ 19.0% Assembly 10.0% Shell 1.1% Makefile 0.5% Batchfile 0.3% Other 0.3% ### KeePassXC C++ 95.1% CMake 2.2% Shell 1.5% PowerShell 0.6% Objective-C++ 0.4% Python 0.1% Other 0.1% ### KeePassDX Kotlin 79.0% C 14.0% Java 4.1% Assembly 2.6% C++ 0.2% Ruby 0.1% ### addy.io Blade 83.2% JavaScript 5.2% Vue 4.8% PHP 4.5% CSS 2.3% ### Mullvad VPN Rust 35.1% Swift 26.2% Kotlin 19.5% TypeScript 13.2% C++ 2.8% Shell 1.8% Other 1.4% ### Alovoa Java 82.7% HTML 9.8% JavaScript 3.6% CSS 2.8% Other 1.1% ### Briar Java 98.0% Kotlin 1.9% Other 0.1% ### SimpleX Chat Haskell 32.6% Kotlin 32.3% Swift 26.9% HTML 2.2% TypeScript 1.4% JavaScript 1.1% Other 3.5% ### Medito Dart 88.5% Kotlin 8.0% Ruby 2.0% Swift 0.7% CMake 0.2% C++ 0.2% Other 0.4% ### coreboot C 94.4% ASL 2.2% Makefile 1.0% C++ 0.7% Assembly 0.4% Perl 0.4% Other 0.9% ### Libreboot Shell 51.5% Python 25.1% C 22.2% Makefile 1.2% ### OpenStreetMap Ruby 78.1% HTML 8.7% JavaScript 6.9% PLpgSQL 3.7% SCSS 1.2% C++ 0.7% Other 0.7% ### OsmAnd Java 95.3% Kotlin 3.9% AIDL 0.7% CSS 0.1% Shell 0.0% XSLT 0.0% ### Organic Maps C++ 71.0% C 7.5% Java 6.1% Swift 3.5% Objective-C++ 3.1% Python 2.9% Other 5.9% ### VLC Media Player C 62.6% C++ 18.9% Objective-C 8.3% QML 3.1% Makefile 1.6% Lua 1.0% Other 4.5% ### Stremio (Desktop) C++ 36.7% QML 17.6% NSIS 12.4% JavaScript 10.7% Shell 9.1% CMake 4.1% Other 9.4% ### OBS Studio C 54.6% C++ 34.7% CMake 6.1% Objective-C 2.2% Objective-C++ 1.6% M 0.2% Other 0.6% ### NewPipe Java 84.0% Kotlin 13.5% HTML 2.5% ### FreeTube JavaScript 68.5% Vue 17.2% CSS 11.2% SCSS 3.0% EJS 0.1% ### Invidious Crystal 73.8% HTML 13.9% JavaScript 8.2% CSS 2.6% Shell 1.1% Makefile 0.2% Dockerfile 0.2% ### PeerTube TypeScript 89.7% HTML 6.5% SCSS 3.1% Shell 0.4% Pug 0.2% JavaScript 0.1% ### Tubular Java 84.6% Kotlin 13.0% HTML 2.4% ### Mullvad Browser JavaScript 28.1% C++ 25.7% HTML 22.3% C 12.4% Python 2.8% ### Tor Browser JavaScript 28.2% C++ 25.6% HTML 22.3% C 12.4% Python 2.9% ### uBlock Origin JavaScript 88.4% CSS 4.9% HTML 3.4% WebAssembly 2.5% Shell 0.6% Python 0.1% Makefile 0.1% :::

Privacy Charger8232 • 1 month ago • 96%

It is truly upsetting to see how few people use password managers. I have witnessed people who always use the same password (and even tell me what it is), people who try to login to accounts but constantly can't remember which credentials they used, people who store all of their passwords on a text file on their desktop, people who use a password manager but store the master password on Discord, entire tech sectors in companies locked to LastPass, and so much more. One person even told me they were upset that websites wouldn't tell you password requirements after you create your account, and so they screenshot the requirements every time so they could remember which characters to add to their reused password. Use a password manager. Whatever solution you think you can come up with is most likely not secure. Computers store a lot of temporary files in places you might not even know how to check, so don't just stick it in a text file. Use a properly made password manager, such as [Bitwarden](https://bitwarden.com/) or [KeePassXC](https://keepassxc.org/). They're not going to steal your passwords. Store your master password in a safe place or use a passphrase that you can remember. Even using your browser's password storage is better than nothing. Don't reuse passwords, use long randomly generated ones. It's free, it's convenient, it takes a few minutes to set up, and its a massive boost in security. No needing to remember passwords. No needing to come up with new passwords. No manually typing passwords. I know I'm preaching to the choir, but if even one of you decides to use a password manager after this then it's an easy win. Please, don't wait. If you aren't using a password manager right now, take a few minutes. You'll thank yourself later.

