Charger8232

Charger8232 OP , 1 day ago

Aegis is Android only.

Charger8232 OP , 1 day ago

It’s open-source and recommended by PrivacyGuides

Very helpful, thank you! Raivo was, unfortunately, sold out to a company months ago. Many people, like myself, flocked to 2FAS. It's nice to know that other options are popping up.

Charger8232 OP , 1 day ago

In terms of privacy, using a normal credit/debit card provides very little protection.

Charger8232 OP , 2 days ago (edited 2 days ago)

If you close that prompt it will ask to choose local/cloud storage and enter your master password. Once I did that all of my keys showed up.

Sadly they didn't show up for me. Best of luck exporting your codes o7

Edit: I've been really happy with 2FAS as an alternative.

Charger8232 OP , 7 days ago (edited 7 days ago)

Many people's threat models, like my own, are against mass surveillance. This falls under that category, even if it's being handled responsibly. The issue is people have no way to opt out, and there is a lack of transparency about the use of facial recognition.

Charger8232 OP , 7 days ago

Just because mass surveillance is already happening doesn't mean we should accept it as our only option. While it's true that governments and corporations are collecting data on us, there is still merit in pushing back against these practices. The point of privacy is not to hide everything and live in the woods, the point of privacy is to have control over what data you share, when you share it, and with whom you share it with. The problem isn't facial recognition itself, the problem is living in the woods shouldn't be the only way to avoid it. We should be able to opt out. What may seem fine to you is not always fine with others. That's why threat models exist, after all.

Charger8232 OP , 7 days ago

Correct, however this issue primary affects US citizens, given that driver's licenses aren't the only ID the DMV takes pictures for (e.g. the aforementioned Real ID)

Charger8232 , 7 days ago

Is this because I am using a free tier VPN? so it’s not functioning properly etc…

Free tier VPN services often come at the cost of some privacy and security features, but ProtonVPN will still protect you against IP address leakage regardless.

Else google fixed my location based on my previous location history?

Google stores location information indefinitely, so even if you are using a VPN right now it will still have a history of your real location.

Some other ways your location can get leaked to Google:

• Location access for websites
• Using stock Android or ChromeOS logged into that Google account
• Installing Google apps on your computer
• DNS leaks (e.g. through TunnelVision or a custom DNS over your VPN)
• WebRTC leakage (this is a technicality and your VPN should protect against this. The uBlock Origin extension also helps)

Hope this helps!

Charger8232 OP , 7 days ago

What would keep people from just taking a stolen phone to t-mo to have them unlock it without this?

Phones can be marked as lost/stolen by reporting the device's IMEI number, but this one was not flagged under any suspicious activity. The owner simply didn't carrier unlock it, for whatever reason.

You need to make sure the phone is unlocked before you buy it.

The reason I ended up with a carrier locked phone is because of miscommunication that wasn't on my end. The phone I intended to buy was carrier unlocked.

Charger8232 OP , 7 days ago

I'm aware that carrier unlocking and OEM unlocking are two separate things, but apparently I was under the misconception that (since OEM unlocking being disabled is due to a carrier lock) I would be able to OEM unlock after carrier unlocking. Thank you for informing me that that is not the case. Do you know specifically which carriers besides T-Mobile and Verizon disable the setting?

Charger8232 OP , 7 days ago

I'd looked into third party unlocking services, but I could tell that it was most likely almost never legitimate, and so I never tried any.

Charger8232 OP , 7 days ago

Cellular providers don't want you being able to switch from carrier to carrier, and to prevent this they make sure you can't change certain settings like OEM unlocking.

P.S. Android allows you to wipe eSIM data, but I'm not sure how securely it does that.

Charger8232 OP , 12 days ago

Thank you so much! Have you personally used BiglyBT? If so, is there anything I should know?

Charger8232 OP , 12 days ago

If I had the technical skills to do it, there are a few things I would like to see added.

Would you mind sharing what some of those are?

Charger8232 OP , 12 days ago

Mainly a dark mode for the main interface

Does it allow dark mode while reading books?

Charger8232 OP , 12 days ago

Thanks for your suggestions! I guess I hadn't checked if there was already a backup service built in. I checked out the Linux app for Stremio, and it's largely just a privacy respecting catalog given that you need to pay for the underlying streaming service, unless you torrent of course.

Charger8232 OP , 12 days ago

I've found I automatically compartmentalize my mobile accounts from my desktop accounts, so I have never had the need to sync my KeePass database. Do you have any concerns with KDEConnect I should know about?

Charger8232 OP , 12 days ago

What made you choose Booky McBookface over other apps? Have you tried other apps and found problems you didn't like?

Charger8232 OP , 7 days ago

Thank you, that helps a lot!

Charger8232 , 12 days ago

I have made it a point to avoid iCloud, and occasionally I will find apps that have been enabled to sync with iCloud that were previously disabled. I am the proud owner of a zero kilobyte iCloud account. (And the proud owner of a brand new GrapheneOS device. See you, Apple!)

Charger8232 , 1 month ago

While this may not be what you're looking for, it's worth mentioning that a good ol' pencil and paper does wonders. It won't have everything you need, but you can time how long you ran for with a stopwatch, count how many pushups you do, manually measure your pulse, etc. If you're good with data processing you can stick the data in a spreadsheet and process it to see your progress. The bonus is you'll learn a lot more about health through doing it yourself. Besides that, I've never used a smart watch or fitness tracker. I've just exercised until I get tired.

Charger8232 OP , 1 month ago

If you completely lose your password to your vault there is nothing you can do, simple as that. Don’t lose it.

