Recently, I can't access any GitHub repositories without having to sign in. This is becoming frustrating.

I'm looking for an alternative to switch to that has good git push/pull speeds (I've visited one which speeds are slow for me).

Any good options? Would one of the following be good?

• Codeberg
• Gitlab

been tracking the ORBs along with TrashFuture. not good.

cross-posted from: https://lemm.ee/post/67352766

Looking for Privacy-Oriented Open-Source Android Browsers

I'm looking for a privacy-focused, open-source Android browser. Here are some options I've found:

• IronFox
  • recommended by LibreWolf
• Fennec
  • no repo
• Waterfox
• Vanadium
  • only available on GrapheneOS
  • better security
• iceraven
  • most stars
  • https://lemmy.world/u/Thetimefarm@lemm.ee - As far as I know ironfox supports any extensions normal firefox mobile does, but neither give you access to the full full extensions store. Iceraven is the only mobile browser I know of that lets you use all the extensions that you can on desktop firefox.
• bromite
  • no longer maintained
  • Bromite has a fingerprint randomization and Vanadium doesn't. But Vanadium has better security if you use Graphene. So yeah, for privacy Bromite might be better
• cromite
  • Bromite fork
• brave
  • controversial
• duckduckgo

Is there any other browser out there that fits this criteria? Is there an even better choice? I’m particularly interested in ones that focus on privacy.

UPDATE: iceraven vs ironfox

https://www.reddit.com/r/browsers/comments/1lkagoz/iceraven_vs_ironfox_firefox_fork_for_android/

I use both! Ironfox is hardened to improve security as best as possible for a gecko based android browser and focuses mainly on preventing fingerprinting, similar to mullvad's browser. Because of these extra privacy protections some websites will be more prone to break or render goofy on ironfox, but luckily I haven't ran into that issue yet.

Iceraven just strips out mozilla's tracking and adds tons of extra extensions and customizability, but doesn't include the extra security hardening or fingerprint protection like ironfox does.

Both devs are very good at keeping up with releases imo.

So if you really need airtight fingerprint prevention, or want extra security hardening, I'd go with ironfox. Also just a note, even with ironfox's hardening, it's still not as secure as a chromium based browser. Some people have very strong opinions on the gecko vs chromium security debate so I'm just pointing that out as a disclaimer. If you're gonna be treading into websites where there's a significant risk of picking up something nefarious in the background, stick with a chromium based browser for those sites as a precaution. Just my 2 cents.

EDIT: in terms of popularity, privacy and functionality I guess the best choices are iceraven (based on firefox) as it has most stars on github and cromite (based on chromium) as brave is controversial

Solved Questions

I know that Brave is a bit controversial, but If Brave does something behind our backs wouldn’t we be able to know it since all the source code is out there? If it has some features we don’t like can’t we simply modify the source code?

@slackness

re: open source In theory: yes. In practice: maybe. It’ll probably eventually be caught by some researcher but unlike popular belief all open source code bases are not constantly being audited by the community. A random person can’t just read Brave source code for all platforms and accurately gauge if they’re doing something nefarious. It is very easy to hide stuff in code or misuse a protocol for evil purposes, etc.

You can modify the source code but as evident by the fact that there’s no Brave fork with crypto removed (there was one but their branding was too similar to Brave’s so they got sued), it’s not an easy feat to maintain that.

few questions

• What is the difference between IronFox, Fennec, Waterfox and iceraven?

As far as I know ironfox supports any extensions normal firefox mobile does, but neither give you access to the full full extensions store. Iceraven is the only mobile browser I know of that lets you use all the extensions that you can on desktop firefox.

Is there a privacy-focused accurate handwriting-to-text option for android? Ideally it would run locally on device with no required connection to the internet.

Thanks for any recommendations in advance.

cross-posted from: https://lemmus.org/post/13908976

By Jen Sorensen.

“To facilitate this vetting, all applicants for F, M and J non-immigrant visas will be asked to adjust the privacy settings on all their social media profiles to ‘public’”, the official said. “The enhanced social media vetting will ensure we are properly screening every single person attempting to visit our country.”

Hello everyone. I'm in the process of migrating approx 28 users to Threema. I would appreciate any spare promo codes that you might have. Many thanks!

Cock.li confirmed the validity of the breach based on sample data and column structure, stating that the exposed dataset includes roughly 1,023,800 user records. The compromised fields include email addresses, timestamps of first and last webmail logins, failed login attempt data, language preferences, and serialized Roundcube user settings such as webmail signatures and interface configurations. Additionally, approximately 93,000 contact entries associated with around 10,400 users were leaked, containing names, email addresses, comments, and vCard data.

Not sure why people ever trusted a meme email provider in the first place...

The Minnesota shooter apparently used data broker websites to find the home addresses of the people he shot and murdered.

Congress has had years to do something about data brokers and they've sided with the tech lobby over and over again.

Their inaction is deadly.

By Evan Greer

I'm looking to direct people to message me on Signal, Matrix, etc. Any suggestions? Thanks in advance

I created a 5-week degoogling plan PDF based on the steps in my book DISENGAGE: Escape the Leash of Big Tech, Scams and Surveillance—Everyday Resistance for the Digital Underdog.

Before I finalize and post it to my site, I'd love some feedback from people who have degoogled or are in the process of doing so.

The final package will be a single PDF, and I've pasted images of the pages below. The final infographic has a link for each product. Please don't worry about formatting issues, I'll get those fixed. But in general, I'm wondering.

• Does this seem motivational/doable?

• Are the tips clear?

• Is there anything that is now incorrect? I wrote the book originally two years ago and updated it in February, so some of my suggestions may already be out of date.

