Unless it's my cat. Got heavily filtered water and use it to fill 3 different fountain bowls in different parts of the house (none near the food source, but I did that because if they are, she'll eat her food over them...) and the cat still demands I turn the sink on instead. Same exact water, and even though I change her water out almost every other day, the sink wins. Just glad she hasn't figured out how to turn it on yet...

Funny enough the last fountain I got looks like a faucet and she's like "nah I'm not stupid, turn the sink on."

I'll have to check out TrackerControl, that's a new one to me!

I have seen app manager but currently use AppOps. I didn't recommend AppOps above because I'm not sure it's still supported or not, and it's also not really Foss. It's treated me well over the years, but I'm definitely interested in finding a better alternative. The last time I checked app manager, it wasn't as good... But maybe that's changed as it's been several years now so I think I might be due for looking at it again!

My wireguard connection on my phone connects to my home network to an pi hosting my internal VPN... But the network is completely covered by a mullvad VPN through opnsense. I've got pihole setup using the mullvad anti-trackkng private DNS. With this setup, the only real need I have for root on my phone is because I do some pretty low level automation on it through crond and some backups of core app data that I'd really hate to lose... And the complex firewall rules lol.

This is where rooting the phone is required. I use wireguard without root and have AFWall granted with root at bootup so it doesn't require acting as a VPN

1. AFWall+ firewall to allow list apps to internet using your preferred method (e.g. VPN, wifi, data, etc)
2. PcapDroid to help monitor and analyze packets, or to just confirm things aren't communicating unexpectedly
3. AdAway if you're not using your own dedicated dns over a permanent VPN connection

If not all 3 of these, AFWall is probably the best to go with. Having a way to not only block Apps, but also define your own custom firewall rules is very powerful. For example, I redirect all DNS requests to my own DNS with a custom rule (for apps, like Termux, using hardcoded DNS lookups instead of what the phone is set to)

Remember, you can always opt out of sending any technical or usage data to Firefox.

How about you show you respect user privacy by making it an opt-in...?

Feels like no matter where I turn, even the "privacy friendly" options turn away from privacy eventually.

I hate short variable names in general too, but am okay with them for iterators where i and j represent only indices, and when x/y/z represent coordinates (like a for loop going over x coordinates). In most cases I actually prefer this since it keeps me from having to think about whether I'm looking at an integer iterator or object/dictionary iterator loop, as long as the loop remains short. When it gets to be ridiculous in size, even i and j are annoying. Any other short names are a no go for me though. And my god, the abbreviations... Those are the worst.

Nice! Guess I can add it back to my wishlist and consider buying it soon! Been holding off on it too long

I'd do my part in buying games from them more if they didn't block my home network from their website lol. Yes it's behind a VPN, and no I'm not turning it off to give up my privacy just to buy something I can get from stores that won't block me.

I honestly used to buy games from them a lot, but once their website became inaccessible, I sorta forgot about them. Surely I'm not the only one right...?

Just to get it out there... I checked this out about a year ago. It's not completely open source. The project consists of many executables and "pre complied dependencies" that don't appear to share matching checksums which may indicate modifications of some sort. Looks like a great tool, but I'm extremely skeptical of what's going on under the hood.

Hopefully they do truly open source it and prove me wrong, I'd love to give it a try some day.

Got mine connected to the network so I can take advantage of a local install of Emby, but blocked from Internet access, and every time it makes a DNS request (still blocked, but logged), it's added to a personal hosts file for the entire network just in case the kill switch doesn't work for some anomalous reason

Only 2 problems I have with Graphene personally is the need to give Google money, which the irony is just too much, and no option for rooting. Otherwise it seems like a pretty good OS overall. In the meantime, while I wait for those options to be more flexible so I can have full control, I just use a rooted lineage os with all the extra Google stuff (ntp, DNS, etc) stripped and replaced with my own self hosted systems.

I personally prefer NoScript not for just the privacy stuff, but for the security of knowing that an accidental click to a malicious site using some zeroday JavaScript exploit won't kick in like it would, had it not been default blocked.

My NoScript profile is also fairly populated with things I've trusted over the years, so it's really only new websites that require JavaScript that I have to worry about.

Maybe just me being over cautious, but just keeps me at ease, personally.