If they want proper anonymity, the user needs to protect against fingerprinting from the duckduckgo website (Tor or Mullvad). If by anonymity you are meaning from OpenAI, then duckduckgo needs to be running user’s text prompts through a paraphrasing LLM to normalize text and avoid deanonimization using writing-style Fingerprinting.

I watched it and I thought it was alright. I have no context for anything outside the video but what he said seems to make sense. Idk anything about FUTO other than they are at least source available for their apps which is enough to be able to inspect their claims about privacy and security.

My take on non-profit source available licenses (I know nothing just stream of thought):
I am I’m favor of an “open” source license minus profiting off of your forks, which I understand makes the resulting license not open source. In a capitalist system, the capitalist class will take every opportunity to parasitically take where ever possible. Nothing free in a capitalist system, including living. Free development comes at a cost, even iif made purely out of passion.

Most of the code I will ever publish will be open source, with the exception of some big and very unique passion projects that I wish to stay nonprofit. Any person who forks it owns their code, but is limited to donations (just in the same way I’d adhere to the license). Source available at least means people can inspect it for badware, which is good for privacy and security. Allowing forking and community collaboration is important. But some greedy corporation stealing your code without contributing back is gross. In an ideal world we wouldn’t care about the perceived costs to our time by developing and releasing code for free because money would play no part in our ability to continue existing or as a way to measure our “worth”. Why freely enable thier behaviour just to maintain some pure ideological boundaries. They dont deserve to profit off of our labor and passion.

Unofficial MCPE launcher is the only way to run bedrock on Linux

Many mechanics, and bugs, and features. Redstone is very different because the bug/exploit parity doesn’t exist and even obvious features are different (Redstone attaches to pistons). When they add a new mechanic, the bugs are different and unique to each game. Like because cauldrons can hold potions in bedrock, you can (idk if its changed) use the newish block dripstone to increment the potion fullness, duplicating it.

I assume it has documentation, otherwise you can look at the Flatpak docs to see the equivalent terminal commands that are available in the GUI. Flatseal is pretty intuitive in my experience.

On linux for the Obsidian Flatpak, you can deny it having internet and filesystem permissions using Flatseal.

Not a fan of your variable formatting within that string. You are banished from the mickey mouse code house. /s

How recently. I tested with Mullvad and it gave me a notice.

They block VPN users.

I just read through the unofficial Flathub Flatpak for Signal and it is very simple. It fetches the .deb from Signal’s website, installs it in the sandbox, and uses a launcher script to tell the OS some basic toggles like should it start minimized or should it display a tray icon. In the script it makes use of zypak, which to my understanding is to tell electron (chromium) to allow sandboxing to be handled by Flatpak. Here is the repo and the build instructions is the .yaml file.

Flatpaks are pretty easy to read through. Just go to the links section of Flathub and click the manifest, then read it to see what is done during building.

Its not official, but you can read the manifest to see what is done during building.

deleted by creator

Microsoft Activation Scripts (MAS)

Alternatively to upgrading edition check out these apps:

• KDE Connect
• Syncthing

I very much recommend Kicksecure hardened Debian as a daily driver. Eventually I will test gaming on Kicksecure making use of the steam flatpak, but I currently dont have the time.

IIRC, there is a way to force hardened_malloc for flatpaks, but this breaks many flatpak applications. For another hardened by default OS distromorph (the process of turning one distro into another closely related derivative OS) check out secureblue

Requiring webassembly will break the website for most privacy hardened browsers (arkenfox, Librewolf, cromite, Mullvad, etc). Webassembly is disabled for security and privacy reasons in these browsers. Not worth IMO. See a short snippet of Arkenfox’s reasoning here: https://arkenfox.github.io/gui/?s=javascript.options.wasm

Ok, understandable. I hate mobile devices because of their limited usable life and limited OS compatiblity. Verified boot is nice, libre-android is better. Not worth it for a person of interest to install /e/OS, but neither would stock Android or AOSP without significant hardening. DivestOS is my top pick for degoogled Android, but as I learn more (been reading kicksecure’s wiki on mobile device security) maybe Root isn’t as bad as I thought for security. I trust Kicksecure’s security research because of their significance as the base OS for Whonix and Whonix-qubes.

Related to relockable bootloaders and the security they provide, I was under the impression that if a malicious bit of software were to make use of some privilege escalating vulnerability and modify the kernel, the phone would fail to run in some way (ignore the rest of this if that isn’t the case). I dont think security should be dependent on the user behavior in basically any case.

For example, a FOSS developer in our communities could suddenly lose it and modify an existing app of theirs to inject malicious code making use of a vulnerability in android and we’d have know what of knowing until the damage is reported. Good user behavior is very important for security, but we can’t all be auditing our apps for each new release, even though its quite unlikely to happen.

It still has much of the google proprietary blobs still included and relies on google services, also without significant effort to harden Android. I have also heard that sometimes they fall behind on updates to their apps by weeks at a time (correct me if I’m wrong I am still looking for the source I found this info from). It may be moderately degoogled, but their security just ain’t there. In some cases (like OEM EOSL for older devices) having a 3rd party ROM may improve security with more up to date patches. Unless the bootloader is relockable and secure boot is possible, you will be compromising your device’s security (and privacy along with it) and destroying the Android security model in general.

There is no android ROM that is fully degoogled without losing out on much of base Android’s functionality. See the table I link under the other person’s comment. I have also heard that /e/ OS falls behind on package updates from its forks of other projects, many of its default apps.