Privacy Charger8232 • 2 months ago • 68%

# Introduction I am a fan of Louis Rossmann. This will be very evident in the rest of the message. I saw how many companies tried to get away with anything and everything they possibly could, and I began to get very upset. I wanted to know what a perfect software would be like, one that was ethical, open, and had no way to pull the rug out from under its users. Many of the things Rossmann says were introduced into this philosophy, as well as some of my own views. I wanted to create a sort of guideline for how software should be. # Early draft This took multiple months to complete, multiple drafts (lots of which were written by hand), lots of sections compressed and decompressed, and lots of research and time to think. With all of that said, I am absolutely terrible at writing. I would either be too detailed, not detailed enough, or other various problems. However, I am including an early draft because it seems to hold its own slightly differing vision. This is an early draft written by hand: 1. **Transparency and availability** All of the software's code should be completely open source. No part of the software should be proprietary, including dependencies, blobs, drivers, extensions, website, installers, servers, etc. Those all fall under the same conditions listed in this whole document. No dependencies should be included unless they are essential for the software's core functionality or explicitly requested by the user. All dependencies should be clearly documented, and their purpose should be easily understandable by the user. The entire source code should be accessible to everyone, without any restriction, censorship, or moderation. There should be no requirement to create an account, verify identity, pay any amount, or any other extra steps to be able to access the source code in its entirety. 2. **Legibility** Every part of the code should also be understandable. Obfuscation, encryption, or any other attempts to create code that is not understandable is not allowed. All code should be well written, clearly understandable, and well documented. Documentation should be clearly understandable and falls under the same conditions as the code itself in terms of how it can be accessed. Furthermore, all documentation should be able to be easily accessible entirely offline. All code and its extensions should be free to study, edit, and distribute without restriction. 3. **Availability, equality, and ease of use** The entire software should be available to everyone for installation. There should be no restriction or censorship on who, when, or where (geographically and digitally) the software can be installed. There should also be no discrimination on who is able to use the software. Same installations of the software should be identical for all users. The software should be easy to install and uninstall, and all traces of the software should be removed after installation. 4. **Free of cost** The entire software should be completely free of cost. There should be no free trials, no subscriptions, no paid portions, etc. There should also be no paid alternative to the software with added functionality (such as a "premium" tier) The full version of the software should be completely free to download, install, and use to its full functionality. 5. **Update availability and backwards compatibility** All software updates should be optional. No updates should be required, no matter how important. Users should not be bothered about updates besides a single notifier when an update is available. There should be clear options to select which portions of the software get updated, if any, how the software is updated, and clear descriptions of which portions are receiving updates. There should be no restriction of censorship about who receives updates. All updates should be identical for all users. An offline update capability should be implemented, for users to download an update separately and update the software in an offline environment. All older versions of the software should be available to rollback to, or to install fresh. 6. **Extension ease of use** Extensions and plugins should be available to create and install for the software. These extensions fall under the same conditions listed in this entire document. Extensions should be easy to create and implement into the software. There should be no moderation, restriction, regulation, or censorship on which extensions can be installed and used. 7. **Offline capabilities** The entire software should be able to function to its full capabilities in an entirely offline environment. No part of it should ever rely on external sources such as cloud servers, website pings, etc. There should be no limitation on the functionality of the software in an offline environment. 8. **Data control and interoperability** All user data stored by the software should be easy and free to be able to import, export, modify, delete, and transfer at all times. This functionality should be clearly implemented, with no added steps. Data should also be completely interoperable with other similar softwares. 9. **Account freedom and security** The software should never ask or force the creation of an account, identity verification, or any other form of authentication. All portions of the software should be completely accessible without any further verification. However, if a user decides to credential protect certain portions of the software for security reasons, credentials should be stored entirely locally and securely. 10. **Universal compatibility and freedom** The software should strive to be compatible with as many systems and devices as possible. There should be no restrictions on which operating systems or devices the software can be installed on besides what is not possible to do. For all installations, clear debug messages should be present for errors in the software, as well as an easy system to manage these error messages. 11. **Perpetual access** The software should be available to install and use in full perpetually. There should be no time limit to be able to access the full functionality of the software. Trial versions of the software are not allowed. Users should have perpetual and unrestricted access to the complete software. 12. **Optional legal agreements** Users should never be asked or forced into any legal agreements, contracts, terms of service, terms of use, privacy policies, etc. If it is absolutely necessary that any of those are included, there should be a clear and easy way to opt out completely from all parts of the agreement. Users should be fully opted out by default from any agreements, and users should be clearly aware of what they are opting into. The agreement should be written in a manner that can be easily understood, and in a manner that is clearly visible to the user. Users should be able to change their preferences afterwards, in an easy and clear way. 13. **Permissions** The software's permissions should be easily changeable. Permissions include access to devices such as microphone and webcam, access to certain folders and files, access to modify and delete files, etc. These permissions should be clearly listed, and no unnecessary permissions should be enabled by default. # Disclaimer Because I am terrible at writing, most of this was painstakingly generated using LLaMA 3.1 70B & 405B. Believe it or not, this was actually a lot of work. Not only did I have to give detailed enough explanations for it to give an output that aligned with my vision, but formatting and sorting each section took an insane amount of work. Not to mention hallucinations, outputs that did not fit the prompt, rate limiting, and multiple other issues. Finally, after months of planning, preparation, tweaking, and editing, I am happy with what has been created. # How to help Even though I am happy with what has been created, it is by no means perfect and needs a massive amount of human intervention to improve it. **Be nitpicky!** I want to make this something the community is happy with, and something that is free of flaws and loopholes. I am very open to feedback here, since this is not the final version. # The Philosophy ## Category: Open-Source and Licensing 1. **Open-Source Ecosystem:** The entire software ecosystem, encompassing the core codebase, as well as all supplementary components, modifications, and derivatives, should be transparently and freely accessible to anyone. This means that all extensions, add-ons, plugins, and integrations, regardless of their origin or purpose, should be developed and shared under open-source licenses. Similarly, any forks or variations of the original software should also be openly available, allowing the community to benefit from diverse perspectives and innovations. By embracing openness and collaboration, the software can evolve more rapidly, securely, and equitably, with the collective efforts of a global community driving its growth and improvement. 2. **Free and Open-Source License:** The software should be made available under a free and open-source license, allowing users to freely study, modify, and distribute the software. This means that the software should be released under a license that grants users the freedom to use, modify, and distribute the software, without any restrictions or limitations. The software should be made available in a format that is easily accessible and modifiable, such as source code, and should be accompanied by clear and concise documentation that explains how to use, modify, and distribute the software. The license should also allow users to create and distribute derivative works, such as modified versions of the software, and should not impose any restrictions on the use of the software for any purpose, including commercial use. By making the software available under a free and open-source license, the developers can promote collaboration, innovation, and community involvement, and can help to ensure that the software remains free and open for the benefit of all users. Additionally, the software should also be made available in a way that is accessible to people with disabilities, and should be designed to be usable by people with a wide range of abilities and needs. ## Category: Code Quality and Development 1. **Readability and Code Quality:** The code should be crafted with the utmost care for readability, making it effortless for humans to comprehend its intent, logic, and behavior. This means that the code should be written in a clear, concise, and consistent manner, using a syntax that is easy on the eyes. Variables, functions, classes, and other programmatic elements should be assigned descriptive and meaningful names that accurately convey their purpose and role, avoiding ambiguity and confusion. Additionally, the code should be liberally annotated with high-quality comments that provide context, explain complex concepts, and highlight key decisions, making it easier for developers to understand, maintain, and extend the codebase over time. By prioritizing readability, the code becomes a valuable resource for knowledge sharing, collaboration, and collective growth. 2. **Comprehensive Documentation:** The code should be accompanied by comprehensive, accurate, and up-to-date documentation that provides a complete understanding of its functionality, behavior, and underlying architecture. This documentation should include detailed explanations of each component, module, and interface, as well as usage examples, tutorials, and guides that facilitate easy adoption and integration. Furthermore, the documentation should be written in a clear, concise, and accessible manner, using language that is free from technical jargon and assumptions about prior knowledge. By providing thorough documentation, the code becomes a self-contained resource that empowers developers to quickly grasp its inner workings, troubleshoot issues, and make informed decisions about customization, extension, and maintenance. This, in turn, fosters a culture of transparency, collaboration, and continuous improvement, where the codebase serves as a shared knowledge base for the entire community. 3. **Modular and Extensible Architecture:** The software should be designed with a modular and extensible architecture, allowing users to customize and enhance its functionality through the use of extensions or plugins. This means that the software should provide a robust and well-documented API, as well as a plugin framework, that enables developers to create custom extensions that can interact with and modify the software's core functionality. The software should also provide a user-friendly interface for managing and installing extensions, making it easy for users to discover, download, and install new extensions. Furthermore, the software should be designed to allow extensions to be developed for all portions of the software, including the user interface, data processing, and core functionality. This will enable users to tailor the software to their specific needs and workflows, and will also enable developers to create specialized extensions that can be shared with the broader user community. By providing a robust extension framework, the software can become a platform for innovation and customization, allowing users to create a tailored experience that meets their unique needs and requirements. 4. **Transparent Development Process:** The development process for the software should be transparent and clear, with documentation for each step of the process. This means that the development team should maintain a publicly accessible repository of documentation, including design documents, meeting notes, and technical specifications, that provides a clear understanding of the development process and the decisions that are being made. The documentation should be up-to-date and accurate, reflecting the current state of the software and any changes that are being made. Additionally, the development team should provide regular updates on the development process, including blog posts, social media updates, and email newsletters, that keep users informed about what is happening and what to expect. Any outages or disruptions to the software should be clearly communicated to users, with explanations of what happened, how it is being fixed, and when the software is expected to be back online. The development team should also provide a clear and transparent process for reporting and tracking issues, with a publicly accessible bug tracker and a clear process for submitting and resolving issues. By providing transparent and clear documentation and communication, the development team can build trust with users and demonstrate a commitment to openness and accountability. ## Category: Deployment and Updates 1. **Uniform Deployment and Updates:** All users should receive the same version of the software, with identical features, functionality, and updates, regardless of their location, device, or usage patterns. This means that the software should be deployed and updated uniformly, without any hidden variations, experiments, or segmentations that could create unequal experiences or introduce unnecessary complexity. No user should be unwittingly enrolled in A/B testing, beta programs, or other forms of differential treatment that could compromise their experience or create uncertainty about the software's behavior. By maintaining a single, unified codebase and deployment process, the software can ensure consistency, reliability, and fairness for all users, while also simplifying testing, debugging, and support processes. This approach also helps to build trust and transparency with the user community, who can rely on a predictable and uniform experience across the board. 2. **Access to Previous Versions:** The software should maintain a comprehensive archive of all previous versions, making it possible for users to access, download, and install any earlier version of the software that meets their specific needs or preferences. This means that users should have the freedom to choose the version that works best for them, whether it's due to compatibility issues, feature requirements, or simply a preference for a previous user interface. Furthermore, the downgrade process should be straightforward and reversible, allowing users to seamlessly transition between versions without losing data, settings, or functionality. By providing unfettered access to previous versions, the software acknowledges that users have different needs and workflows, and empowers them to make informed decisions about their own software experience. This approach also demonstrates a commitment to user autonomy, flexibility, and choice, while also facilitating testing, debugging, and troubleshooting efforts by providing a clear and accessible version history. 3. **Optional Updates:** Updates to the software should be optional, with users having complete control over what updates are applied and when. This means that the software should provide a clear and transparent update process, with detailed information about what changes are being made, why they are necessary, and what benefits they will bring. Users should be able to select which updates to apply, and which to ignore, with the ability to easily opt-out of any update that they do not want. Furthermore, the software should provide a clear and easy-to-use interface for managing updates, with options for selecting specific updates to apply, viewing update history, and rolling back to previous versions if needed. The ability to easily undo any and all updates should be a key feature of the software, allowing users to quickly and easily revert to a previous version if an update causes issues or is not desired. This approach recognizes that users have different needs and preferences when it comes to updates, and provides them with the flexibility and control to manage their software experience in a way that works best for them. By making updates optional and providing clear selection and undo options, the software can help to build trust with users and ensure that they feel in control of their software experience. ## Category: Portability and Compatibility 1. **Portability and Compatibility:** The software should be designed to be maximally portable and compatible, with the goal of running seamlessly on a wide range of systems, hardware configurations, and architectures. This means that the software should be developed with a focus on platform independence, using technologies and techniques that enable it to adapt to diverse environments and ecosystems. Whether it's running on a desktop computer, laptop, mobile device, server, or embedded system, the software should strive to be compatible with various operating systems, processor architectures, and hardware platforms. By embracing this philosophy, the software can reach a broader audience, increase its utility and value, and provide a more inclusive and equitable experience for users across different technological contexts. This approach also promotes flexibility, resilience, and future-proofing, as the software can more easily adapt to changing technological landscapes and evolving user needs. 2. **Interoperability:** The software should be designed to be completely interoperable with other programs and systems, allowing users to seamlessly integrate it into their existing workflows and ecosystems. This means that the software should support open standards and formats, enabling users to easily import and export data, and exchange information with other applications and services. The software should also provide APIs, SDKs, and other integration tools, making it easy for developers to build custom integrations and extensions. Furthermore, the software should be compatible with a wide range of operating systems, devices, and platforms, ensuring that users can access and use it regardless of their technical environment. The software should also support multiple data formats, protocols, and interfaces, allowing users to easily integrate it with other systems and applications. By prioritizing interoperability, the software can provide users with a flexible and adaptable solution that can be easily integrated into their existing workflows, and can help to break down silos and promote a more connected and collaborative environment. Additionally, the software should also be able to work with other software and systems that are not yet known or developed, by using open and extensible architecture and protocols. 3. **Universal Accessibility:** The software should be designed to be universally accessible, available to everyone regardless of their location, nationality, age, sex, background, or any other characteristic. This means that the software should be free from any geographical, cultural, or linguistic barriers that could limit its accessibility. The software should be translated into multiple languages, and should be compatible with different operating systems, devices, and platforms to ensure that it can be used by people from diverse backgrounds and with varying levels of technical expertise. The software should also be designed to be accessible to people with disabilities, with features such as screen reader compatibility, high contrast mode, and keyboard-only navigation. Additionally, the software should be available to people of all ages, with a user interface that is intuitive and easy to use for both children and adults. The software should not discriminate against any individual or group based on their nationality, ethnicity, sex, or any other characteristic. By being universally accessible, the software can promote global understanding, collaboration, and equality, and can help to bridge the digital divide that exists between different communities and regions. ## Category: Security and Privacy 1. **Security:** The software should be designed with security as a top priority, incorporating the latest security standards, best practices, and technologies to protect users' data and prevent potential vulnerabilities. This means that the software should be built using secure coding practices, such as secure coding guidelines, code reviews, and static analysis, to minimize the risk of common web application vulnerabilities. Additionally, the software should be regularly audited and tested for security vulnerabilities, using both manual and automated testing techniques, to identify and address potential weaknesses. To further enhance security, the software should also implement a bug bounty program, which incentivizes security researchers to identify and report vulnerabilities, allowing the development team to quickly address and fix them. The software should also stay up-to-date with the latest security patches and updates, ensuring that any known vulnerabilities are promptly addressed. Furthermore, the software should use secure communication protocols, such as HTTPS and TLS, to protect user data in transit, and implement secure data storage practices, such as encryption and access controls, to protect user data at rest. By prioritizing security and continuously monitoring and improving its security posture, the software can provide users with a safe and trustworthy experience. 