Replies (125)
XMPP, searxng, adguardhome/pi-hole, kiwix, peertube
Sync between devices -> Syncthing
100 percent this
for personal writing, web clips, notes: Obsidian with Synching
for syncing photos: any OSS phone gallery app with Synching
for syncing a music library: any OSS music player with Syncthing
Syncthing = eliminate the cloud
Wow that's a comprehensive list. Most of the stuff I haven't even heard of. Definitely need to look into some of these alternatives.
An obvious one for me is
Reddit -> stacker.news but then again, I'm not entirely sure how much different they are from a centralization standpoint
I'm by no means a privacy / cryptography expert
You can self host WordPress. No need to be on wordpress.com.
Signal is backdoored, so I'd remove that from the list if possible.
I use Protonmail for my email, so I'm fine with that.
NextCloud is not secure, so I'd use something else personally.
I don't use Cryptpad, but LibreOffice instead, since I like doing things not in the cloud for office shenanigans.
For GitHub-style things, I use Codeberg (based off of Forjego), but all the others I could see being used.
i am still critical of simplex funding via village global
Windows --> Linux
Hey, I can't self-host, so what's the next best thing?
Spotify -> Innertune
Calendar + Contacts - EteSync /Etar
How is Proton partnered with them? I hadn’t seen evidence of it.
Bitlocker -> LUKS
01010000 01110010 01101001 01110110 01100001 01100011 01101001 01100100 01100001 01100100 01100101 00100000 01110000 01100001 01110010 01100001 00100000 01101111 01110011 00100000 01100110 01110010 01100001 01100011 01101111 00101100 00100000 01110100 01110010 01100001 01101110 01110011 01110000 01100001 01110010 11101010 01101110 01100011 01101001 01100001 00100000 01100001 01101111 01110011 00100000 01110000 01101111 01100100 01100101 01110010 01101111 01110011 01101111 01110011
#BTC #Bitcoin #Web3 #Privacy #Security 🤓✍️📚
View quoted note →WordPress -> Nostr
See 😏
https://TrustMeBro.blogDropbox -> Syncthing
Spotify -> Lidarr
Netflix -> Sonarr
Sync thing is brilliant. Works with Linux, Mac and phones either graphene and calyx
email selfhosting? really?
so that your mails get rejected and thrown into spam immediately and everywhere?
fiat -> Bitcoin
Holy shit. I didn't know about this Oracolo framework. Very cool
The "quantum resistance scheme" is the backdoor IMO. all of these protocols implementing them should be deeply scrutinized.
+ Prowlarr & Gluetun 😎
Quite curious about the Signal being backdoored claim.
Sources?
Any idea how Databag compares to SimpleX? I've only tried SimpleX briefly.
It does not describe what/which/any aspect of relationship to the WEF other than the presence on the post itself on the WEF website.
how so?
Proton was given an award as a "Technology Pioneer" in 2022, and yet they're not partnered with the WEF, but only merely referenced. How is it that Proton is affiliated with them if their VPN IP's cannot access the WEF site?
i posted a link in this thread showing a proton board member is vice chair of the WEF
I suppose it would depend on what someone is using email for right? If it’s a burner mail you’ve got a forum account on, then sure proton. If it’s everything your business is doing and all activity of every account, you’d consider self-host to hide that metadata on a 1 CPU VPS.
Thanks for writing in. I like that Threema has non-government domain based names, however it’s completely centralized. They control and sell you the account. While Session is similar, but the user owns the name. Or SimpleX nobody owns it, it doesn’t have a single account
Hi, Thanks for writing in. We actually have a video on why Telegram is bad for privacy, with the main reasons being:
1) metadata leakage
2) censorship
3) not owning or controlling accounts
4) telephone tied to ID with strict VoIP restrictions
5) banning Tor
6) it’s not in F-droid, google play
7) and even malicious handing over of data to governments:
Learn more:
https://video.simplifiedprivacy.com/why-telegram-sucks/Actually Simplified Privacy offers a service to setup a self-host email on a 1 CPU 1 RAM VPS for you, (with open source email, chat, and cryptpad), and then hand over the credentials to you. We guarantee it won’t be spam, or your money back.
