• 2 Posts
Joined 1Y ago
Cake day: Nov 29, 2021


Its all open source, you can self-host it.

I know that there are components required to provide this service that are open source and/or self-hostable (eg - XMPP server and XMPP client). However, in the (very) little digging I’ve done, I don’t see how you could self-host the ability to receive a phone number (and to a lesser extent, call/text using that phone number).

Are you able to self-host the components necessary to obtain and use a phone number? If so, is the cost (omitting any hardware acquisition or hardware operations cost) any different than paying for this service or are there any other non-hardware based limitations (eg - can only activate a certain quantity of phone numbers, can only place a certain number of calls, etc.)?

Dendrite is listed in the post - https://matrix.org/blog/2022/08/15/the-matrix-summer-special-2022#dendrite--p2p

Dendrite plays an important role in our future strategy as it is also the homeserver implementation used for embedded homeservers, P2P development and experimentation. In addition to being able to scale up, we have also successfully scaled down, with the Element P2P demos proving that an embedded Dendrite homeserver can run comfortably on an iOS or Android device.

I didn’t realize that Dendrite was planned to be used for P2P. I thought it was just another option you had to host a homeserver. That makes this a bit more exciting.

In person team building events can be great. However, I have yet to participate in a good remote/virtual team building event.

Has anyone had a good experience with remote/virtual team building exercises?

People don’t understand how pervasive and extensive the data that companies are gathering on them are. For example, people have told me “Facebook doesn’t know much about me - I never post anything on there”. They don’t realize that Facebook learns so much more about them by just spending time on its website (or even worse - its mobile app) than it could from anything you would realistically post on Facebook (eg: you would likely never post your full contact list, every article you read, when/where you logged into FB, how long you spent on FB, etc.).The longer you’ve had the account and the more time you spend using the account (ie: browsing while logged into the account) the better.,

Additionally, people don’t understand who has their data and what’s being done with it. A common response from most people might be “well, what’s the big deal anyway? They’re gathering ‘all this information about me’ and in return I get to use a free service and get served ads for things I’m actually interested in. That doesn’t seem too bad.” They don’t realize that FB has shown the ability to manipulate people’s thoughts, emotions, and feelings to drive engagement. They don’t realize that because advertisers can target people so well, they are also able to manipulate you far better than they ever could before. They don’t realize that there is a quickly growing several trillion dollar market in personal data collection and there are hundreds/thousands of companies they’ve never heard of that have extremely accurate profiles of them likely with sensitive data that they probably wouldn’t have wanted shared with those companies.

I don’t think that “most people prefer to be spied on”. Instead, in addition to the above points, I think people think that they don’t have an option and that the “spying” is a necessity - maybe even a necessary evil (whether its for security or for the ability to use free services that improve people’s lives). If shown options with the pros/cons clearly laid out where the alternative isn’t too much more complex or inconvenient and handled most of their use cases for the product/service, I do think that there would be a shift in mindset and marketshare. Unfortunately, people are lazy so it would need to be the default option for the alternative(s) to get significant market share. Also, some of these services work so well due to network effects (can’t convince people to use a chat app if they don’t know anyone using the app) which can further complicate the adoption of alternative products/services. Since some of the biggest “spies” are so frequently used by nearly half the world’s population, it makes it extremely challenging to make noticeable changes (eg: “that person is weird for saying I should delete my FB account - everyone is on there. No way that person is right and that everyone is wrong for having an account”, “I want to delete my account, but then I’d be the only one I know without an account”, etc.).

Look at what Apple is doing with recent versions of iOS (and all its marketing). Its making an impact (at least a small one) on companies and people are “caring more” about their privacy. People don’t like being spied on. Hopefully in the coming years people will realize that they’re doing the digital privacy equivalent of switching from soda to juice (old iOS settings vs updated, privacy friendly iOS settings) when they really should’ve been switching to water (stop using as many privacy invasive products/services as possible).

It sounds like you would only use this as a security camera system, which is fine but obviously would limit your want/need for one if you feel the risk or need for one isn’t that high.

having documented evidence would lead to me checking and then I have to act

If that’s a concern then you could set it up in a way that you shouldn’t feel the need to “just check” the video feed. With a proper setup, you could receive notifications/texts/emails/etc. (or if you have a connected smart home, you could have lights turn a certain color, ring a doorbell, etc.) based on rules/parameters that you set.

Without a Shinobi (or any other NVR system/software), you would have to individually and manually monitor each camera you installed (unless its connected to the web or some other service run by a 3rd party). Having a NVR becomes a necessity with 2-3+ cameras, if you want to store the recordings, or if you want advanced video/image processing features. Like any other product that has competition, each NVR system/software has its pros and cons. Some may give you a more streamlined interface to view all your cameras. Some may give you better object/person detection. Some may integrate with other products/services better. Some may operate more efficiently/effectively than others. Some may only work on certain operating systems.

