cross-posted from: https://lemmy.world/post/31882019

Memo says cybersecurity office deemed WhatsApp a high risk due to ‘lack of transparency in how it protects user data’

As a security-conscious user, I've used NoScript since Firefox's early days, but its restrictive nature has become frustrating. I'm often forced to go unprotected just to access websites with multiple scripts running on different domains, which defeats the purpose of using NoScript and balances security and usability that it once provided.

Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?

by sensitive information I'm referring to

• local machine time
• local machine ram
• local machine operating system + version
• local machine hardware
• Serial Number
• Hardware ID
• UUID
• Windows Device ID
• Windows Product ID
• ...

greatly appreciate any insight

EDIT:

could be possible solution

https://discuss.grapheneos.org/d/16025-vanadium-and-what-to-use-on-desktop/19

• ~~LibreJS: GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap.~~
• JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain.

@bjoern_tantau@swg-empire.de

Most of those things cannot be collected through JavaScript.

Local time can.

RAM can only be approximated to protect user privacy. Edit: And it’s not available on Firefox.

OS+version are already in your browser’s user-agent string that is sent out with every request you make.

Machine hardware cannot be enumerated. JavaScript can try to guess your GPU based on what it can do with WebGL.

There is no way to get a serial number or similar.

To spoof timezone/OS+version/browser+version ... and disable WebGL, use https://sereneblue.github.io/chameleon/

• https://lemmy.world/post/31885153

cross-posted from: https://lemmy.bestiver.se/post/457134

Comments

Both auto-forwarding and auto-reply are paid features, which makes cancelling & switching much more difficult. Gmail is a breeze comparatively. I highly recommend against using their addresses (e.g. protonmail.com, proton.me, pm.me)

Email forwarding is available for everyone with a paid Proton Mail plan.

(source)

I've had people tell me that this is (their words, not mine): "mental illness"

https://kevinboone.me/lineageos-degoogled.html

In an earlier article I wrote about my attempts to remove all trace of Google from my life. Part of that process, which is still ongoing, was to install Lineage OS on all my Android cellphones and tablets, replacing the original, vendor firmware. Doing this removes the egregious Google Play Services although, of course, this severely limits my ability to run Android apps. That’s a sacrifice I’m willing to make, although not without some regrets.

I’ve subsequently learned that hard-core de-Googlers eschew Lineage OS, because it remains too close to the stock configuration of the Android Open-Source Project (AOSP) on which it is based. There are certainly smartphone ROMs, like GrapheneOS, that are even more Google-free.

But I’ve grown to like Lineage. I don’t know what kind of future it has, but it works well for me, and it’s easy – as easy as can be expected – to install on all the devices I own. Installing and setting up Lineage is fiddly enough; I don’t want to make my life even more complicated, if I don’t have to.

Those of us who are divorcing Google worry most, I think, about Google’s intrusive data collection. Of course, Google is by no means the only business that engages in such practices – “surveillance capitalism” is big business. But Google presents a unique challenge because, not only does it collect a lot of data, it has a lot of clever ways to process it, and find connections between disparate data elements. Before my Google separation, it always amazed me how Google seemed to know where I was all the time, even with location services disabled on my smartphone. And Google’s advertisers seem to know what I’ve been shopping for, even when I’ve been doing my shopping in person at retail outlets. How Google does this, I don’t know; but I do want to reduce their opportunities to do so.

So I need to know what information my cellphone is sending to Google, even having removed all proprietary Google stuff.

I have to point out that I’m not talking about additional, 3rd-party apps that I might have installed on a Lineage OS device – all apps have the potential to create privacy problems, but I’m free not to use them. Here I’m just thinking about the platform itself.

Note
I run Lineage with no Google apps or services of any kind. If you do run Google services, you have to accept that absolutely everything you do with an Android device will be known to Google. There’s simply no point worrying about the trivial privacy breaches in this article – that would be like taking a cyanide pill and then worrying about your ingrown toenail.

In this article I’ll be describing various data leaks of which Lineage OS has frequently been accused, reporting which ones seem still to be present, and suggesting (well, guessing) how serious they might be.

The captive portal test

“Captive portals” are often found in hotels and entertainment venues. In a captive portal, all Internet traffic gets directed to the venue’s network filter, which ensures that the user has paid for a service or, at least, consented to some usage agreement.