2. **User Privacy:** The software should be designed with a strong commitment to user privacy, ensuring that it does not collect, transmit, or store any personal data or usage information without the user's explicit consent. This means that the software should not include any telemetry or tracking mechanisms, such as analytics, crash reporting, or usage monitoring, that could potentially compromise the user's anonymity or reveal their behavior. The software should also avoid any form of data harvesting, profiling, or behavioral analysis, and should not share any user data with third-party services or advertisers. Furthermore, the software should provide users with complete transparency and control over their data, allowing them to easily inspect, modify, and delete any data that is stored locally on their device. By respecting user privacy and avoiding telemetry, the software demonstrates a commitment to trust, transparency, and user autonomy, and helps to protect users from the risks of data exploitation and surveillance. 3. **Privacy-Invasive Features:** The software should be designed with a strong commitment to protecting user privacy, ensuring that any feature or functionality that could potentially compromise user privacy is carefully evaluated and implemented in a way that prioritizes user control and consent. This means that any feature that could be considered privacy-invasive, such as data sharing, tracking, or profiling, should be explicitly opted-out by default, requiring users to actively choose to enable it if they wish to do so. Furthermore, the software should provide clear and transparent explanations of how each feature works, what data it collects, and how it is used, allowing users to make informed decisions about their privacy. Any feature that is deemed to be potentially privacy-invasive should be clearly labeled as such, and users should be provided with easy-to-use controls to disable or configure it to their liking. By prioritizing user privacy and providing transparent and granular controls, the software empowers users to take control of their own data and make informed decisions about their online activities. 4. **Anonymity:** The software should be designed to be completely anonymous, ensuring that users can interact with it without revealing their identity or providing any personal information. This means that the software should not collect, store, or transmit any data that could be used to identify the user, such as IP addresses, device fingerprints, or browser cookies. The software should also not request or require any form of identification, such as usernames, passwords, or email addresses, and should not prompt users to provide any personal information, such as names, addresses, or phone numbers. Furthermore, the software should be designed to operate independently of any external services or systems that may collect or store user data, ensuring that users can use the software without being tracked or monitored. By prioritizing anonymity, the software can provide users with a safe and private experience, allowing them to use the software without fear of surveillance, data collection, or identity theft. Additionally, the software should also be designed to resist any attempts to de-anonymize users, such as through traffic analysis or other forms of surveillance, by using techniques such as encryption, secure communication protocols, and decentralized architectures. 5. **Sandboxed Environment:** The software should be designed to operate in a sandboxed environment, where it is completely isolated from the rest of the system and cannot access or modify any sensitive data or system resources. This means that the software should be executed in a virtualized environment, such as a container or a virtual machine, that provides a strict separation between the software and the underlying system. The sandboxed environment should be configured to restrict the software's access to system resources, such as the file system, network, and hardware devices, and should prevent the software from making any changes to the system or its configuration. The software should also be designed to operate within the sandboxed environment, with no dependencies on external libraries or services that could potentially compromise the security of the system. By operating in a sandboxed environment, the software can provide a high level of security and isolation, preventing any potential security vulnerabilities or exploits from affecting the rest of the system. Additionally, the sandboxed environment should also provide a clear and transparent way to monitor and audit the software's activity, allowing users to easily track and understand what the software is doing and how it is interacting with the system. 6. **Granular Permissions:** The software should be designed with a robust and granular permissions system, allowing users to control exactly what data and functionality the software has access to. This means that users should be able to grant or deny specific permissions, such as camera access, file access, or location services, on a case-by-case basis. Furthermore, the software should only request the permissions that are absolutely necessary for its core functionality, and should not request extraneous permissions that could be used to collect unnecessary data or compromise user privacy. By default, all permissions should be turned off, and users should be required to explicitly opt-in to each permission before the software can access the corresponding data or functionality. This approach recognizes that users have different needs and preferences when it comes to data sharing and access, and allows them to tailor the software's behavior to their individual circumstances. The permissions system should also be transparent and easy to understand, with clear explanations of what each permission allows the software to do, and why it is necessary. By providing users with granular control over permissions, the software can demonstrate its commitment to user autonomy and data protection, and can help to build trust with its users. ## Category: User Experience 1. **Simplicity and Ease of Use:** The software should be designed with simplicity and ease of use in mind, making it accessible to users of all skill levels and backgrounds. This means that the software should be easy to install, with a straightforward and streamlined installation process that requires minimal user input. Once installed, the software should be intuitive to use, with a clear and logical interface that makes it easy for users to find and access the features and functions they need. The software should also be easy to uninstall, with a simple and complete removal process that leaves no residual files or settings behind. Updates should be seamless and automatic, with clear notifications and explanations of what changes have been made and why. Navigation within the software should be straightforward and intuitive, with no obscured or hidden menus or options. All features and functions should be clearly labeled and easily accessible, with no unnecessary complexity or clutter. The software should also provide clear and concise documentation and support resources, including user manuals, tutorials, and FAQs, to help users get the most out of the software and troubleshoot any issues that may arise. By prioritizing ease of use and simplicity, the software can reduce user frustration and anxiety, and make it easier for users to achieve their goals and accomplish their tasks. 2. **User-Friendly Agreements:** Any legal agreements or terms of service associated with the software should be designed to prioritize user autonomy and flexibility. This means that users should have the ability to opt out of specific or all parts of the agreement, and that opting out should be the default behavior. In other words, users should not be required to opt in to any terms or conditions, and should instead be able to choose which parts of the agreement they wish to accept or reject. This approach recognizes that users have different needs and preferences, and allows them to tailor their relationship with the software to their individual circumstances. By providing users with the ability to opt out of specific or all parts of the agreement, the software can demonstrate its commitment to transparency, fairness, and user empowerment. Furthermore, the software should also provide clear and concise language in its agreements, avoiding legalese and technical jargon that could confuse or intimidate users. The goal should be to create a legal framework that is fair, flexible, and user-friendly, and that prioritizes the needs and interests of users above all else. 3. **Efficiency and Performance:** The software should be designed to be efficient and optimized for performance, using only the necessary processing power and resources to accomplish its tasks. This means that the software should be written with a focus on minimizing computational overhead, reducing unnecessary computations, and optimizing data structures and algorithms for speed and efficiency. The software should not intentionally introduce lag or delay, nor should it use more processing power than necessary to discourage certain behaviors or to create a perceived sense of complexity. Instead, the software should strive to provide a seamless and responsive user experience, with fast and efficient performance that allows users to complete their tasks quickly and easily. The software should also be designed to adapt to different system configurations and hardware capabilities, ensuring that it runs efficiently on a wide range of devices and platforms. Furthermore, the software should be designed to minimize its impact on system resources, such as memory and CPU usage, and should not consume excessive amounts of power or battery life. By prioritizing efficiency and performance, the software can provide a better user experience, reduce frustration and annoyance, and help to minimize the environmental impact of computing. ## Category: User Control and Autonomy 1. **Perpetual Access:** Users should have the freedom to access and utilize the software to its fullest potential, without any artificial restrictions, limitations, or time constraints. This means that the software should not be designed with expiration dates, subscription-based models, or other mechanisms that could potentially limit its use or functionality over time. Once a user has obtained the software, they should be able to continue using it, without interruption or degradation, for as long as they see fit. The software should not be subject to vendor lock-in, forced upgrades, or other forms of coercion that could compromise the user's autonomy or freedom to choose. By granting users perpetual access to the software, the developers acknowledge that the user has invested time, effort, and resources into learning and utilizing the software, and that they should be able to reap the benefits of that investment without fear of interruption or loss of functionality. 2. **Offline Capability:** The software should be designed to function fully and independently in an offline environment, without relying on a constant internet connection to operate. This means that all core features, functionality, and data storage should be self-contained within the software, allowing users to work, create, and interact with the software without any dependency on external networks or servers. Unless a specific feature or module explicitly requires an internet connection to function (e.g., online collaboration, cloud syncing, or data fetching), the software should be able to operate seamlessly in offline mode, without any degradation or loss of functionality. By prioritizing offline capability, the software ensures that users can work efficiently and effectively, even in areas with limited or no internet connectivity, and that their productivity and workflow are not disrupted by network outages or connectivity issues. 3. **User Data Control:** Users should have complete control over their data, with the ability to easily import, edit, delete, and export all of their data in a format of their choice. This means that the software should provide a straightforward and intuitive interface for managing data, with clear and concise options for importing data from other sources, editing existing data, deleting data that is no longer needed, and exporting data to other applications or formats. The software should also support a wide range of data formats, including CSV, JSON, XML, and others, to ensure that users can easily exchange data with other applications and services. Furthermore, the software should provide users with the ability to customize the data import and export process, with options for selecting specific data fields, filtering data, and transforming data into different formats. The software should also provide users with a clear and transparent view of their data, with options for viewing data in different formats, such as tables, charts, and graphs. By providing users with complete control over their data, the software can empower users to manage their data in a way that meets their needs, and help to build trust and confidence in the software. 4. **User Content Ownership:** Users should have complete ownership and control over any content created or generated by or using the software. This means that users should be able to export, share, and use their content in any way they see fit, without any restrictions or limitations imposed by the software or its developers. The software should not claim any ownership or rights to user-generated content, and should not use such content for any purpose without the user's explicit consent. Users should be able to export their content in a format that is compatible with other software and platforms, and should be able to use their content for any purpose, including commercial use. The software should also provide users with the ability to delete their content at any time, and should ensure that all user-generated content is stored securely and in accordance with the user's preferences. Furthermore, the software should be designed to ensure that users' content is not used for any purpose that is not explicitly authorized by the user, and should provide users with clear and transparent information about how their content is being used and shared. By giving users complete ownership and control over their content, the software can promote creativity, innovation, and freedom of expression, and can help to build trust and confidence in the software and its developers. 5. **Complete Uninstallation:** When the software is uninstalled, it should be completely and thoroughly removed from the user's system, leaving no residual files, folders, registry entries, or other remnants behind. This means that the uninstallation process should be designed to delete all files, settings, and data associated with the software, including any configuration files, cache files, and other temporary files that may have been created during use. The software should also remove any registry entries, system hooks, or other system modifications that were made during installation, restoring the system to its original state. Furthermore, the software should not leave behind any hidden or obscure files or folders that could potentially be used to track or monitor the user's activities. The uninstallation process should be transparent and straightforward, with clear notifications and progress updates to let the user know what is happening. Once the uninstallation is complete, the software should be completely gone, with no lingering presence or influence on the system. By ensuring a complete and thorough uninstallation, the software can demonstrate its respect for user autonomy and system integrity, and help to maintain a clean and organized system. 6. **Decentralized Operation:** The software should be designed to operate in a decentralized manner, where no single central server or authority controls the flow of data, updates, or functionality. Instead, the software should be able to function autonomously, leveraging peer-to-peer networks, distributed architectures, and decentralized protocols to enable users to interact, share, and collaborate without relying on a single point of failure. This means that the software should be capable of self-organization, self-healing, and self-updating, using mechanisms such as blockchain, distributed hash tables, or other decentralized technologies to ensure its continued operation and evolution. Furthermore, the software should provide a decentralized means of distribution, allowing users to download and share the software using peer-to-peer networks, such as BitTorrent, or other decentralized file-sharing protocols. By decentralizing both the software's operation and distribution, users can enjoy greater autonomy, resilience, and freedom, while also promoting a more open, inclusive, and community-driven development process. ## Category: Community and Cost 1. **Community-Driven:** The software should be designed to be community-driven, with a decentralized governance model that allows for collective decision-making and shared ownership. This means that the software should not be controlled by a single entity, such as a corporation or individual, but rather should be maintained and developed by a community of users and contributors. The community should have a say in the direction and development of the software, with opportunities for feedback, suggestions, and participation in decision-making processes. The software should also have extensive community support, with a strong and active community of users, developers, and contributors who can provide help, guidance, and resources to one another. This can include online forums, social media groups, documentation, and other resources that facilitate communication and collaboration. By being community-driven, the software can ensure that it remains free from corporate or individual interests, and is instead guided by the needs and values of its users. This approach can also help to foster a sense of ownership and responsibility among community members, who can work together to maintain and improve the software over time. 2. **Cost-Free:** The software should be completely free of cost, with no fees, charges, or subscriptions required to use it. This means that the software should be available for download and use without any financial obligation, and that users should not be required to pay for any features, updates, or support. Furthermore, the software should not have any paid or premium alternatives, such as "pro" or "enterprise" versions, that offer additional features or functionality for a fee. Instead, the software should be a single, unified product that is available to all users at no cost. By being entirely free of cost, the software can be accessible to a wider range of users, including those who may not have the financial resources to pay for software. This can help to promote digital inclusion and equality, and can also help to ensure that the software is used for the benefit of all users, rather than just those who are willing or able to pay for it. Additionally, the software should also be free from any advertising, sponsored content, or other forms of monetization that could compromise the user experience or create conflicts of interest. 3. **No Account Requirement:** The software should never require users to create an account or provide any personal information to use its full functionality. This means that users should be able to download, install, and use the software without ever being prompted to sign up, log in, or provide any identifying information. The software should be designed to operate independently, without relying on any external services or systems that require user authentication. Furthermore, the software should not use any tracking or analytics mechanisms that could be used to identify or profile users, even if they choose not to create an account. By not requiring an account, the software can provide users with a truly private and anonymous experience, free from the risks of data collection, profiling, and targeted advertising. This approach also respects users' autonomy and freedom to use the software without being forced to surrender their personal data or create a digital identity. The software should be designed to work seamlessly without an account, providing users with the same level of functionality and performance as if they had created an account. # Explanations You may be wondering about why I added certain things I did. Here are a few: 1. Readability and Code Quality: This is to prevent obfuscation or other things that prevent open source code from being easily readable and modifiable. It also means you can't release a compiled program and call it open source. 2. Modular and Extensible Architecture: Things like sideloading exist so that developers don't create a monopoly on proprietary-in-nature ways to change or extend software. 3. Uniform Deployment and Updates: Lots of companies (Google and Meta, to name a couple) will release slightly different versions of software to different people as a way to collect usage data for different designs and code adjustments. YouTube has also released a tool to do this with thumbnails. While I see the benefit, I personally do not agree with the idea that different users should be running different types of the same software. 4. Sandboxed Environment: Lots of software (such as games with anticheat) require you to run it in an unsandboxed environment and abuse those rights to gain privacy invasive access to the system 5. Efficiency and Performance: This section is due to one of my own personal experiences. Before I started my privacy journey, I had gotten a brand new flagship phone and installed Instagram on it. Instagram should have no problem running on the latest and greatest of devices. I noticed in a convoluted menu where you could set ad preferences, whenever I tried to change (manually, one by one, for each ad category) my ad preferences, my phone would get extremely hot and start slowing down until I exit the menu or closed the app. While I can't confirm, I can absolutely see motive for them to intentionally make the device commit digital suicide when you try to grasp any shred of privacy, and even if that isn't what happened, I don't like the possibility. # Thank you! Thank you all for taking the time to read through my philosophy. It took a lot of time and effort to create, and I hope I can make it better for everyone!

