Tor Browser is a modified Firefox ESR, which is just Firefox with less frequent releases.

There’s a lot more here than what the headline captures, about Flock, their lies, and how their systems’ widespread use affects communities. It’s worth a watch.

They acknowledge this in the article. The four levels of processing used in the University of São Paulo’s classification system are at least a start. Clearly we need to keep learning which aspects of these foods cause harm, and improving the classifications.

I’m also curious how much of the harm is caused by plastic contamination, either while the foods are being manufactured or picked up afterward from packaging.

But if the ENDS are both compromised…

If either end is compromised, then there is someone reading over the proverbial shoulder, and the conversation should be considered compromised.

Hopefully Linux Phone gets some love.

That would be a welcome step in the right direction, as would open hardware.

So just to confirm the answer to my question question: Its pointless to use encrypted messaging on an Android device?

Of course not. End-to-end encrypted messaging protects against eavesdroppers in transit. It’s an opaque envelope.

(Edit: Keep in mind that Google is not the only potential eavesdropper out there.)

What it cannot do is protect a message from someone reading over your shoulder when you write a message or open an envelope. On mainstream Android, that could be Google, if they choose to abuse their system-level access. On iOS, it could be Apple. And so on.

Those companies might be eavesdropping on sent/received messages already, either at a large scale or in a minority of cases, or regionally, or they might not be doing it at all… yet. But they have the capability. You’ll have to decide for yourself whether that risk is acceptable.

Google has the capability to read everything that you can read on an Android phone, unless you have taken steps to remove all Google-controlled components that have system-level privileges. Last time I checked, this included Google Play Services, which are installed by default on most Android phones.

Note that messengers with end-to-end encryption, like Signal, cannot protect against an adversary with full access to your device.

This is part of why people de-Google their phones, which usually means replacing the entire OS with something like LineageOS or GrapheneOS.

deleted by creator

To be clear, this is not about EXIF data (which is its own problem).

Digital cameras can be fingerprinted from the images they produce, due to variations between pixels in any given sensor. If you’re concerned about an image being traced back to your camera, you might consider some post-processing before distributing it.

This is mostly true.

However, it’s worth noting that your home instance is uniquely positioned: it can see not only everything you send out into the fediverse, but also everything you read or subscribe to, so its privacy practices can still matter.

With that in mind, I suggest avoiding instances that run behind Cloudflare, which can see (and even change) every interaction you have with the instance.

You might also want to disable off-site images in your web browser (if you use Lemmy’s web interface) and prefer an instance with a large image cache, because loading images that are hosted on other instances will leak your reading habits to those instances.

Yes.

Related: Has anyone here used Pretty Good Phone Privacy (PGPP)?

https://invisv.com/pgpp/

https://www.usenix.org/system/files/sec21-schmitt.pdf

micefrone

BTW, Lemmy lets you edit titles, so you can fix errors like that.

Nope. 8 years after release, mine still has network service and still works well.

The best one I know is https://web.archive.org/

Unfortunately, no archive site manages to archive every article before a paywall goes up. I’ve had the best luck on archive.org by selecting the earliest snapshot they have.

Even if you get past the loop, the fact that archive.is is now using third party CAPTCHAs means that their provider can track your interests: They can correlate the page you came from, the archived content you wanted, your browser fingerprint, your IP address if not using a VPN, etc. If it’s a big provider like CloudFlare or Google (spoiler: it is) they can also correlate all that with a significant chunk of your non-Lemmy web browsing.

This is why I no longer use archive.is.

That depends on the device, not the OS.

1. I don’t know, but according to this page, it seems there is some kind of profile support. I assume it’s part of the Android Open Source Project.
2. (Good thing I noticed that you edited your comment to insert this question.) I am not aware of an effective Google Play sandbox from any OS other than GrapheneOS. It doesn’t affect me either way, since I don’t use Google services.
3. Storage encryption is built in to Android these days. I don’t remember whether the latest version does it with file-based encryption or full-device encryption. (Both have been used in the past.)
4. It depends on who your adversary is. For example, a Google employee or a government might have remote access to a back door planted in a Pixel, but not to your boot loader. On the other hand, a TSA employee might be able to pwn your phone if granted physical access, but unable to do anything remotely. Pixels are generally more resistant to to physical access attacks because they allow user-supplied keys and boot loader re-locking, but there are companies that sell tools aiming to bypass even these protections, so I wouldn’t bet my life on them.

GrapheneOS is better in principle, but it requires that you (directly or indirectly) give money to Google and depend on Google-controlled hardware, both of which are dealbreakers for some people.

GrapheneOS also depends on hardware support files from Google, which are no longer readily available, making its future unclear.

LineageOS supports a greater variety of devices. The privacy/hardening features aren’t as strong as GrapheneOS, but many people find it good enough when:

• Google Play Services are not installed
• Commercial apps are not installed (open-source apps from F-Droid are the usual alternative)
• There is little risk of an adversary gaining physical access to the phone

Trying to discredit people because of the forum on which they discussed a topic, or because you view them as beneath your skill level, is a more than a little misguided, and frankly, disingenuous.

Epic themselves have admitted to copying Steam data and scanning running processes, as has been documented in various news articles. (example, example)

In any case, the point is not one particular incident or report, but rather that they have the capability, grant themselves permission to use it via their policy documents, and have earned distrust among a lot of gamers. Posting condescending emoji here doesn’t change that.

Edit: P.S. In future comments defending Epic, you might do readers the courtesy of stating up front that you are moderator of an Epic Games forum.

You might want to read my other comments elsewhere on this post.

Please keep in mind that no matter what technical measures you take, accepting Epic’s “free” games requires agreeing to their terms and conditions, which they can change after you get the games. I really don’t recommend it.