Unfortunately, as mentioned in the post, there are some ways to lose access to your password that are out of your control. Furthermore, the more places you store your password the less secure it is. It would be a lot easier to be able to authenticate with multiple authentication methods individually, than to rely on having access to all of them at once. That's the problem I'm trying to address here.

Cloud-based sync is incredibly easy with self-hosted cloud, as pointed out by the KeePassXC FAQ. Self-hosted cloud is effectively a local solution.

It is still subject to the issues listed in the 3-2-1 rule, however the goal of self hosting itself conflicts with that rule (since the rule dictates the use of off-site cloud storage). I will note, it does somewhat solve the issue of keeping database backups, as any device pulling from the local cloud server effectively becomes a backup of your database.

Charger8232 OP , 1 month ago

My method is that I have a passphrase with some special symbols that unlocks my database and it is decently long.

Where is your password stored? If it's only by memory, what happens if you forgot it or needed someone else to unlock it in an emergency?

Charger8232 OP , 1 month ago

Most passwords can be converted to passphrases to help you remember them. A password "8pmfvt3bww7t" could be remembered as "8 pandas might find vases that 3 bears will wash 7 times." Obviously not all passwords will work for this, but it's a good way to remember random strings. Passphrases are long in characters but have an entropy dependent on how long your wordlist is. For example, 3 words might be 20 characters, but it's easy to guess 3 words since you're not going character by character.

Charger8232 OP , 1 month ago

Or hell it could even be a hard drive in a box somewhere

That one guy: "I store my backups in a concrete box in the bottom of the ocean. It's very secure!"

That guy when his system fails: "Hunny, I have to go scuba diving for our passwords."

(This was meant as a joke)

Charger8232 OP , 1 month ago

Another solution would be a recovery pool.

That is a really interesting method! Thanks for sharing, I've learned something new. A way to solve the stakeholders unlocking it would be to also require the admin's own credentials plus 2 (or however many) stakeholder credentials to unlock it. However, that could cause stakeholders to target the admin.

Charger8232 OP , 1 month ago

You could technically achieve this by giving one person the password, another person the key file, and the third person the security key.

Charger8232 OP , 1 month ago

So someone who got to you would have at least two of the three by default.

Both are useless without the third, and can be easily regenerated. Also, you can be tortured for your passwords.

Charger8232 OP , 1 month ago (edited 1 month ago)

they don’t even know they’re trying to guess words in the first place.

That is true, but the math is still the same regardless.

Suppose you had a word list of 1,000 five letter words. Each of your passphrases is 5 words long. That means you have 1,000^5 possible combinations of passwords, which is an entropy of ~49.8 bits. Even though each passphrase is going to be 29 characters long (5 five letter words plus 4 spaces in between), the password wasn't generated character by character.

By contrast, suppose you used all 95 characters on the (US) keyboard, an 8 character password has 95^8 combinations, which is an entropy of ~52.6 bits. Even though the passphrase has 21 more characters than the password, the password still has more entropy.

Big grain of salt here: You can get a huge word list and remember much longer passphrases easily, but the point is to show that the number of characters doesn't dictate the security of a password. If someone were to brute force a passphrase character-by-character, it would hold up very well, but a) Not many people use passphrases and b) It's far more common to use password dictionaries than to brute force.

Hope this helps! Here's the Wikipedia page for password entropy

P.S. If someone found your word list, they could probabilistically brute force your passwords. For example, if 75% of your five letter words started with the letter S, they could deduce that most of the words likely start with S, and they've already eliminated a few characters to brute force.

Charger8232 OP , 1 month ago

Also, someone can hijack your contacts and bribe/torture all 3 people into giving them your credentials.

Charger8232 OP , 1 month ago

That’s a lot of supposition.

For the sake of an example.

The reality is the password guesser has a string of 29 characters.

Actually, not even that. It would be hashed as a fixed length (256 bits usually).

Again, most of what I was saying was just for the sake of an example to show that under the right circumstances the length of a password doesn't dictate its security. Even if it's an extreme, security is only as strong as its weakest link. I'm not denying that it can be unrealistic, and I'm not saying it's insecure (hence the "grain of salt" section that addressed all of your points), I'm just showing how it could be possible.

Charger8232 OP , 1 month ago

you dont have to type in something 10x as long, so you can get a lot more entropy in a smaller space

This is especially useful when you require a lot of entropy, having an essay as your passphrase isn't very fun!

the mnemonic can be anything you want it to be as long as the words start in the respective letters

You can even make up your own rules, not just starting with the respective characters.

Charger8232 OP , 1 month ago

As long as you generate your passphrases properly (i.e. making sure they still have high entropy and don't fall into the same pitfalls I listed, in case someone still decides to brute force your password as a passphrase), you can have a very secure passphrase. However, as far as sheer entropy goes, passwords have more entropy in a more compact space and are better in that respect.

P.S. Some applications have a character limit, meaning you'll get more entropy out of a password than a passphrase. You might accidentally get weak entropy in a passphrase because of the character limit.

Charger8232 , 1 month ago

This topic was already covered over a week ago.

Charger8232 OP , 1 month ago

If you consider raising awareness about a brand name to be an advertisement, then it does. I do see your point, though.

Charger8232 , 1 month ago

I've been a fan of SimpleX for a while now. Privacy comes at the cost of convenience, and SimpleX is the most private messaging platform according to this spreadsheet.

Charger8232 , 2 months ago

(Last I checked) From this spreadsheet, Discord is the fourth worst messaging platform in terms of privacy. Now a new row for "Has ads" will have to be added...