Mazoku , 2 months ago

Check out Yattee on the App Store for a YouTube front end utilizing Invidious and Newpipe instances. Can even self host those if you want

Charger8232 OP , 2 months ago

I’ve tried it a few times, but couldn’t get it to work for reasons I don’t remember. I will try it one more time and give my feedback.

Charger8232 OP , 2 months ago

Update: I finally got it working! The UI is a bit weird, but it works. Thank you!

Mazoku , 2 months ago

Nice glad you got it figured out

baritone_edge , 2 months ago (edited 2 months ago)

[Thread, post or comment was deleted by the author]

Charger8232 OP , 2 months ago

Reading this, my only thought was “This setup is eerily similar to the one I aspire to have.” Good job! I may reply with questions if I feel up for it.

Mikina , 1 month ago

That’s seriously impressive. I wonder, what is your threat profile for all of these? It seems to me like some of the things you do have a drastic impact on user experience, while also not providing that much of a benefit unless you have some really sensitive data.

Mikina , 2 months ago (edited 2 months ago)

My own setup from the top of my head would be:

• Browser: Mullvad with Mullvad VPN, LibreWolf for stuff that breaks. Brave if I really have no other choice.
• Phone: Pixel with Graphene, main profile is Google-less, second profile with Sandboxed GServices for apps that don’t work without it but I need them, downloaded through fresh gmail profile. Third profile linked to my old gmail with credit card for the two apps I bought and sometimes need to use.
• Mail: I use Protonmail, with my own domain that sounds vaguely corporate. I have a catch-all address, and generate random [email protected] addresses for each service.
• File storage: I have a NAS, that I use for most file sharing I need.
• Music: Jellyfin server with Headphones and redacted.ch account, and I also make sure to support artists every month by spending what would be my Spotify subscription price on Bandcamp albums
• Desktop: I run Nobara, too lazy to run QubesOS - plus I game a lot, so it would be infeasible. I mostly try to get stuff on GoG and back it up on my own NAS. I have a ZeroTier network set up for streaming through Sunshine/Moonlight when I need to game from a laptop.
• VPN: I use Mullvad paid for with Monero, because it plays nicely with the Mullvad Browser fingerprint.
• Home automation: I have a few basic stuff made for Home Assistant that is running on RockPI I have at home, everything local and without any cloud, mostly through ESP32s.
• Messaging: This is the one I hate the most - most of the groups I’m working with or volunteering for use Messenger, so I have a Matrix server hosted that bridges it and Discord. It’s not ideal, but better than having anything Meta on my phone.
• Payments: This one is the one I’m struggling with the most. I pay by card almost everywhere, because cash is so much effort. I’ve tried looking into crypto or prepaid cards, but it’s really hard to find anything without KYC in Europe, so I’ve given up. I’m looking for advice regarding this, but I’m afraid that aside from switching to cash I’m out of luck.
• Passwords: I just use Bitwarden with YubiKey setup, same as using YubiKey for every important MFA I can. I have two backup keys stored at home, so I don’t need to use other recovery methods that would render it useless.

Mikina , 2 months ago

Few recommendations from the top of my head, from skimming the post.

I’d recommend checking out QubesOS (www.qubes-os.org), especially since it seems you switch between ToR and already use Silverblue, which is AFAIK similar, but why not go all the way in?

Also for VPN - I’ve switched Proton for Mullvad VPN, because I really like the idea they are going for - if you pair Mullvad browser, that is designed to have the same fingerprint for all users, with a VPN that’s from the same company, you can kind of expect that most of the Mullvad VPN users will also be users of Mullvad Browser. Which means you will not be one of the few Proton VPN users with Mullvad fingerprint, but will have the same fingerprint as most of other users of Mullvad VPN. This will make it harder to fingerprint you based on your browser. One word of warning, though - don’t install extensions to Mullvad. If you do, you break the “same fingerprint” premise, and the more extensions you install, the more identifiable you are. Mullvad should be used without any extensions.

Another thing I see is music streaming - I think that in general I’d recommend just getting a cheap laptop/NAS and run your own Jellyfin, and slowly start building your own music collection. You can also run Matrix server as a bonus, and bridge all your communication (including Signal, even though that may not help that much) - but it does help if you need to use some kind of service, i.e Messenger, for group or work related purposes.

My approach to music was to cancel my subscription, and then use the money I save to spend on albums on Bandcamp, so I still support the artists I want. I make sure to do that every month. Since there’s just wast amount of music to get, I use Headphones with an account on redacted.ch to fill my library, but I still make sure to buy albums I like even if I already have them downloaded. The added bonus is that you actually don’t loose any of your music, if the artist decides to pull it off the streaming service, which has aready happened to me several time.

If you want hosting your own LLM, take a look at refact.ai. But note that it’s not really cheap, I’ve recently upgraded my computer and decided to use my NVIDIA 1060 to run refact, and it still didn’t work well - 8Gb of GPU memory is borderline usable, and I couldn’t do the finetuning.

Charger8232 OP , 2 months ago

Thanks for these recommendations!

but why not go all the way in?

I’ve tried Qubes in the past, and I’m not ready to tackle the learning curve yet. I want Secureblue to be the bridge to learning Qubes first.

I’ve switched Proton for Mullvad VPN, because I really like the idea they are going for

I’ve considered using it from a fingerprinting perspective, but I don’t have the finances to switch yet.

I think that in general I’d recommend just getting a cheap laptop/NAS and run your own Jellyfin, and slowly start building your own music collection.

Oh?

lemmylem , 2 months ago (edited 2 months ago)

“My BIOS is password locked but proprietary (due to compatibility issues).”

“I use full disk encryption, multiple disks, and a second layer of encryption for specific important files (NSA style)”

I recommend switching to Libreboot, I’ve recently helped add support for the Dell Optiplex 9020 MT, and will soon add support for the Dell Precision T1700 MT. Libreboot allows for full disk encryption, including the automatically encrypting the /boot partition during installation of an OS. I use RAID 0 with 3 disks (LUKS and LVM) on my desktop, with my /boot unencrypted stored on a SD card so I can easily toss it whenever.

For gaming, I’ve had success using Proxmox to play games like GTA V and Rainbow Six Siege through a VM, even passing through NVIDIA drivers (though I plan to switch to AMD). Although, currently the Haswell boards (9020MT and T1700MT) can’t use IOMMU correctly so I recommend using the T1650 for passing through your GPU to a VM. Beware though, the T1650 board can’t be freed entirely in the BIOS I believe.

