Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)P

prism

@ prism @lemmy.dbzer0.com

Posts
1
Comments
28
Joined
1 yr. ago

  • Status of syncthing-fork on Android?

    Jump

  • I know I'm not directly answering your question but I switched from Catfriend's last build to BasicSync. Sure, it doesn't have the same bells and whistles as Syncthing Fork but importing worked fine and it's been rock solid since. If you've ever used the Syncthing web UI on desktop you'll be fine. Plus the developer is well known in the Android development circle.

  • Introducing Google Cloud Fraud Defense, the next evolution of reCAPTCHA | Google Cloud Blog

    Jump

  • This is it, what they've been wanting all along. You will no longer be able to access vast swathes of the internet unless you have a Google approved device, that is a Google-certified Android device with Google Play Services (aka Google Play Spyware) or an app on iOS. Use GrapheneOS or a Linux phone? No internet for you.

    What I'd like to know is, what if you're already accessing a site from your phone? And what if you genuinely don't have another device? I'm assuming the answer to the second is you're SOL.

  • Forgejo v15.0 is available

    Jump

  • Finally, repository specific access tokens were added! I was missing this feature from GitHub (fine-grained access tokens) and had resorted to making service accounts that had access to a single repo. Time to clean that up :)

  • HW Fido2 Provider not working in IronFox

    Jump

  • Perhaps try Authnkey which is more recently updated. If that doesn't work then some details like which security key you are using and over which protocol (USB or NFC) would be good to know.

  • Is this Android SSH app vibe coded?

    Jump

  • Maybe people don't care but some do. I am sure I am not alone in caring. I believe every user should have the right to know what is running on their system and where it came from. What they choose to do with that information is up to them.

  • Open Source @lemmy.ml
    prism @lemmy.dbzer0.com

    Is this Android SSH app vibe coded?

    github.com /GlassOnTin/Haven

  • Astral to Join OpenAI

    Jump

  • Sigh. I knew uv and ruff were too good to be true. Just hope the community can fork before it all goes to crap.

  • What happened to Cromite website/ F-Droid repo?

    Jump

  • Ultimately that is your choice. I personally will not use researchxxl's version considering they appeared out of nowhere and there was 0 communication about the transition. For now I will continue to use Catfriend's version and perhaps switch to nel0x's in the future.

  • What happened to Cromite website/ F-Droid repo?

    Jump

  • No, the maintainer of syncthing fork deleted their account and the repos out of the blue. There's a lengthy forum post about it here.

  • Leaving rooted Android [OC]

    Jump

  • You don't have to compile GrapheneOS from source thanks to avbroot which can take a release zip, patch it with root and sign it using a custom avb key. This lets you root while keeping the bootloader locked.

    The rooted-graphene project automates this completely using GitHub actions. It even lets you do OTA updates like normal GrapheneOS.

  • New features are now available in the Proton Mail apps

    Jump

  • Yet the source code still isn't public. It's been at "As we're rolling it out gradually to ensure a bug free experience, source code will be available at a later time on our GitHub repo." for the last 2 months. Later time probably means in a year at this point.

    Edit: 2 months later (if anyone's still reading this lol) they have finally updated the GitHub repo with the latest source code. Phew.

  • Can Unified Push be setup for Proton Mail on GrapheneOS?

    Jump

  • In a way, yes. The more things that have your credentials the greater the attack surface. However the code is open source, you could inspect it and build it from source if you'd like to. Additionally if you use a mailbox password then the app won't be able to read email content as the mailbox password is used to decrypt the actual content while the main password is for accessing the account. The app doesn't need your mailbox password for its functionality so it can't decrypt email content (except the header which is not encrypted by PGP).

  • Can Unified Push be setup for Proton Mail on GrapheneOS?

    Jump

  • Yes I have been using this for a year now and it works great. You can customise the poll duration (how long it waits before checking for new emails) and the notifications have quick actions like mark as read and trash.

  • Half-good new Danish Chat Control proposal

    Jump

  • Chat control and any sort of good are fundamentally incompatible.

  • WhatsApp adds passkey protection to end-to-end encrypted backups | TechCrunch

    Jump

  • I am able to access the data folder which is located in Internal storage/Android/media/com.whatsapp. This is without root using the AOSP files app, not sure if that's what you meant.

  • Microsoft OneDrive lets you disable AI face recognition three times in a year!

    Jump

  • For a second I thought this was The Onion. This is so dark and invasive but I can't stop myself from laughing. It's like they don't even care to pretend anymore.

  • Citizen Protest Halts Chat Control; Breyer Celebrates Major Victory for Digital Privacy

    Jump

  • Great!

    I'm sick of this. We have to defeat it every time it comes up, and there is no doubt it'll come up again in 2-3 months. They only have to win once and when they do it'll be in our lives forever.

  • custom rom?

    Jump

  • KernelSU has something like this called app profiles where you can set the capabilities that each app gets when it uses su. And if you are a SELinux wizard you can also set a custom domain for each app which would give you the fine grained control you're looking for. I doubt the average KernelSU user wants to delve into SELinux details so some tool to automate this would be cool. Sadly doesn't look like Magisk supports this.

  • custom rom?

    Jump

  • Rooting devices breaks the principle of sandboxing: one app shouldn't be able to access or modify another app or its data, or system files. If you give an app root, it can do whatever it wants to the system. It could install a keylogger to steal credentials, extract login tokens from another app's storage or just nuke system files to make your device unbootable.

    Let's say you don't give any apps root. Even having a rooting platform on the phone (e.g. Magisk) is still a vulnerability. Most rooting platforms will ask the user whether an app should get root when the app requests it. But there could be code execution vulnerabilities (e.g. buffer overflows) in the rooting platform that let you add an app to the list of apps allowed to use root without user confirmation.

    TLDR: Root gives an app full access to the device, it could do anything with that. Even if you're careful with what you give root to, it still adds a lot of attack surface that could be exploited.

  • custom rom?

    Jump

  • I use GrapheneOS without play services on my daily driver because I despise Google's forcing play services down Android's throat. The irony isn't lost on me that Graphene only works on Google devices, that will hopefully change soon as Graphene works with an OEM to build their own devices. I don't bother with banking or government apps as they aren't mandatory where I live, at least not yet. I try to stick to FOSS (or at least source available) apps where possible.

    On a secondary device I also run a rooted version of GrapheneOS just for fun. Yes I know it might be viewed as terribly insecure but it's just a secondary device that I like to play around with, it doesn't have any important data on it. I find it quite interesting to learn how rooting methods work to bypass the normal security measures in place.