There are several reasons that you may want this beyond being paranoid.

  • monitor what animal(s) are eating the plants in your garden to better protect your garden or monitor the growth of your plants
  • monitor when you have packages delivered to provide evidence something came late (or didn’t arrive or that the package labeled “fragile” was thrown onto the porch)
  • monitor when tools, toys, or objects are left in the yard so you can better keep track of your things or remember to pit everything away before going to bed
  • monitor when/where your pet pooped in the yard so you can spend less time checking for it and ensure that you got all the poop
  • monitor the snack pantry to prove to your spouse that you’re not the one eating all the snacks
  • monitor the sleep walker of your household to make sure the areas they commonly go have safety features installed
  • monitor the room with your TV/computer/etc. to better track how much time you watch TV/use your computer/etc.

Obviously a camera is not the only way to achieve the goals listed above (nor is it the best/easiest way to achieve all of them). However, the point is that it could be used for anything.

Plus, you may think think the people who do use it for “security” purposes are paranoid for having this (and maybe they are), but when someone keys their car, slashes their car tire, steals their package, knocks over their mailbox, or has any sort of crime/unwanted behavior committed against them, they’ll be glad they had it recorded.

If they properly setup the NVR, they shouldn’t have to watch much of anything as the software would do it for them and alert them based on the activities/locations of their choosing. Depending on how advanced they want to build out the NVR and the other services they connect it to, they could build out a fully self-hosted home security setup. Maybe that sounds like overkill or something only the most paranoid people would want, but its something commonly sought out by parents, women who live by themselves, or people with a lot of enemies. Again, they may not have it because they expect something bad to happen to them, but instead can feel a little more comfortable that they’ll have some additional precautions in place if something bad did happen to them.

If security cameras are what my neighbors need to rest easy at night, then I am fine with them having them as long as they don’t invade my privacy. With how common products like Ring, Nest cameras, etc. are becoming, I would consider each person who chooses to operate their home cameras locally through a private NVR over a privacy invasive security system a big win to the privacy of that person and anyone else in the household as well as that person’s neighbors. We should be encouraging people to adopt Shinobi or similar NVRs instead of making people feel bad about being paranoid or being OK with them using connected/privacy invasive systems.

I did, or at least I thought I did. This is the article that loaded for me.

Along with the Pixel phones, watches and earbuds at Google’s annual showcase of software and devices last week came a pair of nifty-looking translation glasses. Put them on and real-time “subtitles” appear on the lenses as you watch a person speaking in a different language. Very cool. But the glasses aren’t commercially available. It’s also unlikely they will make anywhere near as much money as advertising does for Google’s parent, Alphabet Inc. Of the company’s $68 billion in total revenue from the quarter ending March 31, 2022, about $54 billion came from advertising.

The scope of our own, oblivious involvement in that business is also incomparable with any other time in history.

Does the article identify what “transmits” means? Is that just Google recording its users’ location/data to its own servers? I don’t think I’ve seen anything where Google is readily sharing their users data (excluding legal/regulatory requests or when granted explicit permission by the user), but instead gives customers the ability to select segmented audiences identified by Google so Google can serve them ads.

Regardless, neither are private but if Google is directly sharing user data (without explicit permission by the user, like using Google for 3rd party auth) then this would be the first time I’ve heard of this and its a much larger invasion/breach of privacy.

Why isn’t Shinobi as frequently recommended when compared to alternatives like Blue Iris or Frigate (especially Blue Iris since it requires Windows)?

What does the title of this post have to do with the article?

Privacy News Sources
What active (about 1 or more updates/posts per week) news source do you use to stay on top of privacy news?

What are you referring to?

To broadly answer your question, to name a few, there are…

  • paradox questions (eg - what happens when an unstoppable force hits an unmovable object)
  • impossible scenarios ( eg - what would happen if Hitler rode a dinosaur as a child)
  • questions we may be able to answer in the future, but cannot at the moment (eg - p vs NP)

Only companies and developers would know the details. Of course they are auditing, and if you ask, you will probably get some kind of response. On the other hand, they may not tell you for security reasons.

Do you know for sure the algorithms are audited? Has a verified 3rd party publicly reported their findings? A government or company saying “we were audited - trust us” holds as much credibility as them saying “we’re the best government/company in the world - trust us”. The purpose of having auditors is to provide assurance to a group of people (eg - shareholders, potential investors, citizens, etc.) without publicly exposing trade secrets, security details, or other sensitive data. If a government/company takes transparency and ethics among other things seriously, they would regularly have their algorithms audited and the findings would be made available ins relevant way.

If we’re going to lose them sooner or later, wouldn’t it be better to make use of them in order to achieve a more prosperous society?