Also, updating your CPU microcode can help avoid potential performance issues. If you’re concerned about security, consider GPG signing your kernel with Libreboot GRUB for an additional layer of verification at boot.

vsis , 2 months ago

If you’re concerned about security, consider GPG signing your kernel with Libreboot GRUB for an additional layer of verification at boot.

Hey! I had no idea that was possible. I usually encrypt everything but /boot, because it’s easy that way.

I don’t have a “threat model” of someone puting malware in /boot while I’m away of the computer. But it would be nice to know how to prevent that.

Do you have a link of a guide or tutorial for that?

Charger8232 OP , 2 months ago

I am currently in the process of researching Libreboot. Have you had any concerns or problems when using it? Thanks!

Zerush , 2 months ago (edited 2 months ago)

Tip, FreeTube is fine, but as you say, certain difficults with some Videos. Because of this, I have specified SMplayer (MPlayer engine) as an external player in FreeTube, this way, if a video does not work in FreeTube, just click on the small rectangle at the bottom left of the thumbnail, so that the Video opens in SMplayer, which practically works always.

If you visit YouTube directly, there is a simple trick to convert the Video into embedded, that is, the video is opened as such in a tab, without going through the YT page. This also avoids a lot of trackers and ads, as well as unnecessary loads (thumbnails, comments, suggestions and other crap).

Simply edit the URL

https://www.youtube.com/watch?v=xxxxxxxx

to

https://www.youtube.com/embed/xxxxxxxx

Charger8232 OP , 2 months ago

Simply edit the URL

Thanks for this! It’s a trick I learned a long while back but have since forgotten. Good reminder!

Zerush , 2 months ago

It can be done automaticly with a small script of few lines, like this one (use with Violentmonkey or Greasymonkey). The only drawback is, that are some (few) videos in YT have desactivated embedding, in this case appears a message to watch the video in YT

Charger8232 OP , 2 months ago

Thanks! I’ll check that out

TheAnonymouseJoker Mod , 2 months ago

I use Secureblue

Silverblue is not even spelled correctly.

I occasionally use Tails because I think it’s fun.

TailsOS is not for “fun” purposes.

I use a Faraday bag to store my device when I’m in public

Nobody uses their phone like this. When you stop using the communicator as a communicator, you have made the phone essentially a glass brick you lug around for no purpose.

I use full disk encryption, multiple disks, and a second layer of encryption for specific important files (NSA style)

“NSA style” zomg cool blonde hair tech whiz kid?

I currently use hardened iOS until I can scrape together some money for a Pixel to use GrapheneOS

iOS is a privacy nightmare. gist.github.com/…/357e724811fe04167332ef54e736670… And its security has been worse than that of Android for years now. wired.com/…/android-zero-day-more-than-ios-zerodi…

GrapheneOS is complete snake oil. Read more here to know about “security” cultists in FOSS/privacy community.

old.reddit.com/…/writeup_criticism_of_rprivacygui…

old.reddit.com/…/grapheneos_corporate_foss_loving…

This post is a massive joke.

Syn_Attck , 2 months ago

Oy, bit of a cunt innit?

TheAnonymouseJoker Mod , 2 months ago

Elaborate.

Midnight1938 , 2 months ago

Secureblue does exist for starters

Syn_Attck , 2 months ago

Well, for starters…

TailsOS is not for “fun” purposes.

Highly debatable opinion, all tech can be fun.

“NSA style” zomg cool blonde hair tech whiz kid?

zomg condescending and immature much?

This post is a massive joke.

Said the mod of the subreddit to the curious, kind, helpful, thought-provoking user who posted wondering about other people’s setups, and even prefaced their post with:

this thread is dedicated to help people learn and grow in their privacy journeys!

Don’t focus solely on me! Since this happened in another one of my posts, I want to mention that this thread is not designed to pick apart only my setup. The point is to contribute your own and help others. That doesn’t mean you can’t still give suggestions for mine, but don’t prioritize mine over another.

Be respectful! Some people are early on in their privacy journey, or have a lax threat model. Just because it doesn’t align with yours, or uses some anti-privacy software, doesn’t mean you can downvote them! Help them improve by giving suggestions on alternatives.

Be polite! This falls under “Be respectful”, but be kind to everyone! Say please, thank you, and sorry. Lemmy is really good about this, but there will always be someone.

TheAnonymouseJoker Mod , 2 months ago

This post is a massive joke.

Said the mod of the subreddit to the curious, kind, helpful, thought-provoking user who posted wondering about other people’s setups,

This person made a rough guide, and not merely shared their own setup. And if someone is going to suggest their setup, let alone a guide, there will be people who pick it apart. Most will be trolls, some will be constructive. “Hardened iOS” is an oxymoron at some level, for example. If you use iOS, stop trying to conform to “cool” privacy notions, and be okay with it. Switch to Android and harden it when comfortable. Yes I mocked the post, but I did not berate the user, and I consider it fair enough.

I come with a lot of privacy/anonymity experience so I suggest things in a more hardline manner, while being able to see through if someone is okay with a more basic threat model. I am not a snobby elitist. I make guides for threat modelling, smartphones and computing.

Syn_Attck , 2 months ago

Might I suggest that instead of mocking the user and ensuring they don’t post here in the future after they have learned more, that you sticky a comment about threat models and give constructive criticism about their setup? That way you don’t run away this user, who is willing to dedicate their free time writing free posts which benefit the community, and you also educate those who are reading the post who may not know better.

TheAnonymouseJoker Mod , 2 months ago

“Hardened iOS” and “GrapheneOS” often crosses my tolerance limit. It sounds to me from experience that the person is no longer “reachable” in a reasonable manner, unless drums are loudly beaten. Such brainwashing often becomes too much to reverse, and I no longer use up my energy on most people.

Syn_Attck , 2 months ago

What’s wrong with GrapheneOS?

TheAnonymouseJoker Mod , 2 months ago

lemmy.ml/comment/9414446

Syn_Attck , 2 months ago

No paywall: archive.ph/EzdvB

This is an article about Huawei’s Android OS competitor called HarmonyOS.

A search for HarmonyOS and GrapheneOS turns up nothing.

What’s wrong with GrapheneOS?

TheAnonymouseJoker Mod , 2 months ago

I linked the comment about it. Graphene is not an OS but an AOSP fork. HarmonyOS comprises of multiple things, Huawei’s microkernel attached to their AOSP fork, the AOSP fork itself and Huawei’s ecosystem products.