Privacy Charger8232 • 2 months ago • 95%

A while ago I reached a point in my privacy journey where I simply felt bored. It's not a result of going too far in privacy, but simply my threat model has caused me to let go of a lot of things that used to entertain me (games, movie streaming, short form video, etc.) The entertainment landscape in privacy seems pretty bleak, since you no longer own the movies you watch, the games you play, and lots of proprietary software along the way. I entertain myself through FreeTube, physical copies of movies, and offline installations of games like Minecraft, but it's still a step down from how it used to be. What do you do to keep yourselves entertained in a privacy conscious way?

Privacy Charger8232 • 3 months ago • 94%

I was researching WebMail providers, and noticed that most WebMail providers recommended in privacy communities are labelled as proprietary by [AlternativeTo](https://alternativeto.net/). I made a list of WebMail providers, private or not, to see which ones were actually open source: ### Proprietary [AOL Mail](https://mail.aol.com/): Free [Cock.li](https://cock.li/): Free [CounterMail](https://countermail.com/): Paid [Fastmail](https://www.fastmail.com/): Paid [GMX Mail](https://www.gmx.com/mail/): Free [Gmail](https://gmail.com): Free [HEY Email](https://www.hey.com/): Paid [Hushmail](https://www.hushmail.com/): Paid [iCloud Mail](https://www.icloud.com/mail): Free [Mail.com](https://www.mail.com/): Free [Mailbox.org](https://mailbox.org): Paid [Mailfence](https://mailfence.com): Freemium [Outlook.com](https://outlook.com): Freemium [Posteo](https://posteo.de/en): Paid [Rediffmail](https://businessemail.rediff.com/): Paid [Riseup](https://riseup.net/): Free [Runbox](https://runbox.com/): Paid [Soverin](https://www.soverin.com/): Paid [StartMail](https://www.startmail.com/): Paid [Yahoo! Mail](https://mail.yahoo.com): Freemium [Yandex Mail](https://mail.yandex.com): Freemium [Zoho Mail](https://www.zoho.com/us/mail/): Freemium ### Open source [Criptext](https://www.criptext.com/): Free [Disroot](https://disroot.org/en/services/email): Free [Forward Email](https://forwardemail.net/en): Freemium [Infomaniak kMail](https://www.infomaniak.com/en/hosting/service-mail): Freemium [Kolab Now](https://kolabnow.com): Paid [Lavabit](https://lavabit.com/): Paid ~~[Mailpile](https://www.mailpile.is/): Free~~ [Proton Mail](https://proton.me/mail): Freemium ~~[Roundcube](https://roundcube.net/): Free~~ [Skiff/Notion](https://skiff.com/): Freemium [Tuta](https://tuta.com): Freemium Unless I'm missing something, it seems like people overlook this when deciding on WebMail providers. Is it a distinction between a proprietary backend server and a proprietary app, or is there a different way to decide if a WebMail provider is proprietary vs. open source? Lavabit was labelled proprietary by AlternativeTo, but open source by Wikipedia. # Note If I have labelled an open source WebMail provider as proprietary by mistake, please provide evidence by linking to the source code, and I will happily change it.

Privacy Charger8232 • 4 months ago • 100%

[Previous post](https://lemmy.ml/post/16266328) Raivo launched another update today with the following message: > Dear users, > > We apologize for the issues caused by our recent update. Please be assured that we are working around the clock to find a solution for this situation. In this version, we have implemented a temporary fix that enables the import and export feature. > > If you receive a prompt asking you to choose between offline backup or iCloud, please select iCloud and enter your MASTERKEY. This will allow you to recover all of your codes. > > We are still working and conducting thorough testing to determine how we can resolve this issue. We appreciate your patience. > > Best regards, Unfortunately I did not sync my app to iCloud previously due to distrust with Apple, which I acknowledge is entirely my fault. This means I was not able to recover my codes. I suggest using [2FAS](https://2fas.com/) instead of Raivo. I've used it for 9 months and had no issues whatsoever. Edit: [@pr0927@lemmy.world](https://lemmy.world/u/pr0927) has also recommended [ente](https://ente.io/auth/) [@emptyfish@beehaw.org](https://beehaw.org/u/emptyfish), luck is in your favor.

