UnfortunateShort

Random guess: Tiktok might actually generate revenue

Justice he dicides on and can get away with.

There are some FOSS SMS clients tho. I used to use Simple SMS, but there were no updates for 12 months.

Maybe try Deku SMS: https://github.com/deku-messaging/Deku-SMS-Android

It seems to have at least some traction for what it’s worth.

100% agree, anonymized data is pretty much irrelevant to the GDPR. An exception would be if it can be de-anonymized with reasonable means.

I’m gonna go with no, because of containerization and permission management. On your computer, any program can do pretty much anything, unless you explicitly take measures against this. On a smartphone, you get a lot of control over your apps. In newer Android versions you can even completely disable cameras and microphones (even if only in software).

I would use a throwaway account and avoid giving Google any personal data tho. Of course they could still figure stuff out, but it’s harder and unreliable, not to mention super-duper illegal (at least in the EU), so I kinda doubt they go the extra mile.

Sounds reasonable enough. I think in most of Europe that’s about when kids finish elementary school.

Yes, what I meant is actually a kind of pepper. Although I would like to point out that literally the only difference is that it’s stored elsewhere.

It does, I’ll give you that. However, I will hold the fact that their maximum is actually reasonable against that. The minimum of 8 is more concerning imo

I’m just gonna go ahead and say it: 16 Characters are sufficient and 20 pretty damn secure.

That is assuming they do stuff right and there are no vulnerabilities, which they won’t and there are. However they may manifest, they are a greater concern at 16+ characters, especially if they don’t offer 2FA.

The reason is that even if machines become powerful enough that 16 characters can be bruteforced, which they can’t atm, you can effectively defend everything against bruteforce attacks by other means. Including but not limited to limiting login attempts, salts and pepper, multiple encryption layers etc.

With just a salt pepper you can make a 16 char password effectively a 24 char password… Or a 2.000.000 char password. Assuming it is not stolen alongside that is.

Edit: Changed ‘salt’ to ‘pepper’.

It can toggle ANC on and off, not sure if it can also enable voice through. That is available by a single tap on your earbud(s) tho

You can use Sennheisers without an account - and I think even without the app altogether. Not exactly sure tho.

They have a feature where they toggle sound presets depending on your location. That’s the only thing that requires an account, as well as access to your location. It’s opt-in however (and pretty useless imo).

Ok, fair enough, but at that point you’re basically deploying your own password manager which most people would consider a little over the top :D

The simple answer to SSO is: Just don’t.

It has it’s place in companies, but there is no good reason for private use, except maybe a little convenience.

On the other hand, you open yourself up of to your data being collected left and right and increase the chance it gets compromised by it being shared.

Never change a running System.

Basically every other German outlet

Want to butt in here quickly and bring attention towards the fact that crypto currencies in general are not meant to be privacy preserving.

You are literally broadcasting transactions, making it impossible to leave no trace.

I have used Google, DDG, Bing and Ecosia (which is basically Bing) at this point and ingl, none of them really stands out for its results. If anything, I think DDG and Bing beat Google.

Google might be the first company to create a monopoly out money and apathy. The apathy of users who don’t care about their search engine enough to even change the default.

I don’t bother with 2FA for Ente. It’s supposed to add a layer of security, no need to add yet another layer just for the sake of it.

They do have desktop apps at least. I’m happy with it so far, totally second the recommendation.

Regarding your general question: I would argue that a separate 2FA app is a must, since you can not only secure your password manager with it, but also remain protected if it is breached somehow.

Having 2FA and credentials in one place partly breaks the rational between having 2FA at all.

PSA: Firefox 128.0 uses a new HTTP_ACCEPT header that seems super unique to the test, because, well, it’s new.