Charger8232 OP , 1 month ago

Graphene is not an OS but an AOSP fork.

GrapheneOS is a standalone mobile operating system based on the AOSP. Android’s kernel is based on the Linux kernel. If GrapheneOS is not an OS, then you are saying Android isn’t one either. Would you mind elaborating on why you believe GrapheneOS is not an OS?

TheAnonymouseJoker Mod , 1 month ago

Graphene is not an OS independently developed or created. This “OS” bullshit started back during Windows XP era with custom ISOs created by hobbyists with tools like WinPE, which carried over to Android scene on XDA Developers. Infact, the original name of LineageOS was CyanogenMod, an apt name for what was modded, stripped down vanilla Android compared to Touchwiz and other OEM skinned Androids that existed. A lot of Android custom builds were never called OS, but this “OS” bullshit started here with some hobbyists and Vivo, Oppo and others doing names like ColorOS, FuntouchOS etc. The naming convention is complete utter bullshit with LineageOS, CalyxOS, GrapheneOS and all these “OS” named custom Android builds.

GrapheneOS is so delusional in its “features” marketing page, it claims it magically happens to be compatible with Android apps (APK packages). Oh wait, isn’t it just an AOSP fork? Or is it a special new OS, like Windows, MacOS, *BSD, *nix or a Linux kernel+DE distro/OS?

Charger8232 OP , 2 months ago

Pleasure to finally meet you, albeit under less than ideal circumstances. I’ve been anonymously surfing this community for the better part of a year now, and only made an account in the past month. Your name has shown up a lot in most of the notable comments I’ve read. You’ve grown quite the reputation, even spreading to friends I know from other communities. Again, nice to meet you. Would you like to have a constructive and calm discussion regarding your concerns?

TheAnonymouseJoker Mod , 2 months ago

I am unsure how you would like to discuss. Public or private? One thing I am known for is not abusing mod powers, and giving people plenty leeway. But even then, being the mod, you probably view it as an imbalance, so we could have a DM chat, but that is not public. If it is a simple debate in public, I welcome it as well.

I cannot promise an immediate debate unless I am free, given my life circumstances, but we can try.

I will admit one mistake, I did not know and assumed Secureblue is a misspelled Silverblue, but Secureblue is coincidentally very similar to Silverblue, instead being a spin of Atomic with the same Flatpak style immutable system. Nice pick. I use Debian Stable and am extremely picky with what I install, even minimising Flatpak installs and network connected programs.

Charger8232 OP , 2 months ago

Thank you for your openness to a rational discussion! For transparency’s sake (since I have a firm belief that correspondence with higher powers should be publicized), I am willing to address your points one by one publicly.

TailsOS is not for “fun” purposes.

While you are correct that Tails is not designed for entertainment purposes, because I have a passion in technology and privacy alike, I find it an enjoyable experience to use Tails, learn about some of its features, and overall have a peace of mind that none of my “shenanigans” will affect my daily operating system.

I use a Faraday bag to store my device when I’m in public

Nobody uses their phone like this. When you stop using the communicator as a communicator, you have made the phone essentially a glass brick you lug around for no purpose.

I hardly use my phone for communication purposes, as phones have been designed to be used for a multitude of different tasks. Some of these are: gaming, photography, a calculator, note-taking, music streaming, and many more. Phones today are essentially used as portable pocket computers. While I do use my phone for communication, I am not constantly in contact with people in my social circle. It’s a healthier way to use a digital device, because it means when you are at work or with friends, you aren’t constantly distracted using your phone. This helps me to live the moment, and be present. The Faraday bag adds extra security while doing so. I am by no means telling you how to use your phone, but that is how I use mine. After all, it’s my phone, not yours.

“NSA style” zomg cool blonde hair tech whiz kid?

This was a poke at this comment: “If you want paranoid levels of security, consider following the NSA’s Rule of Two, which means two completely independent layers of encryption.”

I am not blonde, by the way. Nor a minor.

iOS is a privacy nightmare. gist.github.com/…/357e724811fe04167332ef54e736670… And its security has been worse than that of Android for years now. wired.com/…/android-zero-day-more-than-ios-zerodi…

Thank you for providing helpful links! While I am well aware of the privacy invasive nature of iOS, I currently don’t have the funds to switch to my preferred alternative, GrapheneOS. This is my personal preference, and YMMV.

GrapheneOS is complete snake oil. Read more here to know about “security” cultists in FOSS/privacy community.

old.reddit.com/…/writeup_criticism_of_rprivacygui…

old.reddit.com/…/grapheneos_corporate_foss_loving…

It’s not very appropriate to discriminate against a group of people, even if their views do not align with yours. They are still people, after all. While I don’t share your views about GrapheneOS, I do appreciate providing sources to back up your claims. Kudos to you for using old.reddit.

This post is a massive joke.

This is not nice and does not contribute to the post at all, and is therefore unnecessary. If you have negative opinions regarding a post, consider simply downvoting and potentially having a conversation with the creator (me) about it.

This person made a rough guide, and not merely shared their own setup.

If my post has been perceived as a guide, I apologize. It was not my intention. I’m not exactly sure if you were referring to a privacy guide, or a guide on how to format answers (which many people have followed). I don’t see any parts that encourage people to use the same services that I use (as a privacy guide would), but I could be wrong. Would you mind elaborating with specific examples?

And if someone is going to suggest their setup, let alone a guide, there will be people who pick it apart. Most will be trolls, some will be constructive.

This is the sole reason I placed the rules directly in the post, to discourage that behavior. Obviously it’s not foolproof, but it has significantly helped prevent it.

“Hardened iOS” is an oxymoron at some level, for example.

I agree that, in some sense, it is an oxymoron: considering that iOS cannot be fully hardened due to multiple factors. The reasons I chose to use that terminology are explained below.

If you use iOS, stop trying to conform to “cool” privacy notions, and be okay with it.

I tried my best to refrain from using terms that beginner privacy enthusiasts would not understand, which led to certain creative solutions to be used, such as “hardened” as an adjective to describe a more locked-down service. If you have any suggestions on alternatives, I am happy to hear them!

Switch to Android and harden it when comfortable.

I do not have the finances to switch to a device capable of running Android yet. I am doing the best with what I can. Thank you for understanding my situation!

Yes I mocked the post, but I did not berate the user, and I consider it fair enough.