• At the bottom I mention that full instructions for each step are available in DISENGAGE, which is a free book. Is that enough? Or should I instead either note which chapter/page to look at for each step, or directly include links to instructions/tools online?

• The infographic at the end...is it weird to be sideways? I created it a while ago and don't want to have to redo it to fit the orientation. I could offer that separately, OR I could redo the whole PDF to be landscape instead of portrait (which I don't love).

• I'm thinking of turning this into a group challenge (also no cost). If there's enough interest, it could be the checklist, the book, and a Signal group (maybe with a weekly call). I don't know nearly everything about the topic, but I did degoogle myself, and everyone in the group/on the call can share questions and suggestions. What do you think of this idea?

Thanks!

Hi, I'm looking for a mail client that is well suited for managing multiple identities and can easily handle routing everything over an anonymity network.

I would use Thunderbird, but I think when you take it online, it downloads from all your connected email accounts. I want to "go online" at will toward particular email addresses, in other words I do not want my upstream mail provider to be able to associate my accounts in any way, including access time, assuming there is a large enough other pool of people using the same client/anonymity network.

Are there any that are well made for this purpose? Otherwise I will use the mail frontend over Tor or something, but it would be nice to have a lightweight client-side application too so I can keep my emails downloaded and delete them from the server.

Hello, I just wanted to share my story regarding having a domain with Njalla using ProtonMail/SimpleLogin's services.

TLDR (full story below): You may not be able to send emails from your domain with ProtonMail/SimpleLogin if your domain is registered with Njalla (or any other "privacy-friendly" domain registrar).

Full-story:

I had a domain with Njalla (njal.la) for a couple of years, and at the same time, I was using this domain with ProtonMail (to send emails from my domain) and SimpleLogin (catch-all aliases with my domain). I never had any issues during the last few years until recently:

• A few months ago, beginning of 2025, I suddenly wasn't able to send emails from my domains/aliases: They were rejected ("Undelivered Mail Returned to Sender") because I was listed on Spamhaus (a service which lists domain reputation, check.spamhaus.org). I contacted Proton's support, and they advised me to reach out Spamhaus directly to resolve this issue. I was able to request a delisting of my domain "automatically" (through a form), and a few days later, my domain had been "automatically" delisted and I was thus able to send emails again.
• A month ago, my domain has suddenly been re-listed on spamhaus, again. This time, I wasn't prompted with the automatic delisting form like the first time. I had to contact through a form Spamhaus and I had to write a small text requesting to be delisted and explaining to them how I was not using my domain for spamming/scaming/bulk email sending/etc... This time, spamhaus refused to delist my domain because my domain was considered as an Internet neighbourhood with “poor reputation” that has shared (or inevitably will share) its negative reputation. (...) The domain is not eligible for removal while being associated with this neighbourhood. We recommend moving your domain to a hosting network with good reputation.. I was talking with Njalla's support and ProtonMail's support at the same time, and they basically both told me that there is nothing they could do. I was basically forced to transfer my domain to a new domain hoster provider. And not any other domain hoster, but one with a "good" reputation (when I asked if transfering to 1984 (https://1984.hosting/), a privacy-friendly domain provider, Spamhaus discouraged me to do so.

To sum it up, by having your domain with any privacy-friendly service (like Njalla, 1984, ...), there is a chance that your domain will be listed on Spamhaus, preventing you from using your domain with ProtonMail/SimpleLogin.

I find it ironic from Proton, as they even encourage using Njalla/1984 in one of their blog article: https://proton.me/blog/professional-domain-and-email. At the end, I'm a bit pissed by Spamhaus's behaviour and also ProtonMail for using such services.

Here are screenshots of my discussions with ProtonMail, Njalla and Spamhaus support if anyone is interested enough in reading the whole discussions: https://postimg.cc/gallery/phgVK4M

Just wanted to share my story to help other people know about this issue and the issues they might encounter with ProtonMail based on their DNS provider choice.

I know the generall guidance for private phones was Pixel with graphene OS. I was financially planing on buying a 10th gen pixel when they come out later this year to only put gos on it. However with the recent news, I am wondering if this is still the recommended best practice from this community.

I am worried that if the gos team needs to spend tonnes of ressources on maintaining basic drivers and stuff then they won't have any time to work on the privacy and security features they are best known for.

What is your oppinion?

Also does anyone have a way to dpam feedback to google? I couldn't finf a generall feedback form, but if they know that people aren't buying their hardware because of this decision, they might back down. (I really fell in love with gos researching it lately so I would hate to have to switch to something like /e/ os or calyx or something)

May be a stupid question, but it occurred to me that when renewing official IDs, fingerprints are registered, and of course, there's a clean shot of your face. Kinda makes me uncomfortable, since fascism seems to be on the rise pretty much everywhere. How do you guys deal with this? Necessary evil?

Meta devised an ingenious system (“localhost tracking”) that bypassed Android’s sandbox protections to identify you while browsing on your mobile phone — even if you used a VPN, the browser’s incognito mode, and refused or deleted cookies in every session.

This is the process through which Meta (Facebook/Instagram) managed to link what you do in your browser (for example, visiting a news site or an online store) with your real identity (your Facebook or Instagram account), even if you never logged into your account through the browser or anything like that.

Meta accomplishes this through two invisible channels that exchange information:

(i) The Facebook or Instagram app running in the background on your phone, even when you’re not using it.

(ii) Meta’s tracking scripts (the now-pulled illegal brainchild uncovered last week), which operate inside your mobile web browser.

Or a fork of Firefox like fennec

How bad is Android Auto for privacy on a stock Pixel phone. What can the car and car vendor get access to.