SecurityPro

joined 1 year ago
sorted by: new top controversial old
Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/[email protected]
[–] [email protected] 3 points 3 weeks ago (1 children)

Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/[email protected]
[–] [email protected] 5 points 3 weeks ago (3 children)

Not in the US. A phone "purchased" on contract is carrier locked and you can't unlock the bootloader, which needs to be done in order to install a different OS.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/[email protected]
[–] [email protected] 6 points 3 weeks ago (3 children)

I believe NetGuard will act as a VPN. This will prevent you from using an actual VPN.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/[email protected]
[–] [email protected] 14 points 3 weeks ago* (last edited 3 weeks ago) (4 children)

Since it is a free phone from a carrier it will be locked until the phone is "paid off" by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch in c/[email protected]
[–] [email protected] 40 points 1 month ago (5 children)

As someone who has worked fraud and online investigations, and both written and served search warrants; it is not an option. A probable cause affidavit is presented to a judge and if the judge agrees there is sufficient probable cause, a search warrant is issued. This is an order by the judge and not optional. The judge can hold the company in contempt if they refuse to obey his/her order.

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch in c/[email protected]
[–] [email protected] 91 points 1 month ago (13 children)

"helped" is very misleading. Companies can't refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

GrapheneOS Latest Release Confirmed To Resolve Bluetooth Module Issues in c/[email protected]
[–] [email protected] 2 points 2 months ago (1 children)

Doubt it is a watch issue, only started when the Bluetooth bug started with Graphene OS

GrapheneOS Latest Release Confirmed To Resolve Bluetooth Module Issues in c/[email protected]
[–] [email protected] 2 points 2 months ago (3 children)

The update did not fix the issue for me. Using a Pixel 6a with Graphene OS and a Samsung Galaxy Watch 5 Pro. The watch had been working just fine with Graphene OS until the recent OS changes.

Since the most recent update, nothing really improved. The watch had to be factory reset in order to get it to connect the the phone via Bluetooth. That worked for less than 5 hours and it lost connection to the phone and would not reconnect.

Still the only way to get it to reconnect it to factory reset the watch and re-pair it to the phone. Since that connection still only lasts less than 5 hours (sometimes on an hour or so), I'm tired of doing that and have quit wearing the watch.

Reddit started blocking VPN users on old.reddit.com in c/[email protected]
[–] [email protected] -2 points 3 months ago* (last edited 3 months ago) (1 children)

Regarding: "On Android you can use [Stealth] . That's what I use for searches that pull up Reddit posts."

The stealth protocol does not have anything to do with accessing individual sites or services. The purpose of stealth is when trying to estata VPN connection to a provider that does not allow VPNs. For example, a public wifi that blocks VPN connections or some countries that require ISPs to block VPN connections.

Looking for a privacy focused travel assistant on mobile in c/[email protected]
[–] [email protected] 3 points 3 months ago* (last edited 3 months ago)

Anytype has responded and I had a couple other clarifying questions. Their first response:

"Hi! In our privacy policy we include Amplitude & Sentry & explain why we work with them: anytype.io/app_privacy. Currently, you can opt-out by electing local-only or self-hosted network Mode"

Sentry is only used for bug tracking and I don't have any issue or privacy concerns with that.

I had already looked on their website for a privacy policy and the only one I could locate was a website only privacy policy. I learned later that the application privacy policy is buried as a link somewhere within the website privacy policy. This is not very easy to find.

I reviewed the application privacy policy and it conflicted with their answer stating that a user could opt out of information sharing with Amplitude by using "local only" or "self-hosted". So I pointed this out and posted this reply to them:

"Also, app privacy policy section for Amplitude states: Amplitude Analytics Purpose: deliver behavioral and app usage data. Opt-out possible: NO"

This is the response I received:

"Indeed this is outdated information, as it was written before self-hosting and local-only mode were properly configurable. Opt-out is now possible using these methods, and we will be updating the policy accordingly."

Are there services that can help you get your information taken down? in c/[email protected]
[–] [email protected] 6 points 3 months ago (1 children)

Reach out to the job sites directly and report these as fraudulent. Ask them to remove the resume postings.

Also consider making accounts for her on these sites, may make it easier to prevent future posting and to remove any that do appear.

Then, since it sounds like you are her lawyer. Subpoena these sites for information on account, email address, IP address used for the fraudulent posts.

I'm deGoogling. What's my new Podcast app? in c/[email protected]
[–] [email protected] 19 points 3 months ago

Agreed, grab AntennaPod from the f-droid store.

16
Hulu ad blocking (lemmy.ml)
 

I've had some luck blocking ads on Hulu but it seems to be an ever evolving situation. Is anyone having decent success blocking Hulu ads with pi-hole? What domains do you block and which ones are required?

7
Why isn't there any white laser markings ink/powder/paste/spray? (lemmy.ml)
 

I recently purchased my first laser. I'm interested in adding color to my engravings. Specifically I want white text engraved on black metal. However I've searched online and can't find any white marking materials.

215
The Irish government wants to pass a law that could see you or your loved ones jailed for possession of memes, cartoons or any content that could be deemed "hateful". (lemmy.ml)
 

The Bill includes no definition of hate and is wide open to abuse by bad actors. Defend free speech – say no to this legislation, and any legislation of is kind... Anywhere!

https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09[https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09](url)

24
Xbox wireless controller pairs but will not connect. (SOLVED) (lemmy.ml)
submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]
13 comments fedilink
 

I purchased a brand new Xbox wireless controller. It paired with my steam deck easily but it will not connect and the "X" button on the controller keeps flashing. I've hit every button on the controller and can't get it to actually connect. I've also rebooted the steam deck.

Any help would be appreciated...

11
Protections gained using GrapheneOS (lemmy.ml)
 

Quoted from GrapheneOS:

Cellebrite and others in their industry use logical extraction to refer to extracting data from a device after unlocking it, enabling developer options (requires PIN/password), enabling ADB and permitting access for the ADB key of the attached device. See https://cellebrite.com/en/glossary/logical-extraction-mobile-forensics/ The baseline doesn't involve exploitation. The next step up is exploitation via ADB to obtain more data than ADB makes available.

Obtaining data from a locked device requires an exploit. If it was unlocked since boot, the OS can access most data of the currently logged in users.

GrapheneOS includes our auto-reboot feature to automatically get data back at rest so that it's not obtainable even if the device is exploited. Can set this to a much lower value than the default 72 hours. 12 hours won't cause inconveniences for most users, but you can go lower.

User profiles that are not currently active have their data at rest. GrapheneOS provides the option to put secondary users back at rest via end session for convenience. Sensitive global system data is stored by the Owner user, which is why you can't log into another user first.

GrapheneOS also provides the option to disable keeping a secondary user active in the background, to force ending the session when switching away from it.

We provide substantial exploit protection features (https://grapheneos.org/features#exploit-protection), and we're working on some major improvements.

For user profiles that are not currently logged in, their data is protected by encryption even if the device is exploited. An attacker needs to brute force the password. If you use a strong random passphrase, they cannot do it. Otherwise, you depend on hardware-based security.

Most Android devices don't have decent hardware-based encryption security. If a typical Android device has the OS exploited, the attacker can trivially bypass any typical PIN/passphrase via brute force. We only support devices defending against this (https://grapheneos.org/faq#encryption).

iPhones, Pixels and certain other Android devices provide hardware-based throttling of unlock attempts via a secure element. We explain how this works at https://grapheneos.org/faq#encryption. This protection depends on security of the secure element, which is quite good for Pixel 6 and later.

view more: next ›