Privacy Charger8232 • 4 months ago • 98%

I'm looking for a way to have a private method for Tap to Pay on GrapheneOS. Ideally I would like compatibility with privacy.com, and if possible have the option for Monero. I don't mind going through an exhaustive setup process. What are my options? Edit: The point of this is **not** for convenience, I am trying to avoid using my standard credit/debit card to provide privacy against my bank by using privacy.com or Monero when cash is unavailable.

Privacy Charger8232 • 4 months ago • 98%

9 months ago, [Raivo OTP for iOS was sold to Mobime](https://lemmy.ml/post/4955157). Raivo was hailed highly in terms of privacy, but was dethroned to 2FAS Auth after that incident. Today, Raivo launched an update, and after updating **all of my entries were completely wiped.** I didn't have a backup, but even if I did you now have to pay in order to import/export TOTP codes. No thank you. If you haven't already, create a backup **right now** for all of your 2FA apps, even if you think it won't break.

Privacy Charger8232 • 4 months ago • 100%

I never want to get a smart TV, but I found [this exact TV](https://www.bestbuy.com/site/toshiba-32-class-led-hd-smart-firetv/6398132.p?skuId=6398132) (Toshiba FireTV) on the side of the road and decided it would be a fun project to try enhancing its privacy as much as I can. It did not come with the remote or any other accessories besides the TV, so if there is any way to pair an iPhone/Pixel as a remote that would also be good. Is there any way to replace the software with something open source, and anything else I can try? Thank you all!

Privacy Charger8232 • 4 months ago • 95%

This is [half a decade old news](https://www.consumerreports.org/electronics-computers/privacy/federal-agencies-use-dmv-photos-for-facial-recognition-a1704098825/), but I only found this out myself after it accidentally came up in conversation at the DMV. The worker would not have informed me if it hadn't come into conversation. Every DMV photo in the United States is being used for AI facial recognition, and nobody has talked about it for years. This is especially concerning given that citizens are recently being required to update their ID to a "[Real ID](https://www.dhs.gov/real-id)," which means more people than ever before are giving away the rights to their own face. The biggest problem with privacy issues is that people talk about it for a while, but more often than not nothing ever happens to fix the problem, it simply gets forgotten. For example, in the next few years Copilot will simply become a part of people's lives, and people will slowly stop talking about the privacy implications. What can we even do to fight the privacy practices of giants?

Privacy Charger8232 • 4 months ago • 97%

In an effort to increase my privacy, I decided to buy a Pixel phone second hand to use with GrapheneOS. Due to some miscommunications, the phone ended up being carrier locked with T-Mobile. GrapheneOS's own website advises against buying carrier locked phones in order to avoid the hassle of carrier unlocking it. I assumed that even if the support staff was unaware about OEM unlocking, I would at least be able to fairly effortlessly get the device carrier unlocked because it was bought second hand. My first call was to the T-Mobile support center, and the representative wanted the phone number of the device in order to unlock it. The device had no phone number, so we instead tried the IMEI. I was told that the IMEI was invalid because it was not the correct number of characters, and was told that there was nothing they could do without physical access to the device. As expected, the representative had never heard of OEM unlocking. My next stop was at a T-Mobile store, to seek help there. The staff member there was very helpful and, despite not knowing what OEM unlocking was, was very aware of how to handle the situation regardless. He made a call to T-Mobile support (which has a different process if you are a staff member) and explained the situation to them. Here is where things get interesting: T-Mobile had the ability to carrier unlock the phone, and had enough information to prove the device was mine, but refused to carrier unlock it because it has to be done by the original account holder. They wouldn't give any information about how to contact the original account holder, which is reasonable. The in-person representative told me that if I was able to find a phone number linked with the original account holder that they would be able to do more, but after trying for over an hour to find any contact information with the seller, I couldn't find anything. The in-person representative decided to try calling support one more time, and even went out of his way to try lying to the support team on my behalf, just to see what could be done. After hanging up the phone, he told me that T-Mobile gave me 2 options: 1. Return the device entirely and buy a different one 2. Pay for T-Mobile for an entire year AND pay a $100 service fee That's like telling someone they have to pay a year of rent before they can even step foot in a house they already paid for, and then pay $100 to get the doors unlocked. I knew it would be a bit of a process to get it carrier unlocked, but I didn't realize it would take me *four hours* to be told I had to pay T-Mobile for a *year* to be able to access a device *I paid for*. I even tried using [T-Mobile's own app](https://www.t-mobile.com/support/tutorials/device/google/pixel-8/topic/settings/mobile-device-unlock) to unlock the device, but the app is not functional as many reviewers have also noted. Thankfully the seller accepted free returns, so the story has a happy ending, but any consideration of buying a carrier locked phone before has since evaporated. It is truly dystopian how we live in a world where companies are allowed to get away with stuff like that, and yet people still give away their money and freedom to these companies.

Privacy Charger8232 • 4 months ago • 98%

Having used iOS my entire life, the switch to GrapheneOS will be a big change. I have learned over the past year about Android, GrapheneOS, and apps to use. I managed to find most of the apps I was looking for, but there are some I struggled with. I had trouble finding privacy respecting, open source apps for the following categories (I've listed what apps I did find, but want to see if there are better alternatives.) * **Local AI:** For AI I was able to find [MLC LLM](https://github.com/mlc-ai/binary-mlc-llm-libs/releases), but the iOS version is a bit broken so I'm unable to confirm if it's what I'm looking for. I want something capable of running Llama 3. This was by far the hardest category to find an app for. * **Backup:** I found [Neo Backup](https://f-droid.org/packages/com.machiav3lli.backup/) and [Seedvault](https://github.com/seedvault-app/seedvault). I want to be able to backup files, photos, app data, etc. * **IDE:** I was only able to find [Neovim](https://github.com/neovim/neovim/blob/master/INSTALL.md#android) (which I'm not even sure is an IDE). I primarily code with Python (but also code in Java as well as others), and I want to be able to run quick scripts when I'm out and about. * **Torrent:** While torrenting on a phone isn't necessary, it has certain scenarios when it's useful. If this is a major hole in privacy and security, I don't mind leaving this off my list. I found [LibreTorrent](https://f-droid.org/packages/org.proninyaroslav.libretorrent/) as an option. * **Local file sharing:** This is one I'm most curious about. I want a way to share files between my Linux computer and phone. [LocalSend](https://f-droid.org/packages/org.localsend.localsend_app) and [Warpinator](https://warpinator.com/) seem to be tied as far as popularity, maybe I can get some insight here. I want it to be strictly over the local network. * **Network monitoring:** This is nice to have for a variety of reasons. I want something like Wireshark for Android. I couldn't find many great options, but I found [Vernet](https://f-droid.org/packages/org.fsociety.vernet/). * **eBook reader:** I'm sure the option I picked here is fine, but I wanted a second opinion about [Libera Reader](https://f-droid.org/packages/com.foobnix.pro.pdf.reader/). * **Terminal:** I've heard a lot of different opinions for terminal emulators for Android, so please put up a good case for whichever one I should go with. [Neovim](https://github.com/neovim/neovim/blob/master/INSTALL.md#android) is apparently (technically?) a terminal emulator. I'm increasingly confused about what Neovim actually is. I also found [Termux](https://f-droid.org/en/packages/com.termux/) and I eventually found too many options to find a clear choice. * **Movies:** Because many movie streaming services are privacy invasive, I'm looking for an ethical way to watch movies. I found [Stremio](https://www.stremio.com/downloads) which I have never heard of before. This isn't a topic that gets covered very often. I am aware of [AlternativeTo](https://alternativeto.net/), and it's what I used to find some of these trickier apps, but nothing beats hearing first hand experiences. Thank you all for your help!