Android performs a captive portal test every time the device enables a network connection. This test is a simple HTTP or HTTPS request on some publicly-accessible webserver. The request is expected to return a success (2XX) code if the server is reachable. In a captive portal, the service-providing organization will capture the HTTP(S) request, and return a redirection code to its own webserver. This server will provide a web page with further instructions.

By default Lineage OS uses Google’s webservers for the captive portal test. This means that Google knows every time a device raises a network connection.

Is this a problem? Google doesn’t get to find out anything except the IP number of the device, some limited information about the type of device, and the time of day. I’ve looked at the source code, and I don’t see any information other than this being sent – the code just uses the standard Java HTTP support to make the request. It’s plausible that, with a wide-area connection, the carrier might add additional information to the request, and Google might be able to infer your location from the IP number.

If you consider this to be too much of a risk, you can change the captive portal connectivity checker. Lineage provides no simple interface for this, but you can do it at the command line (e.g., by running a terminal app, or adb shell). You don’t need to root the phone to do this.

$ settings put global captive_portal_http_url http://my_server 
$ settings put global captive_portal_https_url https://my_server 

Unless you want to disable the captive portal check completely, you’ll need to identify a public webserver that can provide the appropriate response. There are many such servers; some Android replacements that focus more on de-Googling, like GrapheneOS, default to using one of these rather than Google. Even then, they usually have Google’s servers as a fall-back, because an outage of the conectivity check server could otherwise cause serious disruption.

On the whole, I regard this (captive portal check) a relatively harmless breach of privacy. It isn’t telling Google anything they’re not going to find out about in other ways.

DNS

Every time you use a hostname to identify a remote server, there’s going to be a DNS lookup. This lookup translates the hostname into a numeric ID for use with the TCP/IP protocol.

Internet service providers and mobile carriers operate DNS servers, but so does Google. DNS is potentially a privacy problem because the DNS server gets to learn every site you visit. It won’t see the actual URL of a web request – just the hostname. Still, that’s enough information to be concerned about. But it’s worth thinking about who the “you” is in “every site you visit”. To track you, personally, as an individual, the DNS server needs a way to relate your IP number to something that identifies you. There’s no definitive way for Google (or anybody) to do that; but there are statistical methods that can be very effective. They are particularly effective if you happen to use Google’s other services, because these will link a small number of personal Google accounts to an IP number.

Is this a problem for Lineage OS? While it might have been in the past, I don’t think Lineage now uses Google’s DNS, except perhaps as a fallback. Both WiFi and carrier Internet connections are initiated using protocols that can supply a DNS server. On my Lineage devices, I’m sure that these are the DNS servers that are being used. Still, there are references to Google’s DNS server – 8.8.8.8 – in the AOSP source code. So I can’t prove that Google’s DNS will never be used.

If you want, you can supply your own DNS server in the network configuration in the Settings app. But, unless you run your own DNS in the public Internet, you’ll be putting your trust in one mega-corporation or another. I suspect most are less worrying than Google, but perhaps not by much.

By the way – Lineage OS supports encrypted DNS. While that will prevent third-parties from snooping on your DNS traffic – including your mobile carrier or ISP – this won’t protect you from snooping at the DNS server itself. So encrypted DNS is no protection against Google, if you’re using Google’s DNS.

Assisted GPS

It takes a long time for a mobile device to get a robust fix on GPS satellites – a minute in good conditions, or several minutes in a weak signal area. Assisted GPS (A-GPS) primes the satellite fix using environmental data. This data might including a coarse location from a cellular network. With A-GPS, a satellite fix might take only a few seconds.

A-GPS data is processed by a remote server, that has the storage capacity to handle the large amounts of data involved. The main operator of such servers is, again, Google.

What can Google learn about a device using Assisted GPS? As in any Internet operation, it will find the device’s IP number, and it might find the coarse location. The Internet traffic associated with A-GPS can be encrypted but this, again, won’t protect it from Google. To determine the location of a specific individual, Google has to be able to relate the IP number to the individual. As discussed above, that can be done with a reasonable degree of confidence.

On recent Lineage versions, A-GPS is disabled by default. If enabled, it uses Google’s servers – so far as I know there are no widely-available alternatives. I just keep it disabled, and live with the disadvantage of longer GPS start-up times.

Time synchronization, NTP

At one time, Lineage OS used Googles’ time servers to set the time on the device. So far as I know, this is no longer the case – a general pool of NTP servers is used. Even if that were not the case, I can’t worry too much about leaking time synchronizing data.