I guess my country is trying to figure out how to enrich our society in the future by acknowledging that privacy does not exist. And shouldn’t we?

No - absolutely not. If we had this mindset for every social issue, we would never have progressed as a society. If the government were to come and take each citizens possessions every few weeks, would you just say “well, I trust they’re making better use of my possessions than I would have. It’s surely going to benefit my society better if they have it than if I did. I might as well might head down to the townhall each week and give them whatever I acquired that week to make it easier for them.” I’m sure it may sound a bit silly or hyperbolic, so maybe think of a people who feel their taxes/garnishments/tithes/etc. may be a little too high - same principal. Now re-read that but replace “possessions” with “privacy” because that is exactly what we’re doing. People may be OK with things because they don’t understand what is going on. Following this analogy, as soon as people find out that their possessions are being misused, people are going to be very upset. Likewise, once they realize their privacy is being abused, they’ll be very upset. It may not be this year or this decade, but continuing down the “well privacy doesn’t exist, so let’s keep abusing people’s privacy further” path will eventually lead to a very upset population.

The state also justifies the arbitrary harvesting and storage of biometric information by claiming in court that "it is the natural authority of the state to store information about its citizens. If this is followed, there is already no privacy at all in the public sphere. And large corporations will follow the state’s argument and say that it is their natural right to supplement their customers’ information.

Just because the government is doing/has been doing this doesn’t make it right. However, your government must have restrictions to this, right? For example, they’re likely not doing annual home inspections to look for signs oof"resistance". If they are, do you genuinely think people are OK with this? If they’re not doing that, do you think people would openly and willingly allow and encourage that behavior?

Same for the Disney comment. Find me a privacy rights activist who is OK with Disney checking fingerprint, but not small businesses doing something similar. I imagine you’ll have a very hard time doing so. I hope this is outlawed and/or Disney (and any other company that unnecessarily collects biometric information) stops this behavior because Disney most certainly does NOT need anyone’s fongerpirnts in order to operate their theme park.

Your response raises a lot of questions and potential red flags.

Who is developing the algorithms that determines suspicious behavior? Who is reviewing those algorithms to determine if any bias is in the algorithms, regardless of whether the bias is intentional or not? Are changes to the algorithms retroactive (eg - does a person who stood in a place for 11 mins last month get an infraction when the algorithm is updated from <=15 mins in that location is OK to >=10 mins is not OK)? How long are the infractions held for? Are immediate actions taken when an infraction occurs (eg - guard dogs are released when a criminal gets too close to an expensive item)? Are people made aware of any infractions they may have or receive? Are people made aware of what causes any/all infractions? Are people made aware that they’re being recorded or the level of recording (eg - facial recognition vs person detection)?

The point I’m trying to make here is that there are so many things to consider to make sure this is done correctly. I don’t think we even understand all of the scenarios to think through. Its one thing to do things wrong on a small scale, but when you’re talking about surveiling an entire city or country, then this needs to be done extremely thoughtfully and cautiously.

Also, there are many instances where companies and governments have built facial recognition systems, saying that they are doing person detection. It is difficult for the public to be sure that companies and governments have not built and abused such systems.

This goes back to the point I was making previously - it’s really hard to leave gihr home and not be recorded already. You’ll likely never know where you’re being recorded, who is recording you, or what will be done with your recordings. We’re losing the little privacy we do have left outside our homes and there’s not much we can do about it.

Yes, privacy is a very low priority right in my country. For this reason, people often adopt the idea of sacrificing privacy to protect the rights of citizens or to make them healthier and happier.

Since most of these digital privacy invasive technologies are innocuous and people are told of the benefits without understanding the drawbacks, its easy to think this technology is good. However, as people start to understand the scale and capability of these technologies, they will likely become less happy about them. They may get frustrated at not only themselves for not opposing the technologies originally, but at the government, retail store, tech companies, etc. for promoting the technologies and exploiting them.

Also, being monitored and tracked all the time is not a healthy thing. People behave and think differently when they’re watched. People need alone time. People need privacy. Having it allows people to explore, be curious, experiment, learn, and so much more. Having facial recognition cameras may not seem too repressive, but when it starts to change their behavior because they don’t want to be identified at a certain park/store/corner/etc., then that mental/emotional barrier to entry is just as hard to overcome as a physical wall/gate.

Such systems are often implemented from a crime prevention perspective, but they are also useful for large scale collection of statistical data. The results of the analysis are fed back to us, and many people are happy with the increased convenience.

Why do you need to know who is doing what? Wouldn’t it be nearly or just as beneficial knowing someone is doing something? You could use person detection (but not identification) for this. If you were trying to see how many people used a park, person recognition could help solve that.

It may be a hidden target, or it may be useful in another business of that company or government. In fact, some services have been launched as a result of such data analysis, with some success.