Mocking any content created with detail and care is not a kind thing to do, and goes against c/privacy’s 6th rule “Be nice :)”, which I am sure you are well aware of, considering you are a moderator in that community.

I come with a lot of privacy/anonymity experience so I suggest things in a more hardline manner, while being able to see through if someone is okay with a more basic threat model. I am not a snobby elitist. I make guides for threat modelling, smartphones and computing.

Interesting! Would you mind linking to a few of your guides? I am very interested in reading them.

“Hardened iOS” and “GrapheneOS” often crosses my tolerance limit.

It is interesting for you to compare hardened Android (which you have stated is preferable) to iOS (which you have stated is not private). Would you mind elaborating on why GrapheneOS is not regarded as highly in comparison to other hardened Android ROMs, in your own opinion? Also, disregarding how privacy invasive Apple devices are, do you believe that Apple’s Lockdown Mode (at least) delivers on security features?

It sounds to me from experience that the person is no longer “reachable” in a reasonable manner, unless drums are loudly beaten.

I am happy to hear that I was able to exceed your expectations, with quiet instruments.

One thing I am known for is not abusing mod powers, and giving people plenty leeway. But even then, being the mod, you probably view it as an imbalance

Would you mind elaborating on why I may see your messages as an imbalance, as a result of your status as a professional moderator of this community?

If it is a simple debate in public, I welcome it as well.

I am glad you are open to a clean, transparent discussion. I look forward to hearing from you.

I cannot promise an immediate debate unless I am free, given my life circumstances, but we can try.

That’s alright, we all have hardships in the real world. Take your time.

I will admit one mistake, I did not know and assumed Secureblue is a misspelled Silverblue

It is a good quality to be able to admit your own mistakes, and I commend you for that. Until recently, I, too, was unaware as to what Secureblue is.

Nice pick. I use Debian Stable and am extremely picky with what I install, even minimising Flatpak installs and network connected programs.

Thank you! It was actually the community you moderate (c/privacy) that helped me pick it out. I, too, am somewhat picky about my installs. I am currently sticking to strictly Flatpaks.

I am eager to hear your responses! Please, get back to me when you can.

Cheers!

TheAnonymouseJoker Mod , 2 months ago

find it an enjoyable experience to use Tails

Wasting time to learn is good. But do not stroll away in darknet wasting time for months like I did as a teenager. SomeOrdinaryGamers has a Deep Web series for the “fun”.

hardly use my phone for communication purposes, as phones have been designed to be used for a multitude of different tasks. Some of these are: gaming, photography, a calculator, note-taking, music streaming, and many more. […] when you are at work or with friends, you aren’t constantly distracted using your phone

I can attest to that, being my MO as well. Smartphones have made us isolated, anti social and dumber.

“NSA style” zomg cool blonde hair tech whiz kid?

This was a poke at this comment: “If you want paranoid levels of security, consider following the NSA’s Rule of Two, which means two completely independent layers of encryption.”

NSA’s Rule of Two is an actual thing. Either use these terms or just leave them out. Don’t try “inching closer” to NSA in your head, it leads to arrogant thoughts and sometimes regret.

GrapheneOS is complete snake oil. Read more here to know about “security” cultists in FOSS/privacy community.

It’s not very appropriate to discriminate against a group of people, even if their views do not align with yours. They are still people, after all.

Well, for one, they openly harass and witch hunt people (Micay instructed mods in his Matrix chat), and Micay went on to call almost everyone complicit in his claimed swatting attempt in April 2023, for which there is no evidence provided or in media. He also abuses “autism” label to avoid public accountability for his lies and crybullying behaviour.

Linus Torvalds himself has called these security cultists “masturbating monkeys” for the annoying things they do. People like Brad Spengler have been an annoyance to Linux community. And many people dislike the disregard for open source culture, privacy, anonymity and performance in the name of security, since most of them love advocating for corporate closed source security.

This post is a massive joke.

This is not nice and does not contribute to the post at all, and is therefore unnecessary.

When I get pissed off, I try steering people in a better direction. You will probably try nitpicking and refining your OPSEC yourself.

Stuff like “hardened iOS” gets me. If you use it, use it, but iOS in no measure stands above Android for privacy, security and anonymity purposes. And I think it must be made clear, because too many pro Apple trolls keep lurking on internet. It does not help that places like r/privacy subreddit have iPhone using moderators defending Apple, and Apple trolls being given cover by these mods.

I am serious about privacy and anonymity, advocating it and ensuring good general advice becomes mainstream, and bullshit notions ($1000 Apple=privacy, Apple>Android) go the way of the dodo. I am a privacy advocate that happens to be a moderator, instead of being a moderator with having negligible privacy knowledge, a usual occurrence on internet.

Would you mind linking to a few of your guides?

Non-root smartphone guide: lemmy.ml/post/128667

Linux/Windows computing guide: lemmy.ml/post/511377

Threat model guide: lemmy.ml/post/34223

Guide for protestors: lemmy.ml/post/34220

Would you mind elaborating on why I may see your messages as an imbalance, as a result of your status as a professional moderator of this community?

People often leverage powers to ban or silence debating just to not “lose”. Nature’s laws apply to internet mods and users. And internet mods, like most people in society, usually pretend and are pseudo productive in life so they do not need to demonstrate their lack of knowledge. Some people are genuinely busy though.

Charger8232 OP , 1 month ago

SomeOrdinaryGamers has a Deep Web series for the “fun”.

Thank you, I’ll check it out!

I can attest to that, being my MO as well. Smartphones have made us isolated, anti social and dumber.

The same effects were seen with the introduction of the first commercially available computers.

Either use these terms or just leave them out.

There is nothing wrong with what I said.

Well, for one, they openly harass and witch hunt people (Micay instructed mods in his Matrix chat), and Micay went on to call almost everyone complicit in his claimed swatting attempt in April 2023, for which there is no evidence provided or in media. He also abuses “autism” label to avoid public accountability for his lies and crybullying behaviour.

Linus Torvalds himself has called these security cultists “masturbating monkeys” for the annoying things they do. People like Brad Spengler have been an annoyance to Linux community. And many people dislike the disregard for open source culture, privacy, anonymity and performance in the name of security, since most of them love advocating for corporate closed source security.

All of this is irrelevant to the GrapheneOS project itself. What the creators did had no effect on the focus and implementation of GrapheneOS.

When I get pissed off, I try steering people in a better direction.

That does not excuse your actions. There are kind, constructive ways of helping people in the right direction, what you did was neither of those.