WebView

I believe that WebView is the most troubling source of privacy concerns for Lineage OS, and the one whose ramifications are the least well-understood.

WebView is a component of Android that renders web pages. Of course, a web browser will do this, but many Android apps and services have a need to render pages without actually being a browser. The ‘captive portal’ support I described above is an example: the device needs to render a page for user to log in or purchase Internet access, even if no web browser is installed.

Lineage OS uses the WebView implementation from the AOSP, which is based on Chromium. Chromium is Google Chrome without the proprietary Google stuff, and it’s undoubtedly less of a privacy concern than Chrome would be. But Chromium, even though it’s open-source, is still primarily a Google product.

There are many known instances where Chromium will provide some user data to Google servers. For example, we know that Chromium downloads lists of ‘unsafe’ websites to support its ‘safe browsing’ feature. This will happen however Chromium is used. When used as a regular web browser, Chromium might send data to Google for its ‘hot word’ detection, for example.

When Chromium is only used to provide a WebView implementation, I’m not convinced that these minor privacy breaches are significant. It’s worth bearing in mind that the Jelly browser that is shipped with Lineage OS is just a wrapper around the Chromium WebView – if you use this browser, you’ll have the same privacy concerns as if you use Chromium itself.

There are a number of Google-free WebView implementations, like Chromite. GrapheneOS uses a WebView implementation called Vanadium, which is essentially a de-Googled Chromium. Installing one of these implementations on Lineage OS is not straightforward, or so it seems to me.

I don’t use Jelly or Chromium itself as a web browser – I install a browser that is not based on Google code, like Firefox. This limits my exposure to Chromium to occasions where WebView is used other than as a browser. In my normal usage, I don’t think there are many of those occasions, so I’m not too worried about WebView.

Nevertheless, it remains a slight concern and, if I could replace it without a lot of effort, I would.

Are we in tinfoil hat territory now?

I don’t like Google knowing so much about me, but I don’t believe Google’s data collection is directly harmful to me. My disapproval of Google’s activities (and I know Google is not the only culprit) is mainly one of principle. I don’t want to be a source of revenue for Google, or to legitimize their behaviour by my own inaction. I don’t want Google to make the Internet more of a hellscape that it currently is.

But I’m not paranoid. I don’t think Google is out to get me, or is in league with people who are. My rejection of Google falls short of doing things that will make my life hugely more difficult.

I am aware, all the same, that I have one foot in tinfoil hat country.

I know a few people – some in my own family – who eschew smartphones because they create time-wasting distractions. I certainly know people who don’t give smartphones to their kids, because of the well-known risks that social media poses to their mental health. But almost nobody avoids Google because they believe, as I do, that the surveillance economy is detrimental to society in the long term. Even those few who do believe this are mostly not willing to take action, because they believe (or convince themselves) that the benefits of a connected world outweigh the costs of a total lack of privacy. For me that’s like understanding the risks of climate change, and yet choosing to run two or three gas-guzzling cars because it’s a half-mile walk to the shops.

The few people who do believe as I do, and are willing to act on their beliefs, tend to be people who also believe that they’re being monitored by the CIA, or that Covid vaccines are implanting mind-control receivers. That’s not a gang that I want to run with.

On the whole, I’m satisfied that Lineage OS, as I use it, is preventing nearly all of Google’s data collection. I don’t install or use any Google services, I don’t enable A-GPS, I don’t use Chromium or the built-in browser. I could eliminate more arcane aspects of data collection – like the Internet connectivity check – if I wanted to take the trouble.

I don’t think that taking reasonable precautions to avoid becoming part of Google’s data collection economy makes me a tinfoil-hatter. Nevertheless, I would probably use GrapheneOS instead, if I had devices that supported it. Ironically, if I wanted to use GrapheneOS, I’d have to buy Google-branded mobile devices, which is an irony that really stings.

So DNS Black-holing is not new obviously, and what stands out as the go to solution? Pihole probably... and yeah thats what im using because hey its a popular choice. Though I am running it in docker. Combining that with Unbound (also in docker), and configuring outbound DNS to use DNS over TLS, with a few additional minor tweaks, but otherwise mostly standard configuration on both.

Wondering what you guys might be using, and if you are using Pihole and/or Unbound if you have any tips on configuration.

Happy to share my config if there is interest.

cross-posted from: https://lemmy.world/post/31808224 Please see the cross-post as it is updated.

