Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful youāll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cutānāpaste it into its own post ā thereās no quota for posting and the bar really isnāt that high.
The post Xitter web has spawned soo many āesotericā right wing freaks, but thereās no appropriate sneer-space for them. Iām talking redscare-ish, reality challenged āculture criticsā who write about everything but understand nothing. Iām talking about reply-guys who make the same 6 tweets about the same 3 subjects. Theyāre inescapable at this point, yet I donāt see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldnāt be surgeons because they didnāt believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I canāt escape them, I would love to sneer at them.
(Credit and/or blame to David Gerard for starting this.)
Iāve started on the long path towards trying to ruggedize my phoneās security somewhat, and Iāve remembered a problem I forgot since the last time I tried to do this: boy howdy fuck is it exhausting how unserious and assholish every online privacy community is
The part I hate most about phone security on Android is that the first step is inevitably to buy a new phone (it might be better on iPhone but I donāt want an iPhone)
The industry talks the talk about security being important, but can never seem to find the means to provide simple security updates for more than a few years. Like Iām not going to turn my phone into e-waste before I have to so I guess Iāll just hope I donāt get hacked!
thatās one of the problems Iāve noticed in almost every online privacy community since I was young: a lot of it is just rich asshole security cosplay, where the point is to show off what you have the privilege to afford and free time to do, even if it doesnāt work.
I bought a used phone to try GrapheneOS, but it only runs on 6th-9th gen Pixels specifically due to the absolute state of Android security and backported patches. itās surprisingly ok so far? itās definitely a lot less painful than expected coming from iOS, and itās got some interesting options to use even potentially spyware-laden apps more privately and some interesting upcoming virtualization features. but also its core dev team comes off as pretty toxic and some of their userland decisions partially inspired my rant about privacy communities; the other big inspiration was privacyguides.
and the whole time my brainās like, āthis is seriously the best weāve got?ā cause neither graphene nor privacyguides seem to take the real threats facing vulnerable people particularly seriously ā or theyād definitely be making much different recommendations and running much different communities. but online privacy has unfortunately always been like this: itās privileged people telling the vulnerable they must be wrong about the danger theyāre in.
I need to see this rant. If you can link it here, Iād be glad.
oh I meant the rant that started this thread, but fuck it, letās go, welcome to the awful.systems privacy guide
grapheneOS review!
pros:
cons:
and now the NextDNS rant:
this is just spyware as a service. why in fuck do privacyguides and the graphene community both recommend a service that uniquely correlates your DNS traffic with your account (even the ātry without an accountā button on their site generates a 7 day trial account and a DNS instance so your usage can be tracked) and recommend configuring it in such a way that said traffic can be correlated with VPN traffic? this is incredibly valuable data especially when tagged with an individualās identity, and the only guarantee you have that they donāt do this is a promise from a US-based corporation that will be broken the instant they receive a court order. privacyguides should be ashamed for recommending this unserious clown shit.
No firefox with ublock origin? Seems like that would be the obvious choice here (or maybe not due to Mozillaās recent antics)
the GrapheneOS developers would like you to know that switching to Ironfox, the only Android Firefox fork (to my knowledge) that implements process sandboxing (and also ships ublock origin for convenience) (also also, the Firefox situation on Android looks so much like intentional Mozilla sabotage, cause they have a perfectly good sandbox sitting there disabled) is utterly unsafe because it doesnāt work with a lesser Android sandbox named
isolatedProcessor have the V8 sandbox (because it isnāt V8) and its usage will result in your immediate deathso anyway Iām currently switching from vanadium to ironfox and itās a lot better so far
This all-or-nothing approach, where compromises are never allowed, is my biggest annoyance with some privacy/security advocates, and also it unfortunately influences many software design choices. Since this is a nice thread for ranting, hereās a few examples:
This has gotten pretty long already, I will stop now. To be clear, this is not a rant against securityā¦ I treat security of my devices seriously. But Iām annoyed that I am forced to have protections in place against threat models that are irrelevant, or at least sufficiently negligible, for my personal use cases. (IMO one root cause is that too much software these days is written for the needs of enterprise IT environments, because thatās where the real money is, but thatās a different rant altogether.)
exactly! and taking this shit seriously is why this overbearing shit sucks, especially when itās theater or enforced for threats that arenāt realistic for your threat model. unlike some of these fuckers, we both actually intend to daily the devices weāre locking down.
oh I fucking hate this. itās the same shit as forcing dark mode off/on as part of fingerprinting protection. not only is this the absolute wrong way to fix that shit, itās pretty monstrous for anyone who needs dark mode or light mode to use their device in anything resembling comfort ā your user may have a visual impairment or severe light sensitivity, and now theyāre fucked cause the developers couldnāt accept a minor fingerprinting risk (and light/dark mode and smooth scrolling are both utterly minor, to be real)
motherfucker yes! the CA infrastructure is nowhere near usable for all cases and we all know it, but locking down the web and making development and self-hosting fucking annoying is the game for the browser vendors and Google in particular. to add to this: why the fuck is my browser acting like me not having a cert for localhost is a tragedy? why does the browser sandbox not allow certain shit unless Iām using https of all things to access localhost? where precisely is the fucking threat here? (Iām sure some well-paid security asshole at one of the browser vendors could snark a list of unlikely shit as reasons why local host needs to be treated as insecure with no toggle or dev tools option to treat it otherwiseā¦ and I just donāt give a fuck)
Iād love good secure boot! the one on PCs aināt it at all, and unfortunately the secure ones tend to be used to lock out device owners from modifying what they own and implement shit like attestation thatās just there to violate your rights and make sure youāre not blocking ads, so unfortunately good secure boot might be incompatible with capitalism. for now though at least graphene seems to benefit from a secure secure boot chain that hasnāt been locked down yet?
hey those are my gripes with much of modern computing, give them back! Iām gonna tell mom
so much more software needs a āI know what Iām doing, shut the fuck upā button
Librewolf with uBlock Originās probably the go-to right now.