If you use it, use it, but iOS in no measure stands above Android for privacy, security and anonymity purposes.

I never claimed it did. In fact, I implied the opposite.

Non-root smartphone guide: lemmy.ml/post/128667

Linux/Windows computing guide: lemmy.ml/post/511377

Threat model guide: lemmy.ml/post/34223

Guide for protestors: lemmy.ml/post/34220

Have you considered publishing a proper article on a place other than social media?

People often leverage powers to ban or silence debating just to not “lose”.

Another way of trying to win a debate would be to blatantly ignore and refuse to acknowledge points brought up by the opposing side. Here are the ones you missed:

If my post has been perceived as a guide, I apologize. It was not my intention. I’m not exactly sure if you were referring to a privacy guide, or a guide on how to format answers (which many people have followed). I don’t see any parts that encourage people to use the same services that I use (as a privacy guide would), but I could be wrong. Would you mind elaborating with specific examples?

I agree that, in some sense, it is an oxymoron: considering that iOS cannot be fully hardened due to multiple factors. The reasons I chose to use that terminology are explained below.

I tried my best to refrain from using terms that beginner privacy enthusiasts would not understand, which led to certain creative solutions to be used, such as “hardened” as an adjective to describe a more locked-down service. If you have any suggestions on alternatives, I am happy to hear them!

I do not have the finances to switch to a device capable of running Android yet. I am doing the best with what I can. Thank you for understanding my situation!

Mocking any content created with detail and care is not a kind thing to do, and goes against c/privacy’s 6th rule “Be nice :)”, which I am sure you are well aware of, considering you are a moderator in that community.

It is interesting for you to compare hardened Android (which you have stated is preferable) to iOS (which you have stated is not private). Would you mind elaborating on why GrapheneOS is not regarded as highly in comparison to other hardened Android ROMs, in your own opinion? Also, disregarding how privacy invasive Apple devices are, do you believe that Apple’s Lockdown Mode (at least) delivers on security features?

It seems you ignored over half of my message.

I look forward to hearing the responses you missed!

TheAnonymouseJoker Mod , 1 month ago

I do not engage in something that needs no further elaboration, or something that is mutually agreed upon. So I only address whatever needs to be discussed.

All of this is irrelevant to the GrapheneOS project itself. What the creators did had no effect on the focus and implementation of GrapheneOS.

It does.

Read the paper by Ken Thompson, co-creator of Unix and C, on why we should be able to trust the developer and NOT the code. cs.cmu.edu/…/Thompson_1984_ReflectionsonTrustingT…

GrapheneOS developer has lied about various things, accused people of things as serious as being complicit in attempted murder and intentionally avoids any forms of scrutiny by false labelling critics, crybullying and harassing them. After Louis Rossmann made his Matrix DMs with Micay public, he went underground and hid behind his Discourse forum, and mods banned and censored anyone asking for swatting evidence left and right. I see zero reason to put trust in a malicious person like this for something as serious as digital security and privacy for a personal computer or phone.

Someone made this thread last year. old.reddit.com/r/…/why_did_i_do_this/

Micay has a personal grudge against Firefox due to this incident, where he got blasted by Tor Project devs. Chromium propaganda was invented and disseminated after August 2019, due to this. lists.torproject.org/pipermail/…/013995.html

Few years ago, without any community consensus, he added a shutter sound for camera which could not be muted, putting the target audience of this tool/product at risk of jail or even death – privacy users, journalists and activists. old.reddit.com/…/what_is_your_opinion_of_graphene…

There is a lot that you do not know, and probably want to live in ignorance. Why? Maybe you want to not put in more effort. Whatever your reason may be, it is a massive risk to even consider using something with so much weird history and active controversy behind it. CalyxOS, ProtonAOSP or even LineageOS are free of controversies and are better picks, and you have more usability freedom with them.

Would you mind elaborating on why GrapheneOS is not regarded as highly in comparison to other hardened Android ROMs, in your own opinion? Also, disregarding how privacy invasive Apple devices are, do you believe that Apple’s Lockdown Mode (at least) delivers on security features?

You can do 99.9% of the “hardening” yourself. This is what you do on Linux, and with web browsers, firewalls and other things. This is precisely what I demonstrate with my non root smartphone guide that works on any Android phone in the last 5+ years, rooted or not, instead of needing specific unlocked Pixel models with Google’s proprietary security hardware. There is not even a need to get into this flashing custom ROM complicated stuff to achieve top grade privacy and security.

How weird would it be if you were told to go fly to other countries and get a Pixel, otherwise you will not get privacy and security? Weird and delusional people. i.imgur.com/Yv9nvxy.jpg

As for Apple’s Lockdown feature, same exists on Android, and I have a very interesting way of securing device that makes Apple look like a joke. You can see “HOW TO SAFEGUARD YOUR DATA FROM…” section in non root phone guide. You may find this worthwhile.

clark , 2 months ago

I’m not educated enough to comment on most of your points, so here is my set-up:

• Web: Safari on iPhone with Google browser, Firefox + uBlock origin on desktop with Google browser. I had DDG for a while but I missed the short summary answers you get when you type in a question to Google. I am not in a place to pay for a browser (i.e. Kagi).
• Mobile: iPhone with free tier NextDNS. I am looking into buying a Samsung S9/S10 to install LineageOS on. It’s been a while I used Android so I’m not sure how easy that will be. I store all my passwords in Apple’s “Passwords” in settings, and all of them are 20+ characters long and complex (I use a generator whenever I make a new password). Any suggestions on (free/FOSS) password storers?
• Messenger: I use Facebook messenger to communicate with my family as only my sister and I have iOS. Furthermore, FB is the only social media I have besides Lemmy.
• Email: I use ProtonMail but am considering switching to Tutanota. I don’t have the opportunity to pay for a mail provider right now.
• Music/streaming: I use Spotify for music. I use FreeTube for YT on desktop only. My parents pay for Netflix & HBO and so I watch them sometimes, although I have made it a habit to pirate movies online. Also books. Part of me wants to download my music from Spotify and store it somewhere, but iPhone Drive isn’t the greatest when it comes to that. Maybe somebody has (free/FOSS) suggestions?
• Misc: I never pay with cash since most stores don’t take it. I use Bluetooth earphones. I don’t game.

Keep in mind I am relatively new to the piracy / privacy community and there’s a lot of terms I don’t know. I hope to improve my privacy and receive advice from more experienced people. Cheers!

Charger8232 OP , 2 months ago

I am looking into buying a Samsung S9/S10 to install LineageOS on.