What is the best degoogled tablet for an artist

what is the best tablet for iodeOS, GrapheneOS and LineageOS

• with smooth stylus support that is as good as apple pen
  • palm rejection
  • pressure sensitive stylus
  • works well for krita / excalidraw / xournalapp
  • latency
• at least 16GB RAM and 256GB storage

For iodeOS, it doesn't seem to support any tablet device officially

• iodéOS official supported devices - iodé

For GrapheneOS, the only choice is google pixel tablet (or maybe pixel fold). However

• pixel tablet have latency issue
  • based on Google Pixel Tablet Review - YouTube
• pixel fold does not support stylus
  • workaround This Stylus Pen works with the Google Pixel Fold - YouTube
• Can someone share their GrapheneOS pixel tablet experience on krita / excalidraw / xournalapp?

For LineageOS

• What tablet+stylus+LineageOS has the best performance?
• What tablet+stylus+LineageOS has the best balance between price and performance?
• Can someone share their stylus experience on krita / excalidraw / xournalapp?

Sincere thanks

cross-posted from: https://lemmy.world/post/31808224 Please see the cross-post as it is updated.

According to a post online, Thunderbird email client makes connections to sites that have nothing to do with sending and receiving email, for "telemetry" and other questionable reasons

Is this something we should be concerned about? Is there a good alternative to Thunderbird given that it seems to have telemetry implemented inside it?

I use Thunderbird heavily and I'm really worried about this problem. Can someone clarify whether if thunderbird is trustworthy?

Below is the post https://support.mozilla.org/en-US/questions/1381543

In case it gets taken down, a user asked this:

I would like to know why, when Thunderbird first starts up or shortly thereafter, it attempts to connect to the following sites:

detectportal.firefox.com

status.geotrust.com

thunderbird-settings.thunderbird.net

It does not need to connect to any of these to send or receive email, so I would like to know why it's attempting to connect to those addresses. Little Snitch is blocking them for now but if one of them is important I can remove that block.

Also, at some point every day, Thunderbird complains that it can't get the latest version, and every day I have to dismiss that popup. I bring this up because it may be related to me blocking the connections but until I know what they are for I'd like to know if it is possible to make Thunderbird stop checking for updates.

They all concern me but the one that really concerns me is thunderbird-settings.thunderbird.net, first because it is listed as a bad address on one of the malware sites, and second because I don't want my settings being sent off my computer. Really the only reason I want Thunderbird to connect to the Internet is to send and receive mail, and maybe to check for updates if it can do ONLY that, and not send any other data from my computer back to the mothership.

And this was the response, from a "Top 10 Contributor"/"Moderator" (emphasis added):

Firefox.com is owned by Mozilla corporation.

Thunderbird.net is owned by the Thunderbird project / Mzla technologies

GeoTrust is an Audited encryption certificate purveyor with a huge web presence that is a subsidiary of DigiCert, a larger certificate and PKI company.

If you have software identifying either an malware sites or some other imagined bad sites then I suggest you get rid of it. This is course unless you suspect Thunderbird or Mozilla of nefarious intentions in which case you probably want to remove their products and use another mail client and browser.

Why does Thunderbird try and connect to the web? Because significant part off it are web pages. That is why there are so many external preferences loaded in the defaults.

Another response on this site states https://support.mozilla.org/en-US/questions/1251590 detectportal.firefox.com is used to detect captive portals on public wifi networks to be able to redirect you to their logon screen, so you don't just get page loading errors in firefox (set network.captive-portal-service.enabled to false in about:config in order to disable that feature). Thunderbird ises the Fireofx code base and will be doing the same of web pages.

I would guess without trying that status.geostruct.com is an attempt to verify the legitimacy of a geotrust SSL/TLS certificate issued by probably your mail server as Thunderbird.net uses lets encrypt and Firefox uses Amazon. I assume your connections are encrypted. Probably prompted by the setting Query OSCP responder servers to confirm the current validity of certificates.

I clicked the link you posted to thunderbird-settings.thunderbird.net which gave me a link to https://docs.kinto-storage.org/en/stable/overview.html where I read

At Mozilla, Kinto is used in Firefox for global synchronization of frequently changed settings like blocklists, experimentation, A/B testing, list of search engines, or delivering extra assets like fonts or hyphenation dictionaries.

Given Thunderbird is built on the Mozilla platform, I think we have an answer.

