Andromxda

Andromxda , 1 day ago to Selfhosted in How do I make my immich available publicly?

Tailscale has a very neat feature called Tailscale Funnel, which makes this pretty easy

Andromxda , 2 days ago to solarpunk memes in no really how do we fix this?

4get, SearXNG and Whoogle are pretty good proxies for most search engines. I've recently been enjoying 4get with DuckDuckGo, it works really well. No ads, no trackers, no bullshit. Just a lightweight page that allows me to search the web privately.

Andromxda , 2 days ago to Technology in United Airlines passengers to see targeted ads on seat-back screens

Airlines in America really suck, I feel like we have much better options here in Europe

Andromxda , 2 days ago (edited 1 day ago) to Technology in United Airlines passengers to see targeted ads on seat-back screens

Why is my neighbor receiving ads for anger management?

He probably gets aggressive when seeing too many ads

Andromxda , 2 days ago to Selfhosted in Networking Gear Recommendations? (starting from scratch)

It's not cheap, but this setup doesn't just serve as a router. It's also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I'm speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it's called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it's very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.

Andromxda , 3 days ago to Privacy in GrapheneOS Now Supports a Duress Reset PIN

It doesn't say anything. It shuts the device down almost instantly, and simulnateously wipes the encryption keys from the secure element, ensuring that the data stored on the SSD can't be decrypted.

Andromxda , 3 days ago to Privacy in Why do so many people still hate GrapheneOS?

Yes it is.
https://madaidans-insecurities.github.io/android.html#lineageos
https://eylenburg.github.io/android_comparison.htm

Andromxda , 3 days ago to Privacy in Why do so many people still hate GrapheneOS?

I don't know why it's blank, but when checking the c/privacy modlog from my instance, I can't find anything.
https://lemmy.dbzer0.com/pictrs/image/0b9a41f9-fcec-4f6f-ac75-533eb2399de1.png

But when I go to lemmy.ml and check the modlog from there, I see this:

https://lemmy.dbzer0.com/pictrs/image/f1308d7c-6449-4797-bbfc-c5792968936a.png

Andromxda , 3 days ago to Selfhosted in What tips or resources would you recommend to someone who knows about Linux and wants to self-host, but has no experience self-hosting?

+1 for NetBird

Andromxda , 3 days ago to Technology in Microsoft's Recall Feature Is Even More Hackable Than You Thought

Mental Outlaw recently made a pretty good video about this, where he showed how to access and analyze the data that's been saved by Recall. It also shows how easily an attacker could grab all that data. https://www.youtube.com/watch?v=oSBDkPxivuA

Andromxda , 3 days ago to Privacy in Why do so many people still hate GrapheneOS?

Because Lemmy.ml mods are morons

Andromxda , 4 days ago to Privacy in Why do so many people still hate GrapheneOS?

Your logic is quite flawed.

privacy-oriented distributions are more likely to be targeted by intelligence agencies

Since GrapheneOS is based on Android (AOSP), any vulnerability that exists in Graphene definitely also exists in AOSP. Graphene is often faster at fixing security vulnerabilities than Google. GrapheneOS makes some substantial security improvements to AOSP, so the chance of a bug in AOSP being exploitable in Graphene is much lower.

trusting your OpSec in the good will of someone it's not a good idea, at least for me

That's literally what you're doing with the stock OS. Since it's proprietary, no one can actually verify what's actually going on. You're literally trusting a billion-dollar big tech advertising corporation that participates In the NSA PRISM program. What you're saying doesn't make any sense.

Andromxda , 4 days ago to Privacy in Why do so many people still hate GrapheneOS?

The fact that the system is open source

Andromxda , 4 days ago to Privacy in Why do so many people still hate GrapheneOS?

That's why the modem is isolated from the rest of the system through IOMMU: https://grapheneos.org/faq#baseband-isolation

Andromxda , 4 days ago to Selfhosted in Networking Gear Recommendations? (starting from scratch)

I recommend building your own router. It might sound complicated but it's not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you're ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I'm very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.