Privacy Charger8232 • 5 months ago • 96%

Inspired by [this post](https://lemmy.ml/post/14688671), I decided to see if I could identify any single points of failure in my own setup. # Prerequisites There are two notable systems that should be mentioned: #### [The 3-2-1 rule](https://en.wikipedia.org/wiki/Backup#Storage) The 3-2-1 rule can aid in the backup process. It states that there should be at least 3 copies of the data, stored on 2 different types of storage media, and one copy should be kept offsite, in a remote location (this can include cloud storage). 2 or more different media should be used to eliminate data loss due to similar reasons (for example, optical discs may tolerate being underwater while LTO tapes may not, and SSDs cannot fail due to head crashes or damaged spindle motors since they do not have any moving parts, unlike hard drives). An offsite copy protects against fire, theft of physical media (such as tapes or discs) and natural disasters like floods and earthquakes. Physically protected hard drives are an alternative to an offsite copy, but they have limitations like only being able to resist fire for a limited period of time, so an offsite copy still remains as the ideal choice. #### [The factors of authentication](https://en.wikipedia.org/wiki/Authentication#Authentication_factors) The ways in which someone may be authenticated fall into three categories, based on what is known as the factors of authentication: something the user knows, something the user has, and something the user is. Each authentication factor covers a range of elements used to authenticate or verify a person's identity before being granted access, approving a transaction request, signing a document or other work product, granting authority to others, and establishing a chain of authority. Security research has determined that for a positive authentication, elements from at least two, and preferably all three, factors should be verified. The three factors (classes) and some of the elements of each factor are: 1. Knowledge: Something the user knows (e.g., a password, partial password, passphrase, personal identification number (PIN), challenge–response (the user must answer a question or pattern), security question). 2. Ownership: Something the user has (e.g., wrist band, ID card, security token, implanted device, cell phone with a built-in hardware token, software token, or cell phone holding a software token). 3. Inherence: Something the user is or does (e.g., fingerprint, retinal pattern, DNA sequence (there are assorted definitions of what is sufficient), signature, face, voice, unique bio-electric signals, or other biometric identifiers). # What KeePassXC offers [KeePassXC](https://keepassxc.org/) is an open-source cross-platform password manager. It mainly stores password databases locally, but [you can simply store the file on the cloud for cloud sync](https://keepassxc.org/docs/#faq-cloudsync). However, this method is botch-y at best, and adds the additional complexity of storing the credentials for the cloud drive. The database can be protected with any of the following: **Password**: This is something the user knows. It can be a password or a passphrase. This can be written down to become something the user has physically, or stored in a file to become something the user has digitally. Storing it in a file is generally not safe due to temporary file leaks. **Key File**: This is something the user has. This is stored digitally. This file should either be kept on a separate drive, encrypted with something like LUKS or [VeraCrypt](https://veracrypt.fr/en/Home.html), or both. It is possible to convert it to readable text and print it as a physical copy, but reversing the process every time you want to unlock your database would be cumbersome. **Hardware Key**: This is something the user has. This is stored physically. You can use hardware security keys such as the [YubiKey](https://www.yubico.com/) or [OnlyKey](https://onlykey.io/) for this. **Quick Unlock**: This is something the user is. [Quick Unlock](https://keepassxc.org/docs/KeePassXC_UserGuide#_quick_unlock) is only available on Windows and macOS as a form of biometric authentication. It is only available for devices that have a built-in biometric scanner, or by using an attachable biometric scanner. There is most likely a way to achieve this on Linux, but the documentation is scarce. Any combination of these methods can be used to protect a KeePassXC database. At least one must be used. However, if you use multiple methods, all of them must be used to unlock the database (e.g. if you set up a password and a key file as the methods to unlock the database, you can't only use the password or only use the key file to unlock it, you must use both.) # The problems Each method has a single point of failure, and the fact that you can't set up multiple methods of authentication but choose one to unlock the database means that the more methods you choose to protect your database with, the likelier it will be that one method fails. **Password**: This can be forgotten, lost or stolen from a piece of paper (if it's written down), keylogged or [shoulder surfed](https://en.wikipedia.org/wiki/Shoulder_surfing_(computer_security)), leaked through temporary files or stolen (if it's stored digitally), corrupted or permanently encrypted (if it's stored digitally), have the drive physically lost or stolen (if it's stored digitally), unconsciousness (if you only stored it mentally and needed someone else to unlock it for you), or forced our of you with torture. **Key File**: This can be leaked through temporary files (if not stored properly), hacked and stolen, corrupted, permanently encrypted (if you are unable to decrypt it), or have the drive physically lost or stolen. **Hardware Key**: This can be damaged, stolen, or lost. **Quick Unlock**: This can be spoofed (if not set up properly), damaged, general failure to authenticate, damage to you (e.g. facial damage in a fire), or hacked with [zero-day vulnerabilities](https://en.wikipedia.org/wiki/Zero-day_vulnerability) (since Windows and macOS are proprietary). If any one of these fails, the database is permanently locked. # Some solutions There are some improvements that you can use to mitigate some of the single points of failure. All methods of authentication can be redone if something happens, but you need to unlock the database to do so (e.g. you can change your database password if it gets leaked, but you need to be able to unlock the database first, so it doesn't help if you lose your password). **Password**: You can store your password using something like a [password card](https://www.passwordcard.org/en). Passphrases are also easier to remember than passwords. Both passwords and passphrases can be safely written down on paper by [enciphering](https://en.wikipedia.org/wiki/Cipher) them first. However, this introduces new complexities and single points of failure if you are unable to decipher the password. **Key File**: The use of the 3-2-1 rule can help make sure the key file never gets lost, but extra care should be taken to make sure the file never gets stolen. **Hardware Key**: You can set up multiple hardware security keys in order to make sure if one gets lost you can use the other. One key should be kept with you at all times, and the other should be safely stored somewhere else (such as a safe deposit box). **Quick Unlock**: I have never used this feature, but assuming it's anything like FaceID, you should set up multiple people (such as trusted friends and loved ones) to be able to unlock with biometrics. This ensures that if something happens to you, someone else can unlock it in an emergency or other reasons you may need someone to unlock it for you. # Plugins While I may be wrong, [KeePassXC does not support plugins directly](https://keepassxc.org/docs/#faq-general-plugins). Ideally you should be able to have plugins for things such as proper cloud sync, TOTP database protection, and changing the all-or-nothing nature of unlocking the database. However, since KeePassXC is open source, someone could make a fork of KeePassXC that supports plugins (please, call it KeePlugXC). # Database syncing Besides not being able to unlock your database, your database file itself is largely subject to the same single points of failure as a key file. The difference is the database is completely encrypted, and is safe (although not ideal) if it gets leaked. You can store your database in as many places as you'd like, to make sure it never gets corrupted, but the issue is syncing the database as that would be a manual task. The solution presented is the botched cloud storage, but for those who want a local solution, that is not ideal. # Final notes and questions KeePassXC is very feature rich, so there are other things that can be used to aid the process of preventing database lockouts; but even so, it's a very difficult task. How is your KeePassXC database set up? Are there any single points of failure? How have you fixed some of the issues listed here? Is there a perfect or near-perfect system for eliminating lockouts?

Privacy Charger8232 • 5 months ago • 92%

I've noticed that ads are absolutely everywhere, and wanted to post this to disillusion some of the places we see ads but don't realize. It would be harder to make a list of places you *don't* see ads. # Websites The most common place to see ads is on nearly every website you visit. It's usually the most intrusive, especially with popups. # Books The very end page of books and back cover of books will often advertise books written by the same author. # Billboards Billboards along busy streets and highways often display static or moving ads. A notable mention is its role in the book Fahrenheit 451, where it was theorized that as cars get faster ads would have to be stretched out so people can see them better at high speeds. # Operating systems Some Android operating systems, as well as Windows, show ads in a non intrusive way. # Apps Especially mobile games, ads will be displayed anywhere possible, and sometimes used as a reward system. Social media apps display ads while scrolling, and even messaging apps will have some sort of promotion like requesting donations. # Mail Deemed "junk mail", companies will collect and sell the address of residents in order to send useless advertisements to the residents. This can't usually be opted out of. In my opinion, this should be illegal. # Phone calls Especially when put on hold, businesses will interject occasional advertisements in between the low quality jazz music. Customer support will also often advertise products to you while you are being assisted. # Newspapers Newspapers have entire pages filled with ads. Some of these are promotional coupons that can be used to get overpriced products for a regular price. # Magazines Magazines are fundamentally only used to advertise products in a passive way. The chances you actually have a meaningful experience with a magazine are slim. They are often placed in waiting rooms as a form of entertainment for people who don't want to use a phone at the time. # Music Between songs in radio broadcasts, long ad breaks will be placed. Music streaming services will also inject ads between songs. Even the hosts of podcasts will have sponsorship segments. # Disk movies DVD and Blueray disks will often come with ads baked in to advertise "upcoming" movies. That is, until 10 years passes and Peter Pan becomes a funny ad to see. # Movie theaters Between movie showings, movie theaters will display long ad segments while you wait for the movie to begin. Some very long movies are even split in half, with an ad break in between for you to empty your wallet and refill your popcorn. # Bleachers In sporting events, moving ads will be displayed under bleachers. Fun fact, these ads change depending on which channel you are watching the game from. # Commercials Between live television, you will get 1-3 minutes of commercials and then watch the shortest segment of your actual show. # Baked into videos Videos such as YouTube videos will have sponsorships and self-promotion baked in, causing the drastic rise of SponsorBlock. # Torrents Some torrented files will also have text or image files attached advertising other torrenting services. # Vehicles Buses, vans, cars, and others are often plastered with ads for different services. If you're in a car wreck, call emergency services first, not an auto repair shop. # Social media Social media is one of the go-to methods of marketing. Besides the ads you see while doom scrolling, many pictures and videos uploaded will simply be ads for products. # [Gas stations](https://lemmy.ml/post/14126942) Plastered all over gas stations, and apparently displayed on some gas pump screens, ads are placed everywhere. Is that not more of a fire hazard than eight closely packed gasoline tanks? # Posters Pasted inside schools, workplaces, plastered on power poles and sides of buildings, posters are cheap to make and placed everywhere. # Instruction manuals When buying a product, besides impossibly small print, some instruction manuals will have ads pasted in certain sections. Some devices like mice, keyboards, and headphones advertise proprietary software required to get the full extent of your product. # Wearables T-Shirts, pins, bracelets, hats, and all other kinds of merch will display company names for everyone to see. Ironically, companies see these kinds of clothing as inappropriate attire on the job. # Pens Another kind of merch, nearly every free pen has the name and contact info of businesses on it. # Redirects to downloads Some websites will redirect you to ad websites before beginning your download. Lots of these websites (such as the infamous AdFly) are malicious and will encourage you to download malicious software. # Grocery stores Solicitors in store, ads during checkout, product placement all throughout the store, ads over the intercom, nearly every type of ad imaginable can be found in grocery stores. # Speakers on public transport Some subways and buses will play ads over the speakers while you travel. No napping on the bus, we want you awake to hear our ads! # Emails Spam emails are frequently sent to people, so commonly an entire folder is dedicated to housing them. Even places you legitimately gave your email to will send you spam. # Comments and chat messages People will often self promote their accounts on various platforms. This is a common place for scams to arise. # Solicitors Solicitors will come on your private property just to sell their products to you. Just when you thought ads could never come knocking on your doorstep, they did. # Lawns Lawn signs for services such as lawn care or political messages will be placed on people's property as a form of willing advertisement. Flowers look a lot better than rust and plastic. # Airplanes Some airplanes will pull long banners with ads behind them. This is usually surrounding sporting events. # Brand names Products produced by any company will have brand names on them. This makes it easy for advertising to flow through word-of-mouth. But seriously, where *did* you get that shirt from? # Search engines Almost all search engines will display ad websites before legitimate search results # This post Even this post had an advertisement in it that I bet most of you missed. I passively advertised "SponsorBlock" under "Baked into videos". If you missed it, that's ok. Advertising has become so common that people have become desensitized to it.