All I can say is in this day and age, software calls home extensively to report telemetry, load web pages and download settings appropriate for certain actions like configuring an account. TRying to prevent that is really limiting the software ability to function as a fairly basic level.

You have listed three of perhaps twice that number of sites Thunderbird will regularly connect to.

On startup it will load a web page from

https://live.thunderbird.net/

Opening the addon page will load Thunderbird.net pages as will viewing the release notes, or any of the entries on the help menu except about. Some open in a browser window, others open internally to Thunderbird. I have no idea what exact connections are made and I am not aware of any list or page that monitors them.

Checking for updates is not optional, The team do not want folk using old versions of the software as it exposes them to increased security risks as each version contains security enhancements. Updates can be managed in corporate situation using group policies. Otherwise stand alone users are limited in their options options to automatic install or not.

I won't post the user's reply to that (it is a bit lengthy) but he's not happy with the response. He just wants an email client that will connect to Google' email service using oAuth. As he says, he already has several web browsers and doesn't need another. He just wants his email program to do email and that's all, apparently.

I think maybe the Thunderbird developers have some explaining to do, particularly with regard to why they are forcing telemetry on users and giving them no way to opt out.

Should I Disable WebSocket Connection on My Web Browser (in terms of privacy)?

Considering disabling WebSocket connections for security reasons. Any experience or thoughts? Have you disabled WebSockets? Any notable issues or performance changes?

Browser Timezone & Privacy Concerns

How can I hide my "timezone" from sniffing sites?

From my understanding, websites can access both the timezone of my browser (without using javascript) and the timezone of my local machine (using javascript). my question being

• If a website has access to my local machine's timezone, does it mean it has access to other information on/about my local machine?
• According to Privacy - How can I hide my "timezone" from sniffing sites? - Super User, we must disable JavaScript to block timezone access. However disabling javascript is not really feasible as it breaks most of websites. Is there a workaround that allows us to block JavaScript from running specific commands?
• Maybe my understanding of JavaScript is incorrect, but if a website has the privilege of running any program on my computer through the web browser, it can retrieve all the information it needs. If I don't disable JavaScript while using the browser, I don't see the point in resisting fingerprinting, like spoofing my device info.

appreciate any help!

I’m curious about how DuckAI is able to stores chat conversations.

How it is able to store my conversation for over a month?

Why do we need to sign in zotero account to use WebDAV

Zotero 7 Lost WebDAV - Zotero Forums

Is zotero trustworthy given that it forces people to create a zotero account and possible forces people to sync their data to their server?

At this point it not about passive collection, corporations are going to extreme ends to get our data.

https://www.zeropartydata.es/p/localhost-tracking-explained-it-could

I am interested in what people are doing to enforce their privacy while using the web.

I have some things in place, looking to compare with the community.

(btw, I am new here, this is my first post. So uh… Hi )

GrapheneOS vs LineageOS vs iodéOS

According to Comparison of Android-based Operating Systems, GrapheneOS seems to be better than LineageOS and iodéOS in every aspect.

I'm wondering if there is any downside of GrapheneOS. What am I giving up for using GrapheneOS instead of LineageOS and iodéOS (besides GrapheneOS only support pixel)?

In terms of privacy, security, customizability and functionality, which OS would you recommend and on what device would you recommend using it?

Answered questions

• Does LineageOS supports muti profile like GrapheneOS (I thought all AOSP supports multiprofile feature)
  • yes https://lineageos.org/Introducing-the-LineageSDK/
• Does LineageOS supports full device encryption using some open source app? (like veracrypt)
  • @https://lemmy.world/u/who@feddit.org Yes, full-device encryption is built in to Android these days.
• Can LineageOS supports Sandboxed Google Play with some tweaks?
  • no

Some questions

• If there is backdoor planted in pixel (which in my opinion is very likely), then I guess the “risk of an adversary gaining physical access to the phone” is quite equal for both of OS?
  • https://lemmy.world/u/upstroke4448@lemmy.dbzer0.com - It is highly unlikely there is a backdoor in the Pixel. It’s just not worth the risk for Google. Not only are the phones highly scrutinized by experts but Google has a million other legal ways to get info off your phone for 99% of users who use the stock OS.
• @benjaminoakes https://lemmy.world/u/benjaminoakes (how do I @ another user in lemmy???) and I qoute "Graphene is likely to run into issues soon. They were relying on the AOSP source tree including Pixel-specific files. Google isn’t releasing those anymore, so GrapheneOS would have to reverse engineer or extract the needed files somehow."
  • should I be concerned about this issue? Will it affect my experience in the next 5 years ? (I usually update my device in 5 year cycle)

thanks a million

Recently, I can't access any GitHub repositories without having to sign in. This is becoming frustrating.

