SecurityPro 2 days ago • 75%
I use Eufy doorbells, locks, and cameras. I realize they are a Chinese company, but that is almost unavoidable until the US gets back to actually manufacturing tech.
The reason I like Eufy is the local storage and no required subscription fees.
SecurityPro 1 week ago • 100%
First quick check of the app with classysharkExodus shows the following trackers built in:
- Google AdMob - "AdMob makes earning revenue easy with in-app ads, actionable insights, and powerful, easy-to-use tools that grow your app business"
- Google Firebase Analytics - This logs user language preference and user location
The October issue of Consumer Reports has a full page ad for their app called "Permission Slip". The tagline reads "_Companirs collect and sell you personal data. Our easy to use app helps you take back control._" Anyone have any experience with this? I haven't heard of it before but plan to install and do some testing.
SecurityPro 2 months ago • 100%
I think Graphene OS was commenting about them on Twitter. I'll see if I can find the posts.
SecurityPro 3 months ago • 100%
We need an online guide, based on make and model, on how to disable the transmission of this data.
SecurityPro 4 months ago • 100%
Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.
SecurityPro 4 months ago • 100%
Not in the US. A phone "purchased" on contract is carrier locked and you can't unlock the bootloader, which needs to be done in order to install a different OS.
SecurityPro 4 months ago • 100%
I believe NetGuard will act as a VPN. This will prevent you from using an actual VPN.
SecurityPro 4 months ago • 100%
Since it is a free phone from a carrier it will be locked until the phone is "paid off" by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.
SecurityPro 4 months ago • 95%
As someone who has worked fraud and online investigations, and both written and served search warrants; it is not an option. A probable cause affidavit is presented to a judge and if the judge agrees there is sufficient probable cause, a search warrant is issued. This is an order by the judge and not optional. The judge can hold the company in contempt if they refuse to obey his/her order.
SecurityPro 4 months ago • 100%
"helped" is very misleading. Companies can't refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.
SecurityPro 5 months ago • 100%
Can I add it to my Amazon wish list?
SecurityPro 6 months ago • 100%
Why would you want to??
SecurityPro 6 months ago • 100%
Doubt it is a watch issue, only started when the Bluetooth bug started with Graphene OS
SecurityPro 6 months ago • 100%
The update did not fix the issue for me. Using a Pixel 6a with Graphene OS and a Samsung Galaxy Watch 5 Pro. The watch had been working just fine with Graphene OS until the recent OS changes.
Since the most recent update, nothing really improved. The watch had to be factory reset in order to get it to connect the the phone via Bluetooth. That worked for less than 5 hours and it lost connection to the phone and would not reconnect.
Still the only way to get it to reconnect it to factory reset the watch and re-pair it to the phone. Since that connection still only lasts less than 5 hours (sometimes on an hour or so), I'm tired of doing that and have quit wearing the watch.
SecurityPro 6 months ago • 25%
Regarding: "On Android you can use [Stealth] . That's what I use for searches that pull up Reddit posts."
The stealth protocol does not have anything to do with accessing individual sites or services. The purpose of stealth is when trying to estata VPN connection to a provider that does not allow VPNs. For example, a public wifi that blocks VPN connections or some countries that require ISPs to block VPN connections.
SecurityPro 6 months ago • 100%
Anytype has responded and I had a couple other clarifying questions. Their first response:
"Hi! In our privacy policy we include Amplitude & Sentry & explain why we work with them: anytype.io/app_privacy. Currently, you can opt-out by electing local-only or self-hosted network Mode"
Sentry is only used for bug tracking and I don't have any issue or privacy concerns with that.
I had already looked on their website for a privacy policy and the only one I could locate was a website only privacy policy. I learned later that the application privacy policy is buried as a link somewhere within the website privacy policy. This is not very easy to find.
I reviewed the application privacy policy and it conflicted with their answer stating that a user could opt out of information sharing with Amplitude by using "local only" or "self-hosted". So I pointed this out and posted this reply to them:
"Also, app privacy policy section for Amplitude states: Amplitude Analytics Purpose: deliver behavioral and app usage data. Opt-out possible: NO"
This is the response I received:
"Indeed this is outdated information, as it was written before self-hosting and local-only mode were properly configurable. Opt-out is now possible using these methods, and we will be updating the policy accordingly."
SecurityPro 6 months ago • 100%
Reach out to the job sites directly and report these as fraudulent. Ask them to remove the resume postings.
Also consider making accounts for her on these sites, may make it easier to prevent future posting and to remove any that do appear.
Then, since it sounds like you are her lawyer. Subpoena these sites for information on account, email address, IP address used for the fraudulent posts.
SecurityPro 6 months ago • 100%
Agreed, grab AntennaPod from the f-droid store.
SecurityPro 6 months ago • 100%
Well, when they have fake user data and can't access any data from others apps...it means more than nothing.
SecurityPro 6 months ago • 100%
The app sandboxing in Graphene is the perfect place to use them. All you need is the Galaxy Wear app. Maybe Samsung Health, but I think that is optional.
Along with the protections built into Graphene, I use an always on VPN; and 99% of my accounts use unique email addresses, usernames, and passwords for each account.
SecurityPro 6 months ago • 100%
Has it fixed it? I shut off my Galaxy Watch 5 Pro since I had to reset and re-pair it multiple times a day. Now I'm on vacation and didn't even bring it with me.
SecurityPro 6 months ago • 100%
I looked at some of these on my own and found:
-
graylog provides data privacy and protection services for companies offering software as a service (SaaS). So this seems legit to me and needed for their core functionality. It is not a marketing or data analytics company.
-
amplitude appears to be a data analytics company and on the surface is not needed and Anytype should explain this.