Privacy Charger8232 • 6 months ago • 98%

www.theverge.com

Not sure which news website I should be using for the link, sorry! I'm happy to change it if anyone has a better one. > Google agreed to destroy or de-identify billions of records of web browsing data collected when users were in its private browsing “Incognito mode,” according to a proposed class action settlement filed Monday. > The proposal is valued at $5 billion, according to Monday’s court filing, calculated by determining the value of data Google has stored and would be forced to destroy and the data it would be prevented from collecting. Google would need to address data collected in private browsing mode in December 2023 and earlier. Any data that is not outright deleted must be de-identified.

Privacy Charger8232 • 6 months ago • 96%

I'm concerned about the privacy implications of DNA testing services like 23andMe or AncestryDNA. What are the potential risks of sharing our genetic data with those companies, and are there any privacy-focused alternatives available?

Privacy Charger8232 • 6 months ago • 96%

Hello! My knowledge about DNS resolvers is somewhat limited. So, in an effort to expand my knowledge and find a DNS resolver that works for me, I've come for help here. Here is a list of terminology that I either know too little about, don't know anything about, or want to make sure my understanding is correct about: **Cleartext** (What does this mean in the context of protocols? Is it inherently bad?) **DoH** (I somewhat understand this, but is it less secure than DoT?) **DoH/3** (How is this different from DoH?) **DoT** (Is this more private than DoH?) **DoQ** (I don't know enough about this, how does it compare to DoH and DoT?) **DNSCrypt** (I'm not sure what this is.) **Do53** (I'm not sure what this is. Is it a replacement for DoH/DoT/DoQ, or does it work alongside it?) **DNSSEC** (I don't know what this is.) **EDNS padding** (I'm pretty sure I know what this is, it just pads DNS queries. What happens if "Cleartext" is used, does it still pad it?) As for what I'm looking for in a DNS resolver: I don't plan to self host it, I would like support for iOS, Linux, and Android, I would like it to be free, I would like EDNS padding, DoH is preferred (although I don't quite understand the alternatives). I am aware that the DNS resolver will usually be the same as my VPN. Note: I'm not looking for a beginner DNS resolver, I've been using NextDNS for a while now, I'm looking for one with strict privacy and security. I've tried looking at [Privacy Guides](https://www.privacyguides.org/en/dns/#recommended-providers) and [Wikipedia](https://en.wikipedia.org/wiki/Public_recursive_name_server), but I don't know enough to make an educated decision. Any suggestions? Thank you all!

Privacy Charger8232 • 6 months ago • 92%

All questions are in bold for ease of use. The major carriers in the United States participate in NSA surveillance (except for T-Mobile apparently, because it's based outside of the US. Except they bought Sprint, which participates.) and that, along with other major privacy issues, means that the market for private carriers is incredibly slim. When I found out that some carriers, such as Mint Mobile, piggyback off of Verizon, I wondered: **What's stopping a carrier from simply E2EE everything from Verizon, and then using Verizon to transfer the data?** Obviously, **the encrypted data could still be collected and sold, but it wouldn't matter if the encryption was setup properly, right?** I'm looking to better understand how this works, and, if a solution exists, potentially be the first to make it happen. The reason I'm not suggesting creating a carrier without piggybacking is due to the sheer cost and lack of support it would have, which would lead to poor adoption. Also, **if carriers simply don't support E2EE, couldn't carrier locked phones install the software (since most install software anyways) required to make E2EE work?**

Privacy Charger8232 • 6 months ago • 90%

Hello, Lemmy! It may be difficult to spend time actively improving some of the services you use to have a more privacy conscious presence, and so this thread is dedicated to help people learn and grow in their privacy journeys! Start by stating which services you currently use, and which ones you may be looking for/want to improve. This thread is entirely optional to participate in, because a lot of people understandably feel uncomfortable listing which services they use. Writing those out can be a lot of work, but the payoff is huge! # Remember these rules: - **Be respectful!** Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn't align with yours, or uses some anti-privacy software, doesn't mean you can downvote them! Help them improve by giving suggestions on alternatives. - **Don't promote proprietary software!** Proprietary software, no matter how good it may seem, is against the community rules, and generally frowned upon. If you aren't sure, you can always ask! This is a place to learn. Don't downvote people just because they don't know! - **Don't focus solely on me!** Since this happened in [another one of my posts](https://lemmy.ml/post/12711033), I want to mention that this thread is **not** designed to pick apart only my setup. The point is to contribute your own and help others. That doesn't mean you can't still give suggestions for mine, but don't prioritize mine over another. - **Be polite!** This falls under "Be respectful", but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone. # Here is my setup: **Web browsing** * I use Tor for using online accounts (such as Lemmy, etc.) * I use Mullvad Browser for general browsing * I use Librewolf for functionality that Mullvad Browser doesn't have (security keys, etc.) * I use Firefox + uBlock Origin for streaming videos that break on Librewolf and Mullvad Browser. * I always use a SearXNG instance for web searches. I always use ProtonVPN (free tier). I use a private DNS resolver. **Desktop** * I use Secureblue (yes, I'm that guy from a post a couple weeks ago) * I sit behind a firewall. * I only use FOSS Flatpaks with Flatseal. * My BIOS is password locked but proprietary (due to compatibility issues). * I occasionally use Tails because I think it's fun. * I use full disk encryption, multiple disks, and a second layer of encryption for specific important files (NSA style) **Mobile** * I currently use hardened iOS until I can scrape together some money for a Pixel to use GrapheneOS * Again, I constantly use ProtonVPN (free tier) * I use a private DNS when ProtonVPN is turned off * I use AdGuard, but I browse the internet with the DuckDuckGo app (I can't sideload) * I use a very strong passcode * Airplane mode is constantly enabled, I don't have a SIM * I use a Faraday bag to store my device when I'm in public * I use a privacy screen protector **Messenger** * I mainly use Signal with a borrowed phone number, because SimpleX is still buggy on iOS, and Signal is the easiest to switch friends to. I rarely use iMessage, but there are times when I have to. **Online accounts** * Passwords are stored in Bitwarden for mobile accounts, and KeePassXC for desktop accounts. * Yubikey is placed on any account I can, otherwise 2FAS is used * I keep public accounts (Lemmy, etc.) as locked down as I can. **Video streaming** * I use the native YouTube app on iOS, simply because any of the others I've tried either don't actually work or require a Mac to install. I don't have a Mac, obviously. * I use FreeTube on desktop, but as I was writing this I was informed that FreeTube has a few issues I may want to look into (Electron). **AI** * I would love to know if there are any Flatpaks that run local LLMs well, but I currently use GPT4All (since that's what I used a year ago). * On mobile, I use an app made by a friend that gives access to GPT-4 and Gemini. Because it's running off of his own money, I'm not going to share the project until he has a stable source of income. **Social Media** * I don't use any social media besides Lemmy. **Email** * I use ProtonMail * I have addy.io as an alias service **Shopping/Finance** * I currently either proxy my online purchases through someone else (have them buy it for me and I pay them back), or use a gift card * For physical purchases I use cash * I only use my bank account for subscriptions (Spotify, etc.) * I am working on using Monero and privacy.com **Music streaming** * I use Spotify on my phone * I use Spotube or locally downloaded files on my computer * I have multiple AM/FM receivers with some yard long antennas and direct metal connectors **TV shows** * I stream from ethical services for some movies * I go to a theater or buy a DVD for other movies. I am the proud owner of a USB DVD player. * I also have an antenna hooked up to my TV * There are certain IPTV services I have used in the past * I do not use a smart TV. **Gaming** * I download local games, plain and simple. Or I code my own game. **Programming** * I code in Python using PyCharm. I'm looking for alternatives. * I will use GitLab when I decide to publish some of my work. **Productivity** * LibreOffice, although the UI is iffy **Misc** * I don't use any location services * All my clocks are set to UTC * I don't have a smart watch * I don't have a smart car * I use Bluetooth earbuds * I cover my webcams with paper and tape. Reason: It's worth taking a couple seconds to peel tape off when you use the webcam than to risk a massive breach. Thanks for reading! Note here: I found out the other day that a Google Streetview car passed by my house, and my blinds being shut were the only thing keeping my room away from prying eyes. Is there an easy way to blur/censor my house without giving up my soul? # Special thanks Lots of people kindly contributed their personal setups in the comments, and some even made [their own posts!](https://lemmy.ml/post/13306687) I'm really glad I could spark inspiration and start a way for people to learn and grow in their privacy journeys. To think, just this morning, I was stressing on if people would even enjoy the post at all! Thank you all again, and please go forward to inspire others. I am not the person who made this happen, all of you are!

Privacy Charger8232 • 6 months ago • 95%

Evidently Tails 6.0 released over a week ago, and my version never prompted me for an upgrade ~~(maybe because it's a major upgrade, I don't know.)~~ In any case, I wanted to first of all spread the word about Tails, and second of all mention this: My one problem with Tails is that it had some outdated software (such as KeePass being a few versions behind), but with the introduction of Tails 6.0, that seems to be resolved. Tails also has dark mode now. I love dark mode. Edit: "Automatic upgrades are only available from Tails 6.0~rc1 to 6.0. All other users have to do a manual upgrade."

