i think they mean that signal on desktop does not encrypt their content at rest, which is acknowledged and not an issue they are intending on addressing.

But it seems to have recently changed? I’m learning thus as I wanted to find a source.

Source: https://candid.technology/signal-encryption-key-flaw-desktop-app-fixed/

I’m with you all the way, really, except that, truly, KDE plasma and dark mode are the superior choices, obviously :)

infomaniak is the largest swiss cloud provider, they have multiple services which are domain related (purchase and management), cloud computing and more. They have a good reputation. They also have a swiss cloud certificated meaning they are able to host data in Switzerland and manage it from Switzerland. If you trust Switzerland for privacy, I think by extension you can trust them.

I think early last year they hyped some potential partnership to have a custom grapheneOS device, anyone know what happened to that?

I’m sorry, what? That does not make sense to me.

Would moving to a european country be within your considerations? Europe have stronger privacy laws and as a latin american (assumed) you have an easier entry through spain which offers some facilitated job market access. But I do concede that depending on how much you value your privacy, this may be an option out of question?

Youre right, thats how it works in almost all messaging apps. But signal implemented sealed sender specifically to counter this.

You can read more about it here: https://signal.org/blog/sealed-sender/

I encourage you to read the first paragraph, which is important in the context of our conversation.

Can you further explain? A red flag to open-source, federation and such, can’t disagree. But to privacy and security? I’m not convinced.

What are you talking about? you get a phone number from signal, and what will you be able to derive from it? there is no graph. signal does not hold any “relationships” information.

This message is definitely giving all the vibes of a disinformation/misinformation attempt. There is no metadata to harvest from signal.

Here is an example of all the extent of data that signal has on any given user: https://signal.org/bigbrother/cd-california-grand-jury/

It involves phone number, account creation time and last connected time. That’s it. Nothing more.

The cross referencing of data is just nonsense. Google and meta already have your phone number. Adding signal info to it adds absolutely zero information to them. They have it all already. They know nothing of who you talk with, which groups you are part of.

The funding of Signal did involve public grants but that’s not anything bad. Many projects and nonprofits receive public money. It does not imply that there are backdoors or anything like that. And signal was purposefully designed so that no matter who owns and operates it, the messages stay hidden independently on the server infrastructure. They did the best possible to remove themselves from the chain of trust. Expert cryptographers and auditors trust signal. Don’t listen to this random ramble of an online stranger whose intentions are just to confuse you and make you doubt.

Specifically with Tailscale? That’s interesting, indeed I would definitely want that. I was under the impression that it required something like headscale but it seems not to be the case. Thanks!

You’re suggesting a whitelisting approachaporoach which I’ve used for a long time. But in the end, I I was so upset that most websites required me to enable JavaScript for their unique website because they would otherwise be broken. And I was only interested in blocking it for specific webpages so I ended up having a blacklisting approach which I recommend to keep some sanity, but that’s my opinion :)

Right, but which ones do it check?

Which ones do Calyx check?

I don’t care which is better. But I can share certain unique features which make me personally chose GrapheneOS over all other options I know of:

• it is possible to relock the bootloader
• you can disable the internet permission
• the location service is independent on google services, even if you install them
• you can use mutliple profiles and pipe notifications from one profile to another
• you control native app debugging (and its off by default)
• you have storage scope (as well as contacts scope)
• you get all the latest security patches and really fast
• and more…

I don’t know if you do this already, but in case you are not: GOS offers a convenient way to separate apps between each other, where some may depend on google services and others don’t. The methodology which works best for me is to use the main profile for all my personal apps and which do not require google services. For those few apps that do, I create a dedicated profile, in which I install the google services and the apps which need it. You can pipe notifications from that profile to the main one, in the profile settings, that way you can get the notifications of those apps even when not in the dedicated profile.

Additionally, if you do not need those notifications, you can disable the profile to run in the background when not in use.

As others have said, do not touch services and apps you do not recognize. Be very careful as things could turn south. Do not touch things unless you know what you are doing.

It’s so stupid of the developer to claim that gender neutrality is political. It really is not. It’s just about equally respecting everyone. I’m probably preaching to the choir though.

Yes, actually it can be quite straightforward. What you are probably best off doing is requesting a google takeout and upload that takeout to Ente directly. I have not followed this process myself so I can’t say much about it but it is described here and is probably the easiest way to migrate:

https://ente.io/faq/migration/from-google-photos/

I’m a customer and have moved over multiple family members, everyone seems happy. Their face recognition and smart search are still WIP, but they are impressively present, despite being all E2EE, by leveraging local processing. They are making very good progress.

It’s pretty new but if you are interested in degoogling and looking for ways to use android auto, there is apparently a working solution with GrapheneOS but I have not tested so can not verify it.

https://grapheneos.org/features#android-auto

Edit: typo