created an ecosystem where the software available there is reviewed and trusted, so the system can prioritize flexibility over security. In Play, there are many apps we feel forced to use, despite knowing they are unethical or are tracking us. Google responds by locking down to reduce data leaks, which also reduces the system's flexibility. puts the user in control so we can build user-friendly systems without being forced into bad decisions.

I'd love to see data on what verified boot actually stops. The ideal malware implants itself at the lowest level possible. Is there good public data on these kinds of exploits on etc? Does standard spyware do that? Writing to /system requires a root exploit, lots of malware never gets root. How often there are vulns in itself. Here's a real world full of verified boot:
threatpost.com/multiple-vulner

Does anyone know how to query the system for information about Trichrome Libraries chromium.googlesource.com/chro? They seem to be installed as APKs, but the regular way of querying for app metadata does not work. For example, is there a separate concept of "Version Code" for Trichrome libraries?

Anyone know what ULR is?

"Suppose a user has disabled permissions to, say, Google Maps for Mobile (GMM). With client-side location, GMM will not get location, as the user intended However, they can still get a place card (e.g. Riddler) via ULR-->████-->GMM server--> GMM client. (URL has GmsCore's location permissions, not GMM's). This seems like a bypass to Android's permissions model."

azag.gov/sites/default/files/2

NetCipher v2.2.0-alpha released! Supports the new TorServices app; adds new libraries for enabling Tor/proxying with Conscrypt and WebViews. Get them on Maven Central:

'info.guardianproject.netcipher:netcipher:2.2.0-alpha'
'info.guardianproject.netcipher-conscrypt:netcipher:2.2.0-alpha'
'info.guardianproject.netcipher:netcipher-webkit:2.2.0-alpha'

guardianproject.info/code/netc

If anyone is looking for a / project to hack around with, jtorctl now builds with (from gradle.org or ), , and with sketches of Ant. The idea is that if all the build tools make the same JAR, no need to trust the build tool.

GitLab.com/eighthave/jtorctl or GitHub.com/eighthave/jtorctl

RT @ReclaimYourFace@twitter.com

New AI law proposal agrees with the risks and harms of biometric mass surveillance but *fails* to properly ban it.

Companies and authorities aren't prohibited from these practices and the law enforcement ban has way too many exceptions. 🤦

Our thoughts: reclaimyourface.eu/european-co

🐦🔗: twitter.com/ReclaimYourFace/st

RT @ReclaimYourFace@twitter.com

🎉BREAKING!
61 MEPs from different political groups just asked the EU to ban biometric mass surveillance, days before @EU_Commission@twitter.com proposes new laws on AI.

reclaimyourface.eu/61-meps-urg

#ReclaimYourFace #BanThisBS #ArtificialIntelligence #Biometrics #MassSurveillance

🐦🔗: twitter.com/ReclaimYourFace/st

We are now automatically scanning apps for API Key Identifiers like #GoogleAnalytics' ga_trackingId that are used to enable tracking APIs. If your app includes these, it will be marked with the `Trackers` Anti-Feature. To fix that, either remove the tracking API Key entirely or move it out of the build flavor used by F-Droid.

Try out our new #ReproducibleBuilds support! All signature types are supported The "fdroid build" CI job on app merge requests will run a complete test and give rapid results before sending it to the production buildserver.

Instead of adding Google apps on top of that, @e_mydata
added open-source alternative Nextcloud instead of, for example, Google Drive.

@Mrwhosetheboss shares interesting tips on how to stay in full control of your data, watch the video!

youtu.be/GSudn0qB6u0

Weak privacy bills are being pushed by tech companies across the country, and in some cases have even become law. "Setting up these weak foundations is really damaging and really puts us in a worse direction on privacy in the U.S.," says EFF's @htsuka themarkup.org/privacy/2021/04/

Mexico’s Senate has passed a law mandating registration for cell phone users that links SIM cards to biometric data. This is an unnecessary and disproportionate measure as Mexican NGO @R3Dmx has shown - and it poses major risks of abuse and leaks. r3d.mx/wp-content/uploads/Fich

Two-factor authentication is a simple, powerful way to add a new layer of protection to your online accounts. Which type is right for you? eff.org/deeplinks/2017/09/guid

Protect yourself at protests with our comprehensive guide about securing your electronic devices and digital data from surveillance when protesting. ssd.eff.org/en/module/attendin

Police use face recognition, drones, automated license plate readers, and an arsenal of other invasive tech. Atlas of Surveillance is a searchable map containing thousands of datapoints that allows you to see what is deployed in your area. atlasofsurveillance.org

Don't be fooled: Google's latest announcement on third-party cookies doesn't mean it will stop tracking you. We’ve built a new site to tell you whether or not you are a test subject in Google’s latest tracking experiment: amifloced.org/

F-Droid has taken the next step in providing metrics in a ethical way that includes strong privacy protections. v1.12-alpha3 has an opt-in "popularity contest" reporting mechanism in the Expert Settings. For more info, see f-droid.org/2021/03/01/fdroid-

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml