overview for SecurityPro

14

Permission Slip by Consumer Reports (lemmy.ml)

submitted 2 months ago by SecurityPro@lemmy.ml to c/privacy@lemmy.ml

4 comments fedilink

The October issue of Consumer Reports has a full page ad for their app called "Permission Slip". The tagline reads "Companirs collect and sell you personal data. Our easy to use app helps you take back control."

Anyone have any experience with this? I haven't heard of it before but plan to install and do some testing.

Privacy on Cars. How to stop data collection and transmission? by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 62 points 4 months ago

We need an online guide, based on make and model, on how to disable the transmission of this data.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? by SecurityPro in c/degoogle@lemmy.ml

[-] SecurityPro@lemmy.ml 14 points 5 months ago* (last edited 5 months ago)

Since it is a free phone from a carrier it will be locked until the phone is "paid off" by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 45 points 6 months ago

As someone who has worked fraud and online investigations, and both written and served search warrants; it is not an option. A probable cause affidavit is presented to a judge and if the judge agrees there is sufficient probable cause, a search warrant is issued. This is an order by the judge and not optional. The judge can hold the company in contempt if they refuse to obey his/her order.

Encrypted services Apple, Proton and Wire helped Spanish police identify activist | TechCrunch by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 95 points 6 months ago

"helped" is very misleading. Companies can't refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

I'm deGoogling. What's my new Podcast app? by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 22 points 7 months ago

Agreed, grab AntennaPod from the f-droid store.

Looking for a privacy focused travel assistant on mobile by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 18 points 8 months ago

I use Anytype (anytype.io) on my phone and desktop. I make a page for each trip and add screenshots of confirmations, maps, itinerary, etc.

Anytype is similar to Notion but is open source and encrypted locally.

Any source of IMAX movies in 1:1.43? by SecurityPro in c/piracy@lemmy.dbzer0.com

[-] SecurityPro@lemmy.ml 13 points 8 months ago

The bigger question I have is how are you going to view them? Did you build yourself and IMAX size screen?

FOSS online equivalent to Google Docs? by SecurityPro in c/fdroid@lemmy.ml

[-] SecurityPro@lemmy.ml 29 points 8 months ago

Cryptpad.fr

8

Why isn't there any white laser markings ink/powder/paste/spray? (lemmy.ml)

submitted 9 months ago by SecurityPro@lemmy.ml to c/lasercutting@lemm.ee

3 comments fedilink

I recently purchased my first laser. I'm interested in adding color to my engravings. Specifically I want white text engraved on black metal. However I've searched online and can't find any white marking materials.

Plex for books? by SecurityPro in c/selfhosted@lemmy.world

[-] SecurityPro@lemmy.ml 11 points 9 months ago

Calibre

https://calibre-ebook.com/

Best privacy friendly, reliable and affordable domain name extension ? by SecurityPro in c/privacy@lemmy.ml

[-] SecurityPro@lemmy.ml 12 points 9 months ago

Context (from the FAQ):

"We're not actually a domain name registration service, we're a customer to these. We sit in between the domain name registration service and you, acting as a privacy shield.

When you purchase a domain name through Njalla, we own it for you. However, the agreement between us grants you full usage rights to the domain. Whenever you want to, you can transfer the ownership to yourself or some other party."

221

The Irish government wants to pass a law that could see you or your loved ones jailed for possession of memes, cartoons or any content that could be deemed "hateful". (lemmy.ml)

submitted 10 months ago by SecurityPro@lemmy.ml to c/privacy@lemmy.ml

54 comments fedilink

The Bill includes no definition of hate and is wide open to abuse by bad actors. Defend free speech – say no to this legislation, and any legislation of is kind... Anywhere!

https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09[https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09](url)

Do you guys think there will ever be a FOSS voice assistant? by SecurityPro in c/foss@beehaw.org

[-] SecurityPro@lemmy.ml 12 points 10 months ago

Mycroft is defunct

Getting school pictures done, dont feel like paying. They send them out with a watermark. Any tools to remove watermark that run on my machine not the web? by SecurityPro in c/privacyguides@lemmy.one

[-] SecurityPro@lemmy.ml 17 points 1 year ago

It is the copyright work product of someone else...that is absolutely piracy (theft).

2

Protections gained using GrapheneOS (lemmy.ml)

submitted 1 year ago by SecurityPro@lemmy.ml to c/degoogle@lemmy.ml

0 comments fedilink

Quoted from GrapheneOS:

Cellebrite and others in their industry use logical extraction to refer to extracting data from a device after unlocking it, enabling developer options (requires PIN/password), enabling ADB and permitting access for the ADB key of the attached device. See https://cellebrite.com/en/glossary/logical-extraction-mobile-forensics/ The baseline doesn't involve exploitation. The next step up is exploitation via ADB to obtain more data than ADB makes available.

Obtaining data from a locked device requires an exploit. If it was unlocked since boot, the OS can access most data of the currently logged in users.

GrapheneOS includes our auto-reboot feature to automatically get data back at rest so that it's not obtainable even if the device is exploited. Can set this to a much lower value than the default 72 hours. 12 hours won't cause inconveniences for most users, but you can go lower.

User profiles that are not currently active have their data at rest. GrapheneOS provides the option to put secondary users back at rest via end session for convenience. Sensitive global system data is stored by the Owner user, which is why you can't log into another user first.

GrapheneOS also provides the option to disable keeping a secondary user active in the background, to force ending the session when switching away from it.

We provide substantial exploit protection features (https://grapheneos.org/features#exploit-protection), and we're working on some major improvements.

For user profiles that are not currently logged in, their data is protected by encryption even if the device is exploited. An attacker needs to brute force the password. If you use a strong random passphrase, they cannot do it. Otherwise, you depend on hardware-based security.

Most Android devices don't have decent hardware-based encryption security. If a typical Android device has the OS exploited, the attacker can trivially bypass any typical PIN/passphrase via brute force. We only support devices defending against this (https://grapheneos.org/faq#encryption).

iPhones, Pixels and certain other Android devices provide hardware-based throttling of unlock attempts via a secure element. We explain how this works at https://grapheneos.org/faq#encryption. This protection depends on security of the secure element, which is quite good for Pixel 6 and later.