I'm looking for an alternative to switch to that has good git push/pull speeds (I've visited one which speeds are slow for me).

Any good options? Would one of the following be good?

• Codeberg
• Gitlab

been tracking the ORBs along with TrashFuture. not good.

cross-posted from: https://lemm.ee/post/67352766

Looking for Privacy-Oriented Open-Source Android Browsers

I'm looking for a privacy-focused, open-source Android browser. Here are some options I've found:

• IronFox
  • recommended by LibreWolf
• Fennec
  • no repo
• Waterfox
• Vanadium
  • only available on GrapheneOS
  • better security
• iceraven
  • most stars
  • https://lemmy.world/u/Thetimefarm@lemm.ee - As far as I know ironfox supports any extensions normal firefox mobile does, but neither give you access to the full full extensions store. Iceraven is the only mobile browser I know of that lets you use all the extensions that you can on desktop firefox.
• bromite
  • no longer maintained
  • Bromite has a fingerprint randomization and Vanadium doesn't. But Vanadium has better security if you use Graphene. So yeah, for privacy Bromite might be better
• cromite
  • Bromite fork
• brave
  • controversial
• duckduckgo

Is there any other browser out there that fits this criteria? Is there an even better choice? I’m particularly interested in ones that focus on privacy.

UPDATE: iceraven vs ironfox

https://www.reddit.com/r/browsers/comments/1lkagoz/iceraven_vs_ironfox_firefox_fork_for_android/

I use both! Ironfox is hardened to improve security as best as possible for a gecko based android browser and focuses mainly on preventing fingerprinting, similar to mullvad's browser. Because of these extra privacy protections some websites will be more prone to break or render goofy on ironfox, but luckily I haven't ran into that issue yet.

Iceraven just strips out mozilla's tracking and adds tons of extra extensions and customizability, but doesn't include the extra security hardening or fingerprint protection like ironfox does.

Both devs are very good at keeping up with releases imo.

So if you really need airtight fingerprint prevention, or want extra security hardening, I'd go with ironfox. Also just a note, even with ironfox's hardening, it's still not as secure as a chromium based browser. Some people have very strong opinions on the gecko vs chromium security debate so I'm just pointing that out as a disclaimer. If you're gonna be treading into websites where there's a significant risk of picking up something nefarious in the background, stick with a chromium based browser for those sites as a precaution. Just my 2 cents.

EDIT: in terms of popularity, privacy and functionality I guess the best choices are iceraven (based on firefox) as it has most stars on github and cromite (based on chromium) as brave is controversial

Solved Questions

I know that Brave is a bit controversial, but If Brave does something behind our backs wouldn’t we be able to know it since all the source code is out there? If it has some features we don’t like can’t we simply modify the source code?

@slackness

re: open source In theory: yes. In practice: maybe. It’ll probably eventually be caught by some researcher but unlike popular belief all open source code bases are not constantly being audited by the community. A random person can’t just read Brave source code for all platforms and accurately gauge if they’re doing something nefarious. It is very easy to hide stuff in code or misuse a protocol for evil purposes, etc.

You can modify the source code but as evident by the fact that there’s no Brave fork with crypto removed (there was one but their branding was too similar to Brave’s so they got sued), it’s not an easy feat to maintain that.

few questions

• What is the difference between IronFox, Fennec, Waterfox and iceraven?

As far as I know ironfox supports any extensions normal firefox mobile does, but neither give you access to the full full extensions store. Iceraven is the only mobile browser I know of that lets you use all the extensions that you can on desktop firefox.

Is there a privacy-focused accurate handwriting-to-text option for android? Ideally it would run locally on device with no required connection to the internet.

Thanks for any recommendations in advance.

cross-posted from: https://lemmus.org/post/13908976

By Jen Sorensen.

“To facilitate this vetting, all applicants for F, M and J non-immigrant visas will be asked to adjust the privacy settings on all their social media profiles to ‘public’”, the official said. “The enhanced social media vetting will ensure we are properly screening every single person attempting to visit our country.”

Hello everyone. I'm in the process of migrating approx 28 users to Threema. I would appreciate any spare promo codes that you might have. Many thanks!