If you have the money, check out GrapheneOS!

Part of me wants to download my music from Spotify and store it somewhere, but iPhone Drive isn’t the greatest when it comes to that. Maybe somebody has (free/FOSS) suggestions?

Spotube does this really well

clark , 2 months ago

I remember I tried out Spotube on my computer but the code wouldn’t work. Also a minus it’s not available on iOS. How does Graphene differ from Lineage, in any way that it is preferable?

Charger8232 OP , 2 months ago

I remember I tried out Spotube on my computer but the code wouldn’t work.

It’s buggy, but it works good enough with some effort.

How does Graphene differ from Lineage, in any way that it is preferable?

This table compares Android ROMs based on a lot of metrics. Basically, Lineage isn’t as private as people think, but Graphene does it proper. Let me know if you have specific questions :)

clark , 2 months ago

It’s really too bad Graphene doesn’t seem to support Samsung phones, or any phone that isn’t Google.

bloodfart , 2 months ago

If you’re reading this and on ios, go do the safety check.

It whips ass and makes a lot of stuff easier to understand.

hellfire103 , 2 months ago

Nice setup! I think I’ll maybe make one of my own!

I have a few questions, though:

• How did you set up your firewall? What did you use and what rules do you have in place?
• How did you harden iOS? I have read up and implemented a number of basic settings to reduce tracking, and NextDNS blocks the rest, but I wouldn’t consider my current iPhone “hardened”, per se.

Charger8232 OP , 2 months ago

1. Since this is a fresh install of Secureblue, I have the default rules in place. I will eventually take a day to crack down and find out what rules I want.
2. This explains now to harden iOS
3. Thanks for letting this inspire you to make your own!

hellfire103 , 2 months ago

1. I see. Guess I’d better load up a guide and get ready to break my internet!
2. Lovely. Running on Lockdown Mode now, and it’s actually not that bad!
3. Thank you! You can find my post here.

Charger8232 OP , 2 months ago

Running on Lockdown Mode now, and it’s actually not that bad!

I have only had issues with it twice, been using it for a year

1. Images on a website wouldn’t load (for security reasons)
2. Some apps break, but you can disable it per-app

Dave , 2 months ago

I stream from ethical services for some movies

What are these ethical movie streaming sources?

Is there an easy way to blur/censor my house without giving up my soul?

Have you tried this process? mashable.com/…/how-to-blur-your-house-on-google-s…

Charger8232 OP , 2 months ago

What are these ethical movie streaming sources?

Netflix, Amazon Prime, places that host copyright free movies, etc.

Have you tried this process? mashable.com/…/how-to-blur-your-house-on-google-s…

I have not, thank you!

Dave , 2 months ago

I’m curious what makes Netflix or Amazon “ethical”, and what you’re comparing them to? Are you just meaning not piracy?

Charger8232 OP , 2 months ago

Are you just meaning not piracy?

Yes.

Gutless2615 , 2 months ago

There is literally nothing ethical about Amazon.

possiblylinux127 , 2 months ago

Don’t do this or your house will become part of a conspiracy

acastcandream , 2 months ago

What is hardened iOS?

Charger8232 OP , 2 months ago

This is a good guide on how to harden iOS. Basically iOS made as private as possible.

acastcandream , 2 months ago

This is great. Done a lot of it but lots I haven’t.

sugar_in_your_tea , 2 months ago

Thanks for the post!

Here’s some of the things I do:

• browser - Firefox w/ uBlock Origin and container tabs; I’m not worried about my ISP since it only operates in my city, so it’s unlikely they’re selling my data
• desktop/laptop - OpenSUSE Tumbleweed w/ full disk encryption, basic firewall, etc
• mobile - currently Motorola Android, will be getting a Pixel soonish to get GrapheneOS
• messenger - rarely use, but when I do, it’s just SMS w/ my wife and family; work is Slack/Teams; I’d like a replacement, but it’s hard getting people to switch
• online accounts - Bitwarden; will be self-hosting the data soon
• video streaming - NewPipe on Android, YouTube and Twitch with ad blocking on desktop
• music - mostly FM radio in my car, YouTube with ad blocking occasionally at work
• AI - hard no
• social media - lemmy
• email - Gmail (gasp!); switching to ProtonMail on my own domain soon (have an account, just haven’t gotten my contacts switched over
• shopping - occasionally Amazon (no Prime) and Newegg, mostly at Costco and the local grocery; mostly on credit card because dealing with change sucks
• TV shows - Netflix and Disney+ subscription; been using DVDs and digital backups more recently
• gaming - Steam and Heroic (for GOG and EGS)
• programming - neovim for Python, JavaScript, and Rust, VSCode at work for Typescript (our codebase is a massive mess); been using Gitlab mostly for personal stuff, on-prem Github at work
• misc - I use an Enterprise router, and have played with putting a subnet on a VPN (soon) and DMZ; I use a lot of Google Sheets, so need an alternative

So I still have a ways to go. Current priorities:

• eliminate Gmail - mostly just need to ask my family to use my new email, and set up some forwarding rules
• alternative to Google Sheets - probably LibreOffice Online with NextCloud or something; it’s going to be tricky because I use it for stock quotes (GOOGLEFINANCE() rocks) and transaction tracking (Tiller integration)
• home automation - I want an Alexa alternative for playing music; my kids have been asking a lot, and it seems willow might be good enough; if I can get that working, I’ll try automating other things too

I also want to play with mobile Linux, so I might pick up a Pinephone to mess around with. It’s not quite ready to replace Android for me, but maybe I can help get it there.

Charger8232 OP , 2 months ago

I’m not worried about my ISP since it only operates in my city, so it’s unlikely they’re selling my data

Websites can see what your ISP (or IP address) is, and geolocate you based on that. Also, even small ISPs sell data, and being small is all the more reason to do some sketchy things to grow the business.

I’d like a replacement, but it’s hard getting people to switch

I hear that. The easiest thing you can do is try to convince people closest to you to move to something at least a little more privacy respecting. Signal (Molly is a hardened version) has been easiest for me to convince people with.

YouTube and Twitch with ad blocking on desktop

Try Invidious or Piped! It’s not for everyone, but it’s worth trying! Also, you should think about adding SponsorBlock to your setup, in case you didn’t know about it.

AI - hard no

Fair.

Gmail (gasp!)

