I guess there is a chance to see some of code, but I doubt about it being properly open sourced.

While we’re publishing the binary images of every production PCC build, to further aid research we will periodically also publish a subset of the security-critical PCC source code.

Source: https://security.apple.com/blog/private-cloud-compute/

Apple’s PR is better. With Microsoft all news titles were like “OMG Windows will take screenshots of all you do and send it to AI”, and with Apple it’s more like “Apple is carefully adding AI to their products, respecting user privacy as they always have been”.

Of course, when one looks into technical details they would find that MS Recall is strictly local and runs only on special hardware that people don’t even have yet.

Apple Intelligence does send your data to cloud and scans everything you have in Apple ecosystem, not just screenshots. Of course they say it’s done in very privacy respecting ways, and provide a lot of technical information to back this claim. But at the end it’s closed source and is subject to change at any time.

Having said that, Apple users are used to and value that Apple magically takes care of everything, so they are happy to pay premium for Apple’s products whatever the company does.

Yay, I can get some targeted ads about data center hardware!

Mullvad has a feature to add random noise into traffic patterns, actually

This is a good point. Maybe setting up a VPN at home would the good option for when I’m on the go

Thanks for the suggestion, but anonymity is not my goal with VPN. I known about tor etc, and it is not working well for everyday web surfing

Well, reddit is doing fine so far. Shareholders are happy

I’m running Nextcloud from a Turnkey LXC template that’s available in Proxmox. Runs solid, I have no complaints for performance or stability. But upgrades are manual and very involved. It’s not too complicated, but there is always something that needs extra attention or troubleshooting. I also wasn’t able to figure out Turnkey migration toolset that they suggest to use for major upgrades, such as to new version of OS.

I have Odroid-N2 with CoreELEC. Works as my media center in living room, but I use it only to stream video from my jellyfin server.

The only problem I have is that I have to control it from a phone app, not a remote. There are ways to do that, but I couldn’t be bothered

A company would use a Microsoft 365 plan that includes Outlook for Office 365, not a Windows Mail app. An the MS365 agreement would come with protections of company data from sharing with advertisers.

In other words, I wouldn’t worry if my company used Outlook. But never log in to your private mailbox from a corporate device.

Sublime is not FOSS

Lots of good advice here, but many might be too extreme. I find such all-or-nothing approach intimidating for people who just started to think about improving their privacy situation.

Let’s see… you are angry about bloatware. It can come from two sources - mobile service carrier and phone manufacturer. How to get rid of it?

1. Buy only “unlocked” phones. Then the carrier will not be able to push anything to your phone. You will also be free to change the carrier as you wish.
2. Buy phones from manufacturers that don’t install too much bloatware. Google Pixel has only Google apps, Motorola also is almost vanilla Google. Fairphone is more exotic, but an interesting option. iPhone is OK too if you want Apple ecosystem, but customization is not a thing there.

Now, we are in a privacy focused community and I saw your later comments about Google being an opposite of privacy. I would argue that vanilla Pixel is much better than bloated and locked Samsung already. I see you get recommendations to replace the OS that your new phone might run, and these are valid, but come with significant downsides. There are other ways to improve your privacy stance by changing the way how you use your phone without changing what phone or what OS you run on it.

I use SimpleLogin for email alias, and username usually has to be associated with email address. So I just use whatever SimpleLogin generates for me

I’m using pi-hole + uBlock origin.

Adblock DNS, Pi-Hole, hBlock - these three do essentially same thing but at different layers - blocking DNS requests based on blacklists. I’m not familiar with hBlock, but I assume blacklists on each of these 3 are very similar. Using all three doesn’t slow down your internet connection much, unless your pihole server is underpowered. You can drop pi-hole from the mix if you are not using it’s other features (statistics, local DNS, etc). hBlock looks nice, and should add zero latency, but works only for local machine. So you still need network-wide blocker. Make sure you set your DNS on router, so all devices would get protection.

uBlock Origin is smarter than simple DNS blocking, but protects only your browser sessions.

Your first passage about criminalizing art is 100% correct and 100% irrelevant. You cannot call porn art. Porn with adults, children, dogs, pumpkins - all that stuff is made for people to get off, not enjoy the emotions that real art provokes in people. Therefore we cannot compare criminalizing porn with criminalizing art.

There are edge cases, of course, when art might be provocative and considered immoral, and maybe even illegal sometimes. But that would be edge cases, highly debated.

Closest one for lower latency. However, the closest location happens to be in a major metro area and is banned by many financial organizations that I use, so usually I connect to the next closest.

I don’t trust Proton enough to use it exclusively. Personally I use their free email tier as a secondary mailbox.

• They are not fully open source (I found only web client source code)
• Their last independent audit was in 2021 and was done for beta version of their email
• The audit itself was for security, nothing related to privacy
• They advertise their email service as encrypted: encrypted:

End-to-end encryption Proton Mail is a private email service that uses open source, independently audited end-to-end encryption and zero-access encryption to secure your communications. This protects against data breaches and ensures no one (not even Proton) can access your inbox. Only you can read your messages.

Which I see as deceptive: end-to-end encryption is working without user involvement only for emails between Proton mailboxes. In other cases user needs to establish PGP encryption on their own. Inbox may be not accessible by Proton (we actually have no clue because server side code is closed source), but unencrypted incoming messages can be easily intercepted by Proton relays.

I’m not saying that Proton does all this nefarious stuff, but their marketing is questionable.

It’s not just a web front end. I would call it a software development lifecycle service. On top of repos for source code management there could be a bunch of services: Issue tracker, CI/CD automation, static pages hosting, flexible permissions system, even pull requests - all this is not Git.

Forge is a nice and easy name, but not sure if many people realize what it means or recognize that meaning.

I’m probably being overprotective. However, teachers have a lot of kids to watch over. My kid would probably not go adventuring on their own, but we cannot rule out a kidnapper or some natural emergency situation.

This looks interesting. But the only pre-built hardware option they have on the list, Nano G1 Explorer, is way too big for a little kid. But I may get it for adult family members for emergency situations.