Cloud Combo Package: Email, Docs, & Chat | Simplified Privacy
Thanks for writing in, sure it depends on what the person is doing right? If it’s just a burner account for forums then proton is fine. If it’s your whole life’s business via email, then self-host. If that’s too much trouble, Simplified Privacy offers a service to setup a self-host email on a 1 CPU 1 RAM VPS for you, (with open source email, chat, and cryptpad), and then hand over the credentials to you. We guarantee it won’t be spam, or your money back.
Cloud Combo Package: Email, Docs, & Chat | Simplified Privacy
I actually have more experience with Hugo, but my co-worker swears by Ghost. So it’s just a matter of preference and the templates.
Regarding LibreOffice, that’s fully free and open source, so there should be no privacy issues. It comes with most Linux distros
I agree with your concerns on Signal. However, the difference between Lemmy and RebelNet is the difference between Nostr and Mastodon. You’re giving the admin of the server complete control.
farside.link lists many instances, then you can have it serve you one with farside.link/librey I believe is URL
Yeah bro! thanks for writing in. what's your favorite distro?
yeah man, I get a lot of heat defending this point to be honest with you. but thanks for bringing it to my attention initially
I try to present people with pros/cons and let them pick. What is your favorite messenger then?
I have not, I gotta check it out. do they have clients ?
Yeah the issue with WP is the bloat of CSS slowing down pages, and the big tech integration. It's got Cloudflare and Google calls on the backend. Spyware by default unless the person does active work to remove it.
While as Hugo, Ghost, or other static site generators are faster and more free code wise
Thanks for writing in. Yes stacker.news is a good site, we’re actually developing RebelNet to handle all different types of keys and to federate as well. So it would be more decentralized, but we’d be open to linking up with them (federating) posts. We’ll see, nostr is fun.
Nice to meet you, I think this the first time I've seen your comments
thanks for writing in. yeah syncthing is a beast. good call on us being too dependent on the cloud
Yeah that’s fair, I can get a little carried away sometimes. However, we try to present the specific match to give people the exact tool for the job. Things such as privacy with simplex vs censorship with session
I replaced Nextcloud with:
SyncThing
MiniFlux for News
Radicale for Contacts/Calendar.
Definately, you can use farside.link to serve you up new ones. good call
There’s security, privacy, philosophical, and practical implications with using Nostr for all of these things. From a privacy perspective, it’s not particularly private to associate everything in your life with this one identity.
From a security perspective, it’s a danger to tie everything you own or do, the sum of your entire life, to a single private key that you could accidentally compromise.
From a philosophical perspective, there exists the possibility that some will wish to use other systems to transmit data. Such as Nostr relays using cloudflare, or the focus on custodial cloudflare “bitcoin” bank accounts.
From a practical perspective, what vendors sell SIM cards based on Nostr identity? Wouldn’t you want to hide this from the provider?
yeah, do you have any evidence or links on this?
i like the non permanence of signal and session, but to be honest really enjoy the convenience of telegram. Pirate chain has a memo which I enjoy messaging in for zk messages, tho in theory it is still on a block chain for eternity.
Thanks for writing in, sure it depends on what the person is doing right? If it’s just a burner account for forums then proton is fine. If it’s your whole life’s business via email, then self-host. If that’s too much trouble, Simplified Privacy offers a service to setup a self-host email on a 1 CPU 1 RAM VPS for you, (with open source email, chat, and cryptpad), and then hand over the credentials to you. We guarantee it won’t be spam, or your money back.
Cloud Combo Package: Email, Docs, & Chat | Simplified Privacy
molly > signal
Yeah I just heard Mozilla is doing more AI with “personalized results” for search off what the user searches into URL bar
awesome, thank you, will check it out
hahaha dude if you get a VPS combo email, I'll accept pirate chain just to try it.
There's no messages posted tho? seems ghost town
Interesting, thanks for letting me know. But aren’t you dependent on the dude running it? Or you self-host if he rug pulls on new DNS but same relay pull?
for youtube? try invidious or freetube
yeah where is the flow of funds shown?
It just seems to be IPFS based with a shitcoin. Also this is funny.
seedit
serverless, adminless, decentralized reddit alternative
Nah it's self-hosted. Oracolo uses svelte framework and npm to build. You can then just load the single JS script. And it's running off my modified fork.
good point, but as I've shown just having the WEF vice chair on the proton board should be very alarming
almost forgot one messenger. DarkFi's ircd is amazing, probably the most private messenger
Oh I didn’t see that on the site you linked. Where do I find that exact information?
for sure man, what distro did you compile it in? I had issues
I would add using Feeder for news, because it's private, doesn't have an algorithm and puts the user in control of what they see because it only displays RSS (etc.) feeds that you subscribe to in Feeder and it has filters so if you like "some news source" like Wired for example but aren't interested in "some topic" you can make filters in Feeder (easy peasy) to eliminate stuff from the articles list. Feeder is totally local to your device and you can even tell it to open articles in your default browser so your ad blockers etc. work there as well.
PS the dev is great!
GitHub
GitHub - spacecowboy/Feeder: Android feed reader app
Android feed reader app. Contribute to spacecowboy/Feeder development by creating an account on GitHub.
arch and mint and Ubuntu studio all worked, make sure you do every step, sometimes its easy to skip one
kubuntu as well
Gmail -> protonmail #OpenPGPCompliant ;)
I use still ... happy camper; never had a jot of trouble with them (been with them on a free account since they first launched). Aware others have had problems. Not me. Hope that helps.
World's Best Privacy & Security OS
whonix.orgkicksecure.com/qubes-os.org
World's Best Linux Distributions
Debian
Ubuntu
Fedora
Berkley Software Dev (aka BSD)
OpenBSD
FreeBSD
GhostBSD
HAHA ... we ALL do. lols
The Signal backdoor; any URL? #interested
"Most of the stuff I haven't even heard of." Follow me for regular bleeding edge crypto recommendations etc. #OldTimer
I had already posted a link the GitHub issue on this matter (it's from 2019, but Signal is still backdoored to this day). Maybe look for it in this thread?
Well here’s a quick way you can find out. Try to install it with Tor on a degoogled phone without Google Play, and using a VoIP number, and let’s see if you can message anyone outgoing.
Then ask the Telegram support or forums “how do you guys hide metadata?”
ah yes, love RSS, you should add the SP feed!
https://simplifiedprivacy.com/feed
Once we develop our Nostr forum further, you'll be able to RSS follow and comment w nostr keys
great work bro, fire research. you just handed me the new intro to our email pitches
New Scientist
Mathematician warns US spies may be weakening next-gen encryption
Quantum computers may soon be able to crack encryption methods in use today, so plans are already under way to replace them with new, secure algori...
This article is sort of related to my thoughts, but mainly the question for me is:
Is Quantum computing a boogeyman created in order to give agencies a chance to restandardize encryption schemes to their benefit with undetectable backdoors?
I'd wager that the benefits of "quantum resistance" are outweighed by the risks that these backdoors will be implemented, until a quantum computer is actually proven to break these schemes
She’s no longer with them, but I could see why you think they’re partnered (even though they’re not).
One can discuss about the CSS architecture. But WordPress doesn't have Cloudflare or Google API calls in the backend by default. Some plugins you choose to use might have, but it's pretty possible to use it without them.
On the other side, Hugo is not really a replacement for WP because it doesn't have any dynamic elements.
the proton page says she was one position but now is the vice chair of the wef
Open WordPress admin with uBlock origin, you’ll see the Google/Cloudflare calls. Almost all of them have google fonts on the frontend too that has to be manually removed. As far as “dynamic” goes, there’s other ways to have a store. The overwhelming majority of these blogs and sites do not need wordpress malware, especially when they have external checkout stores
For blogging, I agree that a static site is of course better than #Wordpress, but what about ecommerce?
Is there a good #selfhosted #foss alternative to #Woocommerce? Doesn't make sense to run your store on other people's platforms unless it's a secondary option...
I'll need to check the admin calls... I thought those were only made by certain themes and plugins...
Bar the SIM concerns (all corners you raised are valid FYI) ... could this be a multi-sig problem? i.e. why would you only make one Nostr private key for all these N solutions .. why not N private keys?
Got it, thanks.
For github.com -> radicle.xyz
The Traffic of Session and SimpleX runs across 1000´s of relay.
Do you really think thats more secure?
They do NOT know hows behind all those relays.
Can be hosted by AWS or Google and can easily collect all the metadata of their users. For example IP-Adresses.
ONLY Threema does not collect any metadata or IP-Adresses.
Look for your self:
Threema
Transparency Report – Threema
Explore Threema's Transparency Report to learn about our commitment to privacy, data security, and user confidentiality. Stay informed about r...
The centralization of Threema is a security feature.
Session & SimpleX are (meta)data-spreader !
Huh?
Session is onion routed with different nodes. It's not google/AWS, I've done lookups on many of the IPs, its a lot of the same providers as Tor.
SimpleX lets you self-host, so its you running it.
Threema’s legal transparency report is not a technology solution, it’s their promise.
Why is having different nodes with onion routing, or self-hosting simplex, worse metadata leak than just Threema’s promise?
WordPress is a shitshow, RCEs, XSS, you name it. There are botnets with WP as the main vector.
Use with caution, php = bad time.
PC -> writing paper
iPhone -> lawnchair
Wikipedia-> wikifreedia
The more hands that handle a parcel, the greater the risk that it will break, fall or be stolen.
The more Notes your messages are sent via, the greater the risk of someone making a copy and/or intercepting the metadata.
Threema messages only make one stop, on their own server. This server does not store any IP address or metadata, and the message is deleted after successful delivery!
More data protection is not possible in digital communication!
The purpose of Session's onion routing is to prevent a single actor from gaining knowledge.
Or with SimpleX you can self-host the server.
With Threema, you’re trusting a single entity with censorship/privacy.
Aren’t you on Nostr to avoid centralization?
Won‘t you still require a SIM card to connect your GLinet Travel Router to the internet?
Session comes from the makers of "Loki" Coin - the most unsuccessful cryptocurrency in the world
TOR and onion routing is not safe!
Sessions traffic runs accross 4.000 nodes and does not know who¥s behind each node! Thats pretty unsecure!
Australia as a 5-Eyes Member is bad:
Sessions suspicious "finaciers" doesn´t make better:
Loki
Loki Network | Team Page | Developer, Marketing and Operations
The Loki Network team showcases the wide range of skills the Loki Network have. Find out more information about Loki Developers and Marketers.
Self hosting of Simplex doesn´t chance all the other negative aspects.
First: Deliver a real proof that Threema does censorship!!!!!!
Before you spread such stupid FAKE-SHIT !!!!!
Some come with a SIM card built-in. Also there's security benefits to external routers, please see:
GL.inet Travel Routers: Private or Tyranny? | Simplified Privacy
That's just librewolf settings, it will do that for many sites. If you hit accept and continue, it will load the page with SSL lock
Self-hosting is trusting you. the operator of the server. it could even be on a tor onion in your home
How is trusting you better than trusting Threema? doesn't make sense
if you don't trust the proprietary software mentioned above, there is also Trisquel GNU/Linux
Cheers for the heads up ... I missed your reply for some time. Apologies. Interesting development. Debian (FLOSS System) goes UBUNTU (non-floss) which goes ... Trisquel (FLOSS).
As of Debian 12, Debian is no longer FLOSS
Shit, i was wondering about your first statement ... (I've been out of the FLOSS/OSS loop codebreaking for 8+ years). That's disaster right there IMHO. So pleased to hear there's already another project to keep at least one system available made from FLOSS entirely. I saw (for about 3 seconds) a debate about the Microsoft tie-up/tie-in and thought that would only lead to bad things.
And here we are. Debian, no longer FLOSS.
RIP Ian (turning in his grave no doubt). :(
Can we use VeraCrypt or Rclone as a "middleware" to encrypt data before storing it on the cloud service and decrypt it on the client side? It's a good idea to get the best of both worlds, maintaining privacy without the need to serve the necessary infra (vampirizing the cloud service)?
Setting up all the DNS records right takes some effort, yes. You will need a VPS or an ISP that gives you a static IP and the ability to set the PTR record for it.
Other than that, self hosting without losing email is perfectly possible. I have been doing it for the last 10 years or so.
Proton mail encrypts stuff on your device, before sending it to their server. That provides privacy, if working as declared.
Anyone using a third party VPS provider has to trust them with their data. You have full access to everything on your VPS instances, no?
But IMO it is not worth it over Protonmail (or similar) even if possible. Better to live with the fact that E-Mail is not and will never be private.
and we don't have reliable nostr DMs yet either, which would be nice
The way I run it, email is private - but only when the other side has a similar setup, which is practically never :)
I like Protonmail too, it is a very good service.
Wish FreedomBox had an integrated mail server.
That's exactly the issue. The other side is (most likely) using gmail or similar and all email conversations get scanned.
Practically nobody uses email e2ee.
Just use signal/simplex for conversations.
Protonmail is propaganda, as it encourages centralization. Yes the self-host VPS provider can see it, but so can proton. This puts all eggs in one basket, which is a corrupt and easily accessed basket. Please see the following I wrote earlier:
~
First, Proton is NOT end-to-end encrypted. As per own their blog:
Proton
Proton Mail encryption explained | Proton
Proton Mail stores all data in an encrypted form. Here you can read about what is end-to-end encrypted and how the stored data is saved.
(Please note, I only changed the CAPS)
Quote:
"The email is encrypted in transit using TLS. It is THEN UNENCRYPTED and re-encrypted (by us) for storage on our servers using zero-access encryption. Once zero-access encryption has been applied, no-one except you can access emails stored on our servers (including us). It is NOT end-to-end encrypted, however, and might be accessible to the sender’s email service"
</end quote>
Second, they do scan it for spam and phising.
They repeat this with:
Source:
Proton
Encrypted email spam filtering | Proton
One of the biggest challenges at Proton Mail is doing effective spam filtering with encrypted emails.
"Emails that come from third party email providers obviously CANNOT be delivered with end-to-end encryption, but upon reaching our mail servers, we will encrypt them with the recipient’s public key before saving the messages(new window). All this is done in memory so that by the time anything is permanently stored to disk, the email is already un-readable to us. This gives us a very limited window to perform spam filtering on incoming messages."
Then they further elaborate,
"Secondly, the message is passed through our customized Bayesian filters which marks suspicious messages as spam.
Next, we generate checksums of incoming messages and check them against a database of known spam messages. If there is a match, we mark the message as spam. The checksums are done in such a way that it is also effective against mutating spam emails."
</end quote>
So they claim to have it unencrypted, then have a "limited time" to stop spam, but then also claim to encrypt it, and then after compare the hash to spam hash. If their own claims were true, then why do they only have a limited time?
Third, they hand over huge amounts of data. If it's encrypted, then what do they have to hand over?
From their own transparency report:
Proton
Transparency report | Proton
Proton's transparency report with aggregate statistics of legal orders from the Swiss authorities, covering Proton Mail, Proton Drive, and Proton C...
"2023
Number of legal orders: 6,378
Contested orders: 407
Orders complied with: 5,971
2022
Number of legal orders: 6,995
Contested orders: 1,038
Orders complied with: 5,957"
</end quote>
While as with a self-host VPS,
With a large amount of effort, the VPS provider could in theory snapshot memory to get access to emails. But this data is being sent through SSL encryption, so passive general surveillance is protected against. It would have to be work (and money wasted) for them to get the data.
Wow, I did not expect that from Proton, thanks for the links and the summary - very useful!
If a provider can access customer data, then unfortunately in the world as it is they will be forced to hand over some of it sooner or later.
sure, we offer setups of this including the domain, first month of the VPS, and a full year of support:
Cloud Combo Package: Email, Docs, & Chat | Simplified Privacy
Unlike the other softwares out there, you get more than one service on the VPS,
and at the end, we hand over all passwords
