• Your user account on GrapheneOS is just a local user account
• GrapheneOS comes with its own camera, gallery, contacts, sms, phone, and file manager apps, a hardened fork of Chromium called Vanadium, and an app that lets you install sandboxed versions of google play services and google play store, if you so wish. Nothing else. You can install other apps using F-Droid, or by installing the google play store app.
• GrapheneOS does not have a “cloud”, aside from the web services it uses to check for and pull new updates. If you want to sync files somewhere, you can install whatever you want (Nextcloud, Google Drive, etc)
• F-Droid is a fine choice, and the google play store is as well, all depending on what your priorities are for your phone. I only use F-Droid and have no non-foss apps on my phone for privacy reasons, for example.
• Running your own Nextcloud server is a great learning exercise, but it’s a big commitment of time if you’re not already familiar with linux administration, and if you want it to be secure and accessible remotely that’s even harder. Don’t let that be an impediment to getting a secure phone though - you can always keep using Google Drive for now, and then learn how to set up Nextcloud or some such as you go along.

Good luck!

I’m with you there. It’s all layer upon layer of vulnerability and false security, and then at the bottom of all of it lurks the Ken Thompson hack.

Still bad advice to tell people it’s okay to use an explicitly vulnerable OS, I think.

Would you advise your enterprise clients that running Windows unpatched is ‘not a big deal as long as you have patched web browsers and AV’? Of course not. Because that’s dangerous advice and could even open you up to legal liability.

So why would you advise otherwise to home users, who are often more vulnerable in the first place?

Not having security patches on a system you do things like go to your banking website on is actually a pretty big deal, and I don’t think it should be dismissed lightly. Also AV is mostly snake oil, and is in no way an adequate substitute for a properly patched OS.

Any proclaimed prioritization of privacy or privacy improvements in stock Android serve only to bring your data more directly under the control of Google at the expense of other entities, so that those other entities must pay Google as a middleman to your data. On stock Android, there is no privacy - Google has access to everything, always.

In my opinion, one step that could reasonably be taken to improve the situation is for Google to go fuck itself, lose every anti-trust suit brought against it, and die.

It’s still right to complain and protest about something that is unjust, even when ways to circumvent it exist. Because the next logical policy step is to ban VPNs, as many countries already have, and the solved problem becomes unsolved again.

ssh predates the specification, exists somewhat independently of even the idea of a desktop (not common to see xdg env variables like XDG_CONFIG in a headless environment, for example), and uses the homedir/.ssh directory on both the client and server side of a connection. I think it’s less to do with security and more to do with uniformity for something as important as ssh - ssh doesn’t need to change to use the xdg spec, and xdg doesn’t need to allot anything special for ssh when it’s already uniform across the unix spectrum

Bromite before it died, RIP :( Vanadium now with regular dns adblocking where security matters, Fennec where it doesn’t.

If you aren’t going to fully wipe your drive in horrible events like this, at the very least use shred instead of rm. rm simply removes references to the file in the filesystem, leaving the data behind on the disk until other data happens to be written there.

Do not ever allow data like that to exist on your machines. The law doesn’t care how it got there.

If you can find a cheap used micro-form-factor pc with hdmi output (eg thinkcentre m93p), that’s a great sustainable way to go. Stick debian on it, get a cheap tiny bluetooth keyboard/trackpad, stream via web browser. Bonus if it’s got a dvd player, for the ultimate utilitarian foss htpc.

Thank fucking god for the EU, for fighting for global digital rights where nobody else does.

Generally speaking a leftist anarchist flag, more specifically the flag of anarcho-syndicalists in the Spanish civil war

If you can’t get a packaged apk directly from the developer/publisher, or from a trusted repository like the play store or fdroid, I wouldn’t resort to third party sources like these. If you can’t compare the signing signature of an apk from an untrusted source to that from a trusted source, you can’t be certain that what you’re installing hasn’t been tampered with.

For donating compute/storage/bandwidth to community archiving, this is a great place to check out: https://wiki.archiveteam.org/

Just my opinion, but I think they’re a great project to support.

That is so cool! Thanks for the tip

One benefit of base 12 and base 60 over base 10 for everyday use with things like time is simple factorization. You can divide 12 hours evenly into halves, thirds, quarters, and sixths, and 60 minutes evenly into halves, thirds, quarters, fifths, sixths, tenths, etc. With base 10, you’ve just got halves and fifths.