MajesticFlame

joined 1 year ago
[–] MajesticFlame@lemmy.one 12 points 1 month ago* (last edited 1 month ago)

Well, I did not mean in a backdoor way. If google has a backdoor for the three letters agencies, I don't expect they would reveal it even if the whole country of Argentine flipped itself over.

I meant in a public way. The play store can install apps remotely through a google account but I have no idea how far this goes.

[–] MajesticFlame@lemmy.one 23 points 1 month ago* (last edited 1 month ago) (7 children)

Is google even able to do it? They are unable to push os updates directly in most cases, sinco those go through phone vendors. Idk if they already have the ability to remotely uninstall apps. Maybe through the appstore?

[–] MajesticFlame@lemmy.one 1 points 3 months ago* (last edited 3 months ago)

I use ESET and rate of false positives is very low for me (as long as you disable detect "potentially unwanted applications", it asks during installation).

[–] MajesticFlame@lemmy.one 28 points 7 months ago* (last edited 7 months ago) (6 children)

By the way, the evolutionary reason is far more interesting. We need to wear clothes in cold weather because we don't have fur. Why did we evolve to not have fur? Because not having fur allows humans to sweat. Sweating is the most effective way to get rid of excess body heat, far better then panting that many mammals use. This allows humans to run without stopping for much longer than animals, allowing humans to hunt animals by chasing them until they tire out and stop.

Of course, other animals could not evolve sweating because they are unable to use clothes and fire to keep themselves warm without fur.

[–] MajesticFlame@lemmy.one 1 points 11 months ago* (last edited 11 months ago)

I think Tutanota (or just Tuta now?) does this, since search works correctly.

I think not using PGP helps Tuta a lot with this, since PGP is really outdated and does not play well with modern features.

[–] MajesticFlame@lemmy.one 3 points 1 year ago* (last edited 1 year ago)

XMPP is often neglected even though it’s the most secure, private, fast, and reliable framework for end-to-end encrypted messengers.

This. I studied on how e2ee works in XMPP when I was trying it a few years back. It is absolutely atrocious. I have seen half-assed school projects with better security than most XMPP clients. Largely caused by encryption being bolted on through an extensions of the standard as an afterthought and going throug several revisions. Its usually not even enabled by default.

Now you may find a good client implementation, I think conversations for android seemd decent, but with everyone using a different client and no way to ensure the other side uses a secure one, there is little point.

[–] MajesticFlame@lemmy.one 31 points 1 year ago* (last edited 1 year ago) (2 children)

This post is the personification of why downvotes should be enabled.

[–] MajesticFlame@lemmy.one 2 points 1 year ago

Sure, but there are good reasons not to use XMPP if you need security.

[–] MajesticFlame@lemmy.one 1 points 1 year ago

As dark ark say, the official mullvad app allows split tunneling. I have split tunneling enabled for things where I am logged in with my real identity. No point hiding my IP from steam when they have my credit card number with my name.

[–] MajesticFlame@lemmy.one 20 points 1 year ago

As I understand it, it is not impossible, just too much effort to register an esim without google services. However, once registered, they are not needed anymore. So one solution is to register the esim on stock android before installing a custom ROM.

GrapheneOS has an even better solution where you can temporarily install google services in userspace and give them control of the esim module to register an esim and then remove the access and optionally uninstall them.

[–] MajesticFlame@lemmy.one 0 points 1 year ago* (last edited 1 year ago) (1 children)

They should also need it in the US. The issue is, that if the tool is in the hands of the cops, there is no way to check who they spied on (and therefore if they had warrant).

At least if it was executed by a comercial entity, they can check the warrants and be liable if they do it without one. But that is very likely not how it will be implemented. The cops will get the tools to do with as they please.

As an example, one state in the US (forgot which one) put in a law that requires the police to submit every data search warrant into a public database so that they could be audited by the public. After they compared the contents of the database to number of requests in companies transparency reports, it turned out there were over 5 times as many requests in the state then what was reported in the database, despite reporting being required by law.

view more: next ›