😱 B-But!!1 /s

I want an Alexa alternative for playing music

Would love to hear the alternatives people have! Keep me posted :)

sugar_in_your_tea , 2 months ago

Yeah, the geolocation thing by websites is an issue, but most sites just guess the region (from the IP range) and not my specific city, so I don’t think most associate the two. I’m behind a NAT at my ISP, so there’s nothing to uniquely identify my house.

That said, we’re getting municipal fiber installed soon (next year or two), and I don’t know if I’ll be behind NAT. I’m guessing I won’t (which is good), but that also means I’ll need to put most of our traffic through a VPN or something. I’ll probably pick one in my metro area, at least until I get replacements for all of the creepy sites I use (e.g. I don’t want restaurant search results for New York or California if I don’t live in either).

Signal

Yeah, just need to get my wife to switch. Getting my parents and siblings on as well may be difficult, but I’ll see what I can do.

SponsorBlock

Honestly, sponsorships don’t bother me. They don’t violate my privacy like ads do, and the people I watch are very respectful with how and when they do it (e.g. one is always at the end, others are always at the start). I would rather just drop channels that don’t respect my time than block their nonsense.

I’m considering moving to Nebula and Odysee, but only a few of my favorite channels are there, though maybe there are decent alternatives.

Alexa alternative

Keep me posted!

Absolutely! I’ll probably make a post once I have time to mess with it and get something working. The intent is to play music on-demand, and here’s my plan:

1. Willow for speech to text
2. Script on my NAS to turn commands into actions (maybe Home Assistant can help?)
3. Some hacks to play YouTube video audio for whatever the song is on some audio output
4. Stereo system per room that streams audio from Home Assistant (stuff from YouTube)

The first two should be pretty straightforward, the third is a bit tricky, and the fourth will require some hardware. But once I have things working (assuming it gets to that point), I’ll post about it here. Step 3 would be easy to replace with any other audio source, like a private collection or some other web service.

Charger8232 OP , 2 months ago

Thanks for sharing! Most IP addresses are specific enough to locate cities by themselves, just a note.

sugar_in_your_tea , 2 months ago

Yes, but the likelihood of a service doing that is relatively low. Even in the worst case scenario, they’d know my city and ISP, but not be able to track that to my house.

So it’s bad, but not “uniquely identify me” bad. I do sometimes see “local stories in <city>” nonsense in news articles, so it’s certainly something I need to fix.

Charger8232 OP , 2 months ago

I need to read up on NAT and CGNAT, I’ll reply again tomorrow. Cheers!

Charger8232 OP , 2 months ago

Alright, so:

When you visit a website without using a VPN/Proxy/Tor, the website can see your public IP address. That public IP address is unique (with exceptions I’ll get to in a moment) to your home router. NAT means that each device connected to your router (Wi-Fi) has a local IP address, hidden to the website, but your routers IP is still unique to the website. That means that, even if you switch devices, if you visit a website using your home network the website knows that it is your Wi-Fi and not somebody else’s. That means that you can get tracked across websites just by correlating public IP addresses. Ads can see this IP address too. The public IP address by itself is enough to narrow down your location to the exact city, in most cases. So, when you visit a website, the website knows

1. The city you live in
2. Can correlate your public IP address (ad networks usually do this, not the website itself) to all the other websites you’ve ever visited

If your ISP uses dynamic IP addresses, that means your public IP address changes every month or so, so that #2 only has a history of about a month. CGNAT (Carrier-Grade NAT) means that multiple routers share the same public IP address, which removes #2 altogether. This still lets websites know the city you live in, but it reduces mass internet surveilling.

I may have gotten a few minute details a bit off, but that’s a basic shake down of how it works. TL;DR: Your IP can uniquely identify each of your devices if you don’t have NAT, your router if you do have NAT but not CGNAT, and the city you live in. Find an ISP that uses IPv6, dynamic IP addresses, and CGNAT, and use a elite proxy, free VPN, and Tor with a private DNS for maximum privacy.

sugar_in_your_tea , 2 months ago

I’m familiar with networking, with not an expert.

Here’s how my network is:

• ISP - static public address (doesn’t change)
• Router - static 10/8 addr (Ethernet at the curb); no DHCP
• Computers - 192.168 subnets with DHCP

So websites would only get that public address for the ISP. They can still get my city through my ISP’s address, but they can’t uniquely identify me from the address alone.

So yeah, sites will know the city I’m in, but they can’t uniquely identify me. So while I feel like I should use a VPN, I’m not that worried about it.

We’re getting municipal fiber soon (sometime in the next two years), so I’m guessing this setup will change. I’ve already played with configuring a VPN on my network (failed at tunneling IPv6 over IPv4), so I’ll probably work on that sometime this year as I’m preparing for the upgrade (also running cable, reconfiguring VLANs, etc).

baritone_edge , 2 months ago

[Thread, post or comment was deleted by the author]

Charger8232 OP , 2 months ago

Ouch! Sorry that happened. I will take that into consideration. Thank you!

Shamot , 2 months ago

Glad to see you use cash. It’s often forgotten in privacy advice, despite being one of the most importants.

sugar_in_your_tea , 2 months ago

My main issue is with change. Sales tax means I get funky prices, like $2.37, so I get lots of small change. If prices were rounded to the nearest quarter, I’d use cash a lot more.

bloodfart , 2 months ago

The old jar full of change at home is how most people handle this.

It’s normal to have some change. Theres a famous movie, reservoir dogs maybe, where a cop has to blend in and scoops some change up off his nightstand and considers its weight before he stuffs it in his pocket.

Part of privacy is anonymity and one aspect of security is obscurity. Look normal, carry change.

sugar_in_your_tea , 2 months ago

Carrying change isn’t normal these days, at least in the US. And it’s not something I want to do anyway.

If we had a law that advertised prices must include sales tax, I’d probably use cash again because stores like to advertise simple prices. In the current situation, a $1 item would actually cost $1.08, so I would get $0.92 in change. I rarely go to multiple stores in a given day, and I’m not going to carry change just in case I happen to buy something that day. I do have a change jar, but I almost never use it because change is a hassle.

I’ve considered using gift cards, but the reloadable ones still require your name and the non-reloadable ones are too much of a hassle and too expensive. I do have one reloadable store gift card for a grocery store, but that’s it. Unfortunately, the only options for in-person digital payments are Google Pay, Samsung Pay, and Apple Pay, and I think those are each worse than paying with a credit card (now Google, Samsung, or Apple have all my payment information).