Privacy Charger8232 • 7 months ago • 94%

Due to financial problems, throughout my privacy journey I have only used free tools to enhance my privacy. I was recently thinking about the question: If I had the money to give back to the services I've used, which ones would I donate to? Here is my personal list, which is still a WIP: **I will definitely donate to (15):** - [Aegis Authenticator](https://getaegis.app/) | [Donation Link](https://www.buymeacoffee.com/beemdevelopment) - [F-Droid](https://f-droid.org/) | [Donation Link](https://liberapay.com/F-Droid-Data/donate) - [GrapheneOS](https://grapheneos.org/) | [Donation Link](https://grapheneos.org/donate) - [KeePassDX](https://www.keepassdx.com/) | [Donation Link](https://www.keepassdx.com/#donation) - [KeePassXC](https://keepassxc.org/) | [Donation Link](https://keepassxc.org/donate/) - [The Linux Foundation](https://www.linuxfoundation.org/) | [Donation Link](https://www.linuxfoundation.org/about/donate) - [LUKS](https://gitlab.com/cryptsetup/cryptsetup/blob/master/README.md) | Donation Link *(Help me find!)* - [Mullvad](https://mullvad.net/en) | Donation Link *(Help me find!)* - [The Qubes OS Project](https://www.qubes-os.org/) | [Donation Link](https://www.qubes-os.org/donate/) - [SimpleX](https://simplex.chat/) | [Donation Link](https://github.com/simplex-chat/simplex-chat#help-us-with-donations) - [SearXNG](https://docs.searxng.org/) | Donation Link *(Help me find!)* - [Tails](https://tails.net/) | [Donation Link](https://tails.net/donate/) - [Tor Project](https://www.torproject.org/) | [Donation Link](https://donate.torproject.org/) - [uBlock Origin](https://github.com/gorhill/uBlock/) | [See here](https://github.com/gorhill/uBlock/?tab=readme-ov-file#about) - [Whonix](https://www.whonix.org/) | [Donation Link](https://www.whonix.org/wiki/Donate) **I am very likely to donate to (14):** - [Briar](https://briarproject.org/) | [Donation Link](https://liberapay.com/Briar/donate) - [coreboot](https://coreboot.org/) | [Donation Link](https://coreboot.org/donate.html) - [Electronic Frontier Foundation](https://www.eff.org/) | [Donation Link](https://supporters.eff.org/donate/join-eff-today) - [FreeTube](https://freetubeapp.io/) | [Donation Link](https://liberapay.com/FreeTube) - [The Gnu Privacy Guard](https://gnupg.org/) | [See here](https://gnupg.org/donate/index.html) - [Libreboot](https://libreboot.org/) | [Donation Link](https://www.patreon.com/libreleah) - [LibreOffice](https://www.libreoffice.org/) | [Donation Link](https://www.libreoffice.org/donate/) - [MySudo](https://mysudo.com) | Donation Link *(Help me find!)* - [NewPipe](https://newpipe.net/) | [Donation Link](https://newpipe.net/donate/) - [OpenStreetMap](https://www.openstreetmap.org/about) | [Donation Link](https://supporting.openstreetmap.org/) - [OpenPGP](https://www.openpgp.org/) | Donation Link *(Help me find!)* - [OpenVPN](https://openvpn.net/) | Donation Link *(Help me find!)* - [Orbot](https://orbot.app/en/) | [Donation Link](https://orbot.app/en/donate/) - [WireGuard](https://www.wireguard.com/) | [Donation Link](https://www.wireguard.com/donations/) **I will most likely donate to (7):** - [AnonAddy/addy.io](https://addy.io/) | [Donation Link](https://addy.io/donate/) - [GtkHash](https://gtkhash.org/) | Donation Link *(Help me find!)* - [Joplin](https://joplinapp.org/) | [Donation Link](https://joplinapp.org/donate/) - [Lemmy](https://join-lemmy.org/) | [Donation Link](https://join-lemmy.org/donate) - [LibreWolf](https://librewolf.net/) | [See here](https://librewolf.net/docs/faq/#why-dont-you-accept-donations) - [Monero](https://www.getmonero.org/) | Donation Link *(Help me find!)* - [Nitrokey](https://www.nitrokey.com/) | Donation Link *(Help me find!)* **I may donate to (11):** - [DuckDuckGo](https://duckduckgo.com/) | [See here](https://duckduckgo.com/duckduckgo-help-pages/company/donations/) - [Fedora](https://fedoraproject.org/) | [See here](https://fedoraproject.org/wiki/Donations) - [GitLab](https://about.gitlab.com/) | donations@gitlab.com - [GNOME](https://www.gnome.org/) | [Donation Link](https://www.gnome.org/donate/) - [Molly](https://molly.im/) | [Donation Link](https://opencollective.com/mollyim#category-CONTRIBUTE) - [AdGuard](https://adguard.com/en/welcome.html) | Donation Link *(Help me find!)* - [Organic Maps](https://organicmaps.app/) | [Donation Link](https://organicmaps.app/donate/) - [privacy.sexy](https://privacy.sexy/) | [Donation Link](https://github.com/undergroundwires/privacy.sexy?tab=readme-ov-file#support) - [Proton](https://proton.me/) | Donation Link *(Help me find!)* - [Signal](https://www.signal.org/) | [Donation Link](https://www.signal.org/donate/) - [Standard Notes](https://standardnotes.com/) | Donation Link *(Help me find!)* I may add more as I think of them. Please leave your ideas! Note: I'm trying my best to avoid turning this into just a list of privacy tools, but that may end up being what it becomes. **Honorable Mentions (9):** There are some services that I support but either don't use or have not matured enough to donate to. - [2FAS](https://2fas.com/) | [Donation Link](https://2fas.com/donate/) - [Free Software Foundation](https://www.fsf.org/) | [Donation Link](https://my.fsf.org/donate) - [Mozilla (Firefox)](https://www.mozilla.org/en-US/firefox/) | [Donation Link](https://foundation.mozilla.org/en/?form=donate) - [GNU Image Manipulation Program](https://www.gimp.org/) | [Donation Link](https://www.gimp.org/donating/) - [Invidious](https://invidious.io/) | [Donation Link](https://invidious.io/donate/) - [OsmAnd](https://osmand.net/) | Donation Link *(Help me find!)* - [Piped](https://github.com/TeamPiped/Piped) | [Donation Link](https://github.com/TeamPiped/Piped#donations) - [Spotube](https://spotube.krtirtho.dev/) | [Donation Link](https://opencollective.com/spotube/donate) - [Wine](https://www.winehq.org/) | [Donation Link](https://www.winehq.org/donate) **Some math** I realized I never actually specified any amounts that I would donate to each service, so here is most likely how I will spread my money: For the services I will definitely donate to, I will donate $50 to each services. For the services I am very likely to donate to, I will donate $40 to each service. For the services I will most likely donate to, I will donate $30 to each service, for the ones I decide to donate to. For the services I may donate to, I will donate $20 to each service, for the ones I decide to donate to. For the honorable mentions, if they ever become part of my official donation list, I will start with a $10 donation and increase it from there. For those thinking those are small donations, note that if I were to donate those amounts to every service it would be a total donation of over $1,800. That is at least a start, and once I am able to donate I will likely donate the same amount every year. By no means am I doing this for publicity or congratulations, I am just making my thoughts public and hopefully sparking others to donate to some privacy services. Lots of these services run off of donations, so please try not to take them for granted! # A note from me There seems to be a misunderstanding about the purpose of this post. I am not posting this to receive criticism for my choices, although I am happy to learn about potential misconceptions I had about certain services ([Organic Maps](https://lemmy.ml/comment/8912365), [Mozilla](https://lemmy.ml/comment/8916394), etc.) This list contains __my__ choices, and your choices may be different. Nor am I posting this to gain attention, media traction, congratulations, or publicity. The purpose of this post is to encourage you to make your own list based on your own criteria, and to potentially share it here. Very few people have actually commented with services that they would/do donate to. I have decided to include my choices as well as links to better help others find what they would donate to. For example, many people may forget to donate to services like GNOME that they use every day without thinking twice about the developers who have worked hard to create it. I'm aware that some of these services are for-profit, have poor business practices, or are based in privacy disrespecting countries, but in my opinion (and again, you should make your own list based on your own opinion) those services deserve my support. I thank everyone who has helped me better formulate my list, but this post isn't meant to be about me. I encourage you to take your time to make your own list of services you really would consider donating to. The draft for this list has taken me over a month. Thank you all for taking the time to read through this, and it is unlikely I will be interacting with this post for a while. ##### Recent update I recently went back and changed a few things, adding some I missed. There is drama surrounding Libreboot, and some murky information about which companies provide the best security keys, as well as other stuff. I've decided to abandon this list and remake it elsewhere, maybe to share here. Cheers!

Linux Charger8232 • 7 months ago • 83%

cross-posted from: https://lemmy.ml/post/12400033 (Thank you https://lemmy.ml/u/Kory !) > I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros: > > **Kali Linux** (Use as a secondary) > > **Linux Mint** (Used for a while) > > **Arch Linux** (Could not install) > > **Tails** (Use this often) > > **Qubes OS** (Tried it twice, not ready yet) > > **Fedora** (Current main) > > For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps. > > Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I've been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you! # **UPDATE:** Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn't work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I'm not a fan of atomic distros I will be using that. To [@leraje@lemmy.blahaj.zone](https://lemmy.blahaj.zone/u/leraje), your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!

Privacy Charger8232 • 7 months ago • 89%

I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros: **Kali Linux** (Use as a secondary) **Linux Mint** (Used for a while) **Arch Linux** (Could not install) **Tails** (Use this often) **Qubes OS** (Tried it twice, not ready yet) **Fedora** (Current main) For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps. Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I've been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you! # **UPDATE:** Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn't work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I'm not a fan of atomic distros I will be using that. To [@leraje@lemmy.blahaj.zone](https://lemmy.blahaj.zone/u/leraje), your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!