Not sure how it hasn’t been said yet, but I really like Helium314’s OpenBoard fork. Can’t recommend enough.

This list is a must.

They’re mods of the proprietary Discord client, so yeah they don’t meet the criteria. But the mods themselves are open source which is nice.

I 100% agree, its best to just stick to upstream Fedora imo. Glad you made this comment. The security issues of Nobara always put me off, especially since basically everything it does can just be applied to regular Fedora. I think Nobara would much better serve as a script or toolkit, similar to Brace, or something along those lines instead of an entire separate OS with the security issues it brings.

Didn’t realize they had one, appears a lot of functionality requires an account to use. I’d be cautious overall based on the privacy practices they use in their mobile app, doesn’t seem to be a big concern for them and I’d be careful giving them any trust. But if you do wish to use them, their mobile site with a good content blocker would definitely be the best option (preferably without an account if possible).

I like the concept of Ground News, but about the privacy…

According to Exodus, their mobile app contains 9 trackers:

• Amplitude
• AppsFlyer
• Facebook Analytics
• Facebook Login
• Facebook Share
• Google Analytics
• Google Crashlytics
• Google Firebase Analytics
• Google Tag Manager

Also wants location, camera, phone state, and advertising ID access?!

No thanks.

I agree yeah, I’d say in a lot of ways that Edge is much better than Chrome, due to its performance and also very good security, plus some tracking protection (though not a lot) vs. Chrome’s none, etc. Between the 2, I’d probably always pick Edge.

But yeah just never use either tbh, Firefox ftw.

Yeah, its just stupid on all angles. Nearly all security benefits of using iMessage over something like SMS go out the window entirely when using middleware like this. The only thing you gain is the color of your bubble and maybe some extra features. Overall its useless. If someone seriously thinks lower of a person or their social status of whatever because of the COLOR OF THEIR MESSAGE… that person has issues and I could care less about what they think of me, some self reflection could be nice.

The problem with graphene is that is shamelessly promotes proprietary software.

How does GrapheneOS “shamelessly promote” proprietary software? I don’t think I’ve ever seen them do this. Maybe you’re referring to Sandboxed Play Services? But that isn’t “shamelessly promoted” or recommended, it isn’t even included in the OS, its just an optional app that can be installed for those who need it.

They have build tools to try to make it safe to run non-free programs (proprietary software) but that entirely misses the point.

I assume you mean Sandboxed Play Services again? That’s far from the only feature or benefit that GrapheneOS gives. They do much more work than just Sandboxed Play Services or making it safe to run “non-free” programs. They make it safe to run ANY program, regardless of license.

Yeah, Shizuku opens up a massive attack surface through ADB. ADB can do a lot to your device without you even realizing it in a lot of cases, and you’re basically giving ADB access to Shizuku itself and any apps that use it (which could be exploited) at all times, so its very risky. Its pretty dangerous and definitely best to avoid an app like this.

deleted by creator

Thorium isn’t good at all imo. They don’t really do much to enhance privacy/security, and have constantly delayed updates. It seems to be ran entirely by 1 college kid in his free time.

I like Chris Titus, but I wouldn’t really use him as a source for privacy/security advice.

Pro would just be not directly connecting through Google/YouTube servers, and instead using a proxy. Its a nice privacy benefit. I agree it could make things slower, so I don’t think it should completely replace direct connection with YouTube, but I just think the option would be nice to have.

App looks legitimately amazing. Seems a bit buggy in alpha but I’m sure it’ll be ironed out. I just hope they look into supporting Piped instead of directly connecting to YouTube, as well as SponsorBlock. Once they get those 2 things and iron out some of the bugs, I’ll primarily use it for sure. Its a great concept.

Yeah, anticheats are a privacy and security nightmare that most people don’t even think about. You’re effectively giving their proprietary software extremely invasive kernel level access to your system. They can access and do pretty much anything they want on your device with really nothing stopping them. Anticheats like this are extremely dangerous and should certainly be avoided where possible.

I understand the problem of cheating in games, but I feel like there has to be a better solution to this problem, as making users install an extremely invasive rootkit isn’t acceptable at all imo. I’d recommend avoiding games that include invasive anticheat or DRM like this. Best way to get across that this isn’t okay is through the wallet.

Google is actually right here for once. Signal is not offered on F-Droid, and its package name is org.thoughtcrime.securesms, not org.thoughtcrimes.securesms.

Only official places to download Signal are through the Google Play Store or their website (which self-updates).

Yeah, that’s what bothers me. Feels like people romanticize pre-Musk Twitter, when in reality, its always just been complete garbage. Musk’s Twitter is certainly worse in some ways, though