So, I just live with stores being able to track my purchases at their store. It’s not ideal, but at least there’s no one central institution with all of that data (and I use and rotate multiple cards).

bloodfart , 2 months ago

That’s weird. I’m in the us and it’s normal to use change or cash. The vending machines all take it, stores all take it. You gotta prepay for gas but whatever. There’s special self checkout registers festooned with cameras that you can’t use but idk if you’d want to go through one of those anyway.

No worries if you don’t want to, but I haven’t seen any weirdness around it.

What are you worried about with the existing cashless payment options?

sugar_in_your_tea , 2 months ago

The vending machines all take it, stores all take it.

Vending machines are reasonable because they’re almost all in increments of $0.25, except a handful of weird ones.

And yeah, I could pay in cash at most stores, but then I’d have a pocketful of change. Much of the time, I’m riding my bike when I go to stores, so now I’d need to carry change as well on my bike, which is really uncomfortable.

What are you worried about with the existing cashless payment options?

• Google Pay - Google would know my transaction history, and I don’t trust an ad company to have that info
• credit cards - my name is transferred along with my credit card number, so they can track me across cards and look up my address (I own my house, so my name is associated with my house as public record)
• Samsung/Apple Pay - only available on Samsung/Apple phones, which I’m not getting
• PayPal - I’m apparently banned (I think my account was compromised, since I’ve never sold anything and haven’t made a purchase in 15+ years)
• Venmo - have to use their physical card, which likely has the same problems as credit cards

I’d really like to switch to a Linux phone once they are daily driveable (just need MMS, decent audio, and all day battery life), and Google Pay et al aren’t compatible with that.

I really wish virtual credit cards were usable at the POS, which would allow me to change the name and switch the card number periodically.

That said, credit cards have a decent trade-off. I spend relatively little at physical stores (except Costco, but they track everything anyway), and I can use virtual cards numbers online, so my exposure is relatively small, and I get purchase protection and chargebacks as an option.

If cryptocurrencies weren’t so volatile and we’re accepted in more places, I’d totally use it.

bloodfart , 2 months ago

If you’re worried about your name being given at checkout and being stored and indexed by the merchant or the processor, you’re on the money about credit cards. They have a name associated with them every time like clockwork, it’s how the system is designed and it’s absurdly hard to get gift cards without receiving them as gifts or having people make straw purchases (yes, when pursuing financial crime the police use the same terminology as guns).

Some kind of device tied nfc might work, but the merchant still gets your id along with the transaction.

If you could get okay with apple devices id say that’s the contactless option that helps you the most in the situation you’re describing. But it doesn’t do you any good if you’re not on the devices.

There is an unexpected solution though…

You could always set up a corporate structure that you use to make purchases through. I’m not a lawyer, but something with a principal agent that’s not you but has you and or others as officers would let you buy stuff with a card and not have your name exposed to merchants and processors.

Now there are paperwork requirements and you’re opening yourself up to investigation by your state and federal authorities, but there are often enough kinds of local pass through entities that you can do a low key fake sort of money laundering through them.

Such a thing might seem antithetical to a privacy focused person, but consider that the wealthy use different corporate structures to hide the origin and disposition of their funds all the time. If it didn’t work it wouldn’t take incredible amounts of resources to prosecute.

sugar_in_your_tea , 2 months ago

corporate structure

I actually had something like this when I was contracting, and I know you can legally set up a trust for a family, just not sure if that’s enough to justify funneling expenses through.

Good idea though, I’ll have to think about it. I’d like to keep things legal because, unlike a rich person, I don’t have the resources to drag things out in court if someone (say, the IRS) wants to investigate me.

bloodfart , 2 months ago

Oh don’t get me wrong, I’m not suggesting that you break the law. Plenty of structures exist explicitly to improve people’s financial privacy. Call up a lawyer that does trusts and ask what their consultation fee is. Set aside that amount and go pay them for their expertise. Laws vary from place to place, so don’t rely on some internet source. Go to a person who deals hands on with the municipality you’ll be working under the jurisdiction of every day.

You’re not gonna fight the government. Using a corporate structure to handle money means you’re gonna keep accurate books and be 100% compliant with the law. It trades some small level of privacy to the government in exchange for privacy against everyone else.

sugar_in_your_tea , 2 months ago

Yeah, that’s certainly interesting, and I’ll have to look into it. I have some lawyer friends who could probably tell me whether it’s worth even looking into.

baritone_edge , 2 months ago

I keep a jar in my glovebox. My local grocery store has cash-based self checkout registers with a spot to input change. Whenever I go, I grab a handful of change and dump the lot into there. It usually takes like $3-6 off my purchase with some change left over. But it’s an easy way to keep the collection low.

sugar_in_your_tea , 2 months ago

Keeping change in the car is a decent option. If I only need to carry change to/from the store, that’s really not so bad. I’ll consider it.

Most of my money is spent at Costco (they obviously have my data anyway) and online (virtual cards FTW). So it’s really just my grocery store and a handful of other local stores that I’d need to worry about, all totaling ~$100/month (Costco is ~10x that). It would still be nice, especially now that my local grocery store has been bought out by a statewide chain.

baritone_edge , 2 months ago

[Thread, post or comment was deleted by the author]

sugar_in_your_tea , 2 months ago

When I say Costco already has my data anyway, the only way around that is to not use Costco. To buy anything there, I have to either scan my membership card or use a Costco gift card, paying with cash just limits the info my credit card company has since Costco would have it linked to my account. To get a Costco gift card, I need to use my membership card, so it’s already linked. I suppose I could use the gift card to reduce the likelihood that they associate the purchases with my account, but they could assume I’m using the cash card myself if I establish a pattern.

So I just accept that Costco knows my spending patterns. I think that’s reasonable, given the benefits that Costco provides:

• awesome return and warranty policies
• great prices
• high quality products

Costco has also never given me a reason to distrust them, so I make don’t see a reason to go out of my way to limit what they have access to. If I didn’t trust them, I wouldn’t shop at their warehouse.

The grocery store is different though. I don’t trust my local grocery store because they have no obligation to keep me happy aside from my going to their competitor, who is part of an even larger chain. That said, I spend very little at the local grocery store, so it’s not a lot of information.

Charger8232 OP , 2 months ago

My local gas station charges extra for using a credit card

reboot6675 , 2 months ago

I like to use cash. Used it all the time. But now I’ve fallen for the bank-card convenience… (especially self-checkout counters).

I’ve been considering to start using cash more again, but also I’ve noticed a bunch of places that don’t take cash anymore :/