Abusing people’s privacy is a large price to pay for new business. Once a population’s privacy is lost in certain areas, it can be really hard to get it back. Typically we outlaw businesses where people are abused, whether its their rights/freedoms, health/wellbeing, safety, etc. I’m not sure why privacy should be any different (I know privacy isn’t a right in all countries though).

Also, many citizens support such a system, saying that it is “for the safety of society” and “for the arrest of criminals.”

Because of the laws governing the handling of personal data, many citizens trust that the information obtained by companies and governments is properly managed and used for the right things, and the prevailing view is that sacrificing some privacy for security and convenience is unavoidable.

I agree. However, I don’t think it’s clear or obvious what they are fully agreeing to. I imagine if all information you have on someone, the insights drawn from that information, and possibly even how they information is/could be abused, I think their stance on the topic may change. To many people, their privacy is something that they don’t realize they want and need until its clear to them that it’s been invaded. Since this these facial recognition programs are done in ways that don’t prevent people from doing what they want to do (eg - go to the store, go to the park, etc.), are unobtrusive (eg - the cameras are silent, placed in corners, relatively small, etc.), and the processing is done behind closed doors, people don’t really care or understand what is happening. They may not know how many cameras have captured their activity or even where the cameras are that may capture their activity.

If we replaced wall mounted cameras with people operating a camera and an individual camera operator follow each person around in areas that are using facial recognition, do you think people would be as supportive of such programs? I don’t think that the additional cost of cameras/operstors or crowd due to camera operators will be people’s main complaint.

Even if we just sent a letter to each person identified by facial recognition cameras with the information that was gathered (eg - where they were seen, how long they were seen at each spot, who they were seen with, what they may have been doing, etc.) plus any additional information that is tracked (rg - you were seen at this location XX times in the past YY days/weeks/months, you are typically at this place with ZZ person(s), you typically spend XX time there, etc.), then I doubt people would be so apathetic to their privacy being invaded.

Should we have cameras? Absolutely! They’re great at providing evidence of a crime and catching the perpetrator. They can be used in ways that doesn’t egregiously invade everyone’s privacy that happens to walk by a camera. Should there be automated human/object detection? Sure! It could help reduce storage costs of video and maybe even enable more cameras to be used as a result. Should the videos have automated individual identification/facial recognition? I’m torn here. Having it could enable certain features. For example, a bank could be setup to only allow the vault to be opened for certain individuals or a person could setup an automation to automatically unlock their front door when they walk up. However, I do not think that massive databases of people/faces should be built, collected, shared, etc. There are several other ways to prevent and deter crime that do not require the invasion of everyone’s privacy. If the concern is theft, you could place the items in a cage, behind a counter, in anti-theft boxes, hire additional staff, etc.

Out of all the other reasons listed, I don’t see how most of them benefit society. What good does facial recognition provide on tracking pedestrians? Why is it needed? Couldn’t whatever benefit you think is occurring happen with cameras that only detect that a person is on screen? Why would you want facial recognition for marketing purposes? What benefit does it provide you or society that the dozens of other ways marketing companies track their target audience isn’t already doing? Also, why do people who aren’t part of a target audience need to be included in a company’s mass collection of faces? Why does a beard care company need to gather women’s faces? Why does a tampon company need to gather men’s faces? Why do we need another way to track people taking public transit that couldn’t already be done with existing methods?

The only reason that I believe you’ve listed that is potentially valid is public agencies tracking fugitives. If you’re wrongly committed of something though, what do you do? You can’t go in public, you can’t take public transit, you can’t go to the store. Do you just turn yourself in and hope the agencies find the true perpetrator or hope you can afford a good enough lawyer to get your case dismissed? Also, what percentage of the population requires this? I assume its likely less than 10% and that may be generous. So that means that the vast majority of the population do not deserve to have their privacy protected and must have their faces collected, sold, shared, etc. because a small percentage of the population may be fugitives.

Crime has occurred before this privacy invasive technology existed and it will continue to occur with it. It’s unreasonable that everyone’s privacy must be abused in the name if safety when it will likely not even make a major change to crime prevention.

With behavioral identifiers, it is possible to change the type, quality, quantity, or values of data collected about you going forward (and thus your ability to be tracked) without too much of a problem. You can buy different devices or trade your existing ones, avoid specific websites/apps, use privacy friendly services, use services that protect you, change/delete your information, provide false information, etc. Granted, there may be limitations and certaintly many inconveniences in doing so but it is possible.

When it comes to biometric identifiers (eg - retina, fingerprint, face, dental, DNA, etc.) or even pseudo-biometric identifiers (eg - gait/stride, handwriting, typing cadence, etc.), it is much more difficult, if not impossible, to change the type, quality, quantity, or values of data collected about you. You may be able to change all or some of these identifiers, but at a much larger financial cost, inconvenience, physical pain, etc. and you may only be able to change some of those identifiers a finite number of times. How do you change your DNA (or prevent companies from obtaining it with certainty) once insurance companies have it and start denying you policies due to certain genetic dispositions? How do you change your fingerprints once a company who requires that information to prevent abuse of their service is hacked? How do you change your facial construct after a company like ClearviewAI has it from your presence on social media?

You may be OK with a certain company having your data right now for a particular purpose (eg - biometric lab for medical blood tests), but you may not be comfortable with that same company having that data years from now (eg - same biometric lab keeping your data to help identify medical trends for you, but you no longer want them to have it because you switched labs), using it for purposes unbeknownst to you (eg - same biometric lab uses your data for medical research), or any of the entities that have received that data via sharing, selling, hacking, negligence, etc. Once your data is made available or placed in the wrong hands, you have no idea how your data will be handled, used, or abused nor for how long your data will be stored. That’s especially true for data that cannot easily be changed, like biometric data.

Also, there are several examples of exploitation, misidentification, and other poorly implemented versions of facial recognition. People have been misidentified as someone committing a crime and incorrectly arrested or even placed in jail. People have been incorrectly targeted by stores as a person likely to shoplift due to their skin tone. It’s also possible for fraud or identity theft to occur when this technology is handled poorly.

Despite all this, many retail companies are including this type of technology and it will likely continue to be adopted unless there is some legal or regulatory rrestriction Additionally, it’s never been easier for people to feed the facial recognition databases (eg - doorbell cameras, home security cameras, cellphones, drones, etc.). The dystopian scenario behind this is that you won’t be able to leave your home without being tracked between consumer devices in residential areaa, government devices in public places, and corporate devices in retail/office spaces without being tracked. The scary thought is that we may be closer to that scenario than many people realize.

In other news, water is wet. /s

This is just another example of corporations pushing the limits of both the law/regulations and what people are willing to accept in order to increase profits. Its analogous to predatory practices enabled by fine print in contracts, terms and conditions, advertisements, etc. “We value your privacy - your data will never be sold ~we’ll only share your data with our 35 trusted data brokers~” is the new “You qualify for an unlimited credit card with 0 percent financing ~introductory interest rate expires after initial purchase and becomes 200 percent on top of additional fines and fees for each additional purchase~”.

I’m not privy to what is going on, who the users from the screenshot are, or what this is all in reference to, but saying they “actively setup RSS feeds” for this is a bit disingenuous. The ability to consume Reddit users’ RSS feeds has existed for longer than GrapheneOS has been around. Anyone posting on Reddit (especially on public subs) or any other public site should have the expectation that their posts/comments can be monitored/tracked/followed, searched, recorded/copied, etc. This should just be viewed as a reminder of that.

I’m not privy to what is going on, who the users from the screenshot are, or what this is all in reference to, but saying they “actively setup RSS feeds” for this is a bit disingenuous. The ability to consume Reddit users’ RSS feeds has existed for longer than GrapheneOS has been around. Anyone posting on Reddit (especially on public subs) or any other public site should have the expectation that their posts/comments can be monitored/tracked/followed, searched, recorded/copied, etc. This should just be viewed as a reminder of that.

There really isn’t anything not native about Flutter. It’s just a newer framework than the default android framework.

You’re correct - Flutter isn’t a native Android language and instead will compile the codebase to an app native to the intended platform(s). However, I think you may be mixing up Jerboa and Lemmur. Jerboa is written in Kotlin, which is a modern 1st class Android language. Lemmur is written in Flutter.

I’m also not sure how this would work from a technical perspective. Would community creators have to share their Matrix credentials with their Lemmy instance/client? Would the Matrix room be created by a different Matrix account managed by the Lemmy instance maintainer? How would it work if the Lemmy community creator wanted to use a different Matrix homeserver than matrix.org? What if a space was better suited for Matrix than a room? How would the community maintainer change the room in the future? What if the maintainer for a community switches and the new maintainer doesn’t have access to the account that is running the Matrix room?

I’m not sure if this is already available, but I think a field to enter a Matrix room/space link would be better than the ability to automatically create a Matrix room. It would give the community creator more flexibility and creating a room/space doesn’t take too much time. If a person is going out of their way to create/maintain a Lemmy community, they should also have the ability (or the ability to figure out how) to create a Matrix room/space.

I haven’t validated all of these concerns, but there are some things that will keep me away from the app.

First is the reliance on Google for messages/notifications. This is the biggest roadblock for me. I understand that using Google Cloud Messaging or other Google service makes rolling out certain features much easier, but a project like Mastodon should not be relying on Google for anything beyond things like Google Play Store (assuming f-droid is also utilized, which it won’t until the app no longer relies on Google).