-
sentry appears to be an application error tracking company and this seems a legit connection
-
api2 seems like a generic server name and likely needed for their core functionality, this seems legit to me
-
telemetry also seems like a generic server name; however, the purpose, based on its name does not seem to be needed. Anytype should explain this as well.
SecurityPro 6 months ago • 100%
I've contacted Anytype about this and will post their response.
I run Graphene OS on my phone and have an always on VPN connection. Plus I use a different email address, username, and password for 99% of my accounts. So I don't worry about telemetry, analytics, or data marketing anymore.
SecurityPro 6 months ago • 100%
Agreed, they are continually improving it
SecurityPro 6 months ago • 100%
I use Anytype (anytype.io) on my phone and desktop. I make a page for each trip and add screenshots of confirmations, maps, itinerary, etc.
Anytype is similar to Notion but is open source and encrypted locally.
SecurityPro 6 months ago • 100%
Yeah, and despite three or four OS updates the last few days...it is still an issue.
SecurityPro 6 months ago • 100%
The bigger question I have is how are you going to view them? Did you build yourself and IMAX size screen?
SecurityPro 6 months ago • 100%
I'm still having Bluetooth issues. My Wear OS device looses connection and it can only establish a connection again by resetting the watch and pairing it again. However this only lasts about an hour then it looses connection again.
SecurityPro 7 months ago • 100%
I have remote access for Jellyfin using a domain I purchased just for self-hosting. Using Nginx Proxy Manager (NPM) and a dynamic IP service. NPM handles directing the incoming traffic to the correct server. I point a subdomain back to my Jellyfin server. When traveling, I install the Jellyfin app on a smart TV where I am staying, or connect my laptop to the TV and just use the web interface and my subdomain. I also use the Jellyfin android app to connect remotely using a phone or tablet.
At home all my TVs use a Roku and the Jellyfin Roku app to connect locally.
SecurityPro 7 months ago • 77%
So still no Wireguard and no split tunneling...sticking with Mullvad then.
SecurityPro 7 months ago • 100%
Does the new version have Wireguard or is it still stuck with just openVPN?
I gave up on ProtonVPN for my Linux devices and switched back to Mullvad. They have Wireguard and split tunneling on Linux and have for quite a while.
SecurityPro 7 months ago • 100%
Can't find this in a search of communities. Is it gone?
I've had some luck blocking ads on Hulu but it seems to be an ever evolving situation. Is anyone having decent success blocking Hulu ads with pi-hole? What domains do you block and which ones are required?
SecurityPro 7 months ago • 100%
SecurityPro 7 months ago • 100%
I own an Airbnb and found the Eufy smart lock to be extremely useful. Lock codes can be set remotely in the app with a start and end date. You can also use a fingerprint. The key is a style that can't be duplicated easily. It has an auto lock feature with a time delay setting. Camera and non-camera versions are available.
I recently purchased my first laser. I'm interested in adding color to my engravings. Specifically I want white text engraved on black metal. However I've searched online and can't find any white marking materials.
SecurityPro 7 months ago • 50%
I didn't have to install manually, it showed up within the app as an available update.
SecurityPro 7 months ago • 100%
I run Graphene OS on my phone and can confirm that the OS dialer app does have call recording.
SecurityPro 8 months ago • 100%
Well then your devices are still phoning home with telemetry that is still tied to your ISP assigned IP address (guest network doesn't provide any privacy).
SecurityPro 8 months ago • 93%
Calibre
The Bill includes no definition of hate and is wide open to abuse by bad actors. Defend free speech – say no to this legislation, and any legislation of is kind... Anywhere! https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09[https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09](url)
I purchased a brand new Xbox wireless controller. It paired with my steam deck easily but it will not connect and the "X" button on the controller keeps flashing. I've hit every button on the controller and can't get it to actually connect. I've also rebooted the steam deck. Any help would be appreciated...
Quoted from GrapheneOS: Cellebrite and others in their industry use logical extraction to refer to extracting data from a device after unlocking it, enabling developer options (requires PIN/password), enabling ADB and permitting access for the ADB key of the attached device. See https://cellebrite.com/en/glossary/logical-extraction-mobile-forensics/ The baseline doesn't involve exploitation. The next step up is exploitation via ADB to obtain more data than ADB makes available. Obtaining data from a locked device requires an exploit. If it was unlocked since boot, the OS can access most data of the currently logged in users. GrapheneOS includes our auto-reboot feature to automatically get data back at rest so that it's not obtainable even if the device is exploited. Can set this to a much lower value than the default 72 hours. 12 hours won't cause inconveniences for most users, but you can go lower. User profiles that are not currently active have their data at rest. GrapheneOS provides the option to put secondary users back at rest via end session for convenience. Sensitive global system data is stored by the Owner user, which is why you can't log into another user first. GrapheneOS also provides the option to disable keeping a secondary user active in the background, to force ending the session when switching away from it. We provide substantial exploit protection features (https://grapheneos.org/features#exploit-protection), and we're working on some major improvements. For user profiles that are not currently logged in, their data is protected by encryption even if the device is exploited. An attacker needs to brute force the password. If you use a strong random passphrase, they cannot do it. Otherwise, you depend on hardware-based security. Most Android devices don't have decent hardware-based encryption security. If a typical Android device has the OS exploited, the attacker can trivially bypass any typical PIN/passphrase via brute force. We only support devices defending against this (https://grapheneos.org/faq#encryption). iPhones, Pixels and certain other Android devices provide hardware-based throttling of unlock attempts via a secure element. We explain how this works at https://grapheneos.org/faq#encryption. This protection depends on security of the secure element, which is quite good for Pixel 6 and later.