Second is the limited functionality (eg - missing local feed). I’m not familiar with the roadmap or vision for the app nor the version naming convention, but I feel some important/basic functionality is missing for a “1.0” release. I’ve seen some chatter about removing some timelines from Mastodon altogether which brings some other concerns unrelated to the new app.

Third is supporting the decentralization of Mastodon. I feel that decentralization extends beyond the number of available instances/instance maintainers and also includes the number of available and viable clients/client maintainers. I know there will be more users of other apps like Tusky for a while, but I would really like to avoid seeing the majority of Android Mastodon users using the official Mastodon app. With that said, I’m sure I’ll try out the official Mastodon app someday (once the other concerns are addressed), but I doubt it will ever be the only Mastodon app that I use.

I realized that may be the case after commenting. I didn’t read your post as closely as I should have, but I kept the comment up in case someone finds it helpful.

Unfortunately I’m not aware of any solutions beyond buy bigger drives, stand up a backup NAS, or omit unimportant/non-critical/easily recoverable data from backups. I don’t think that’s what you’re looking for though.

Consider implementing networked attached storage (NAS) like TrueNAS or Unraid. There are other options (both NAS and non-NAS options) that will help you achieve this. Going with a NAS will help you mitigate risks relating to drive failure (ie - you install multiple hard drives and if one hard drive fails, the system will keep working until you get the failed drive replaced), will make the storage accessible across the devices on your network (depending on how you configure your NAS and network) instead of just the device the hard drive is plugged into, can run additional services/applications on the system, and will likely have some sort of backup system that you can enable/configure for either cloud backups or local backups to another device. The downside is that it will likely require additional hardware and/or some network work. It can be done pretty easily though depending on your needs. For example, Network Chuck has a tutorial on setting up a NAS on a Raspberry Pi.

Lemmur Repository

  • First released in January 2021
  • Latest release was January 2022
  • 13 total releases
  • Currently in… stable/pre-stable?

Jerboa Repository

  • First released in January 2022
  • Latest release was March 2022
  • 11 total releases
  • Currently in alpha


  • Both have similar features (eg - login to Lemmy account, upvote, downvote, post, comment, subscribe to communities, DM, view notifications (not sure if both/either will notify you of notifications though), etc.)
  • Both are under active development
  • Both are available on the Google Play Store and f-droid
  • Neither have advanced features such as WYSIWYG editor, customization/theming, etc.


  • Lemmur is a Flutter app
    • It is a “native app”, but it isn’t written in Android’s native language of Java/Kotlin
    • Flutter is written in Dart and builds to a native app for the targeted platform(s) (in this case Android, Windows, and Linux)
    • The benefit of Flutter is that you can write one code base and target multiple platforms with the one code base, but at the expense of being confined to Flutter’s limitations
    • Flutter should be more performant than other “cross platform” development platforms, especially ones that essentially just bind a web app around native platform APIs
    • Kotlin does not support 3D apps as seen in apps such as advanced games
  • Jerboa is a native Android only app written in Kotlin
    • Kotlin can be simplified as a more modern/newer version of Java
    • Kotlin became a native language for Android several years ago
    • Apps written in Kotlin will only be limited by the language itself (which usually has work around) or Android itself
    • The downside of writing an app in Kotlin is that the code base is essentially limited to Android so it cannot be released for other platforms like iOS, Windows, Mac, Linux, etc.
    • In theory, well written Kotlin apps should be smaller and less resource intensive than similarly well written Flutter apps, but the difference will likely be negligible unless on underpowered devices or if the app is extremely large/complex in nature
  • Lemmur is led by the… community?
  • Jerboa is made/led by @dessalines@lemmy.ml, a creator/maintainer of Lemmy

I’m sure others will have more to add than this simple overview. I would recommend trying both and seeing which you prefer. While both are suitable for daily use, neither are really feature complete at the moment. As long as both continue to receive steady updates or until one app receives some " killer" feature that the other doesn’t have and can’t implement for whatever reason, I don’t think there will be a clear winner that most people will recommend and it will just come down to personal preference. Who knows - maybe by the time that happens, it would be a different app that is heavily preferred by most users.

what’s even worse is, that these apps wouldn’t even need the Play Services if the developers really wanted it.

Yeah, that is really frustrating. Google’s stranglehold encompasses end users, phone manufacturers, and any company/developer creating an Android app (or even iOS app due to Firebase and other Google services). I hope that we all can start breaking free of Google without having to compromise as much as we currently have to.

I use LineageOS, so I guess the integrated SMS and phone apps don’t do this?

Based on what I’ve seen, using those apps should address the recent accusations/findings. Doesn’t mean that the same or similar thing isn’t happening through Google Play Services though. It also still exposes privacy risks due to the nature of SMS and network phone call infrastructure.

Of course I still hemorrhage metadata, but privacy is not an all-or-nothing situation like many privacy evangelists shout into the void.

I get that Matrix isn’t perfect, but I’m not sure I understand the amount of backlash it sometimes receives. Hopefully it can continue to improve by addressing those concerns.

While I would love to see this for many reasons, I’m not convinced it would eliminate all tracking/data collection on its own. For example, in this case Google provided seemingly good, “non-advertising” related reasons for this data collection. Companies could do this to justify just about anything that they wanted to collect. However, banning behavorial based advertising without any loopholes (eg - users are in South America, servers are in EU, but the law only impacts services where both users and servers are in North America) would hopefully lead to a sharp decline in the market of shared/sold data. So while it would help change the current landscape where we are giving up our privacy in exchange for companies’ profits, we would be giving up our privacy for (presumably better) services. In that case, at least consumers are (ideally) able to directly benefit from the data that they are sharing/giving up.

While all good points, they don’t specifically address the problems mentioned in the post.

Douglas Leith, a computer science professor at the Trinity College Dublin, claims in his “What Data Do The Google Dialer and Messages Apps on Android Send to Google?” paper that Google’s Messages and Dialer apps have been sending data to the company’s servers without taking explicit user consent. More specifically, these apps collect information about user communications, including an SHA256 hash of the messages and their timestamp, phone numbers, incoming and outgoing call logs, call duration, and length. This is then shared with Google’s servers using Google Play Services Clearcut logger service and the Firebase Analytics service. The data helps the company link the message sender and receiver and/or the two devices in the call, enabling features like spam filtering and business caller IDs. - similar report from Android Police

The quickest/easiest thing to do to mitigate any risks from the accusations is to just use a more privacy friendly SMS app and phone app. However, doing so may lead to some unwanted outcomes (eg - no RCS, loss of phone call functionality that Google has implemented over the years) and it may not eliminate Google’s ability to collect this information anyway due to Google Play Services. These are small prices to pay and aren’t difficult to adjust to if you’re concerned with Google abusing or mishandling your data.

An even better quick win would be using private and secure messenging, calling, and video chatting services instead of traditional SMS and phone calls. There have been a few mentioned in the thread. Doing so may be frustrating as you’ll have to convince everyone you communicate with to use the app(ss of your choosing and you’ll likely run into situations where using those apps are not possible (eg - school/work activities, interacting with businesses, etc.).

Aside from not using a cell phone at all, the best thing you could do is ditch traditional Android (ie - Android with Google Play Services, the Google Play Store, etc.). Moving to iOS may help mitigate Google’s data collection ability, but it shifts the risk from Google to Apple. Instead, as /u/Jouissance_juice mentioned, using GrapheneOS would help tremendously with the recent accusations (in addition many other privacy and security risks). The downside is that it requires a Pixel phone and it can be a bit of a jarring experience for people who ate used to the ttraditional “Google” Android experience. There are other ROMs (eg - CalyxOS, LineageOS, etc.) that may offer a less jarring experience at the expense of a (possibly only a little bit of) security and privacy. Keep in mind that even if you do this and still communicate over SMS and traditional phone calls that the carriers and others (including Google if the other person you’re communicating with uses Android) will still be able to access most of the information as before you made the change. You would still need to move to a private and secure communication app to mitigate your privacy concerns as much as possible.

Really depends on what you are using it for. Some of the options below can be used across the listed categories.

  • Syncing/accessing documents on multiple devices?

    • Nextcloud
    • Owncloud
    • Seafile
    • Syncthing
  • Notes?

    • Standard Notes
    • Joplin
    • Etesync Notes
    • Cryptee
  • Collaborative Editing?

    • Collabora

I don’t see Whoogle posted. If you really need/want to use Google search for whatever reason, Whoogle is a great alternative. I’m not sure why it’s not more heavily discussed on places like PrivacyGuides, PrivacyTools, etc.

No, adblockers are not piracy. It’s more similar to using a “free service/resource” that has a recommended (or even expected) donation, which you decide not to pay.

If you’re somehow using adblockers to get past a paywall or some other authentication/authorization system, then we have a legitimate piracy conversation.

I wouldn’t lose any sleep over it. That user has a history of this type of behavior (eg - https://lemmy.ml/post/163751 ), as pointed out by @X_CLI

Similar to other bans in that sub, I don’t agree with your ban. The reason provided (“Creating fake drama and attention that only exists in your head, you proved absolutely nothing. https://lemmy.ml/post/168793/comment/118643”) does not seem accurate. If anything, you could have been violating the rule “No doomsday, all is insecure and world will end drama.”, but that doesn’t seem to be accurate either.

On the other hand, the other user seemed to be violating the rule “Do not defend product x or service x because you like it, post evidence for your claim otherwise you will get banned.”.

All great points. What I was really hoping to do was something like container A for VPN 1, container B for VPN 2, container C for VPN 3, etc. while my desktop is on a separate VPN. I don’t think this could easily be achieved with different profiles or browsers. I could achieve this with VMs but hadn’t considered it too much yet.

I know Docker images arent usually for GUI applications, but I was really hoping to find something similar to https://github.com/linuxserver/docker-firefox but for LibreWolf. I would be fine with using Firefox if I could figure out how to use uBlockOrigin and Arkenfox with the image by default.

Unfortunately this is feeling similar to net neutrality to me. It’s something that keeps coming back every few months/years and receives attention from people in the tech/privacy/security communities, but doesn’t seem to receive much opposition outside of those communities. Since it’s being pushed as a way to protect children, it’ll likely be harder to get people to oppose it. I hope that the recent uptick in the general population’s privacy awareness (however small it may be) and initiatives by some tech companies will help people understand how bad this could/would be for their privacy.

I didn’t see anything mentioned about this in the article, but I wonder how this would impact VPNs. I’m sure most companies, especially those that are allowing more employees to work remotely due to COVID, would be opposed to this bill as they rely on the corporate VPN for security.

Additionally, this seems to be something that ISPs may support. In theory, it would enable them to collect more information on their users for them to later sell/share. It could also help them in providing preferential treatment of different sites/services (eg - device A is using a VPN so it gets throttled, device B is accessing an encrypted alternative YouTube frontend so it gets throttled, device C is accessing the EARN IT compliant YouTube site directly so it gets the fastest speed possible).

In the event that it does pass, I am curious how this would change the privacy/security landscape. Would more privacy oriented companies turn to decentralized services/models? Would things like the fediverse be more quickly adopted by the average consumer? Would self hosted services become a more attractive business model? Would this force companies to limit what is hosted on 3rd party cloud providers? Would it lead to stronger initiatives to create a “new internet” or larger adoption of networks like Tor? I really hope we don’t have to find out, but maybe it wouldn’t necessarily be the end of (the little) privacy that we currently have.

Multiple Librewolf Instances
I've been looking for something "official" from the Librewolf team regarding running Librewolf in Docker, but I haven't found much. There are a few initiatives that seem to support Librewolf Docker containers (eg [Github](https://github.com/librewolf-community/LibreWolf), [Docker Hub](https://hub.docker.com/u/librewolf)), but they don't seem to be referenced much nor heavily used. However, maybe the reason I don't see it much is that there are better ways to achieve what I'm looking for. - Better separation from daily OS environment and regular browsing environment - Ability to run multiple instances privacy friendly browser and isolate each instance for particular use cases - Configure each instance to be run over different VPNs (or no VPN at all) Is there a way to best achieve this?

I messed with it some more and it seems to be working now for me too.

It would be really nice to see this in Lemmur.

I don’t think we’re talking about the same functionality. I can’t get NewPipe to open YouTube links by default from any app seamlessly. I can only share to or request to open YouTube links in NewPipe once I’ve already loaded the page in the browser. Maybe I’m doing something wrong though?

It seems like there is some back and forth about this topic on this Github issue.

If the desired functionality is “Lemmur should directly/seamlessly open the Lemmy link anytime a Lemmy link is clicked, regardless of what app the link was clicked from” then I believe the domain needs to be added as a “Verified Link” within the app which requires some work within both the Lemmur app and each supported domain. I’m not sure how challenging it would be coordinating and maintaining all of the Verified Links, but it seems more work is needed beyond just a community list.

However, if the desired functionality is “Lemmur can be requested to open any Lemmy link that was already opened in the web browser” or “any Lemmy link clicked from within the Lemmur app should open directly in the Lemmur app without leaving the app” then I think a (well maintained) community list of public instances would be rather helpful in implementing this functionality.

I’m not sure if any of the above functionality is planned - it would definitely be nice to see though!

I don’t think it’s currently possible.

Android apps are able to open links via the Open supported links functionality within the app’s App info screen (where you would go to manage the app’s permissions, notifications, etc.). You can even toggle the functionality by various domains or subdomains per app.

However, I think the app needs to declare what links it supports. I’m not aware of a way to add supported links for the user to toggle on/off once the app is installed.

Assuming that’s accurate, it also leads to the question - how would Lemmur handle various Lemmy instances? It could obviously include https://lemmy.ml or other large instances, but I doubt the developers want to support every small/private instance.

This is nice. I’ve seen something similar before for Nitter as a browser extension. I’ve been trying to find a solution that does this for multiple privacy friendly front ends, but haven’t found exactly what I’m looking for just yet. The closest I’ve found is the results presented in Whoogle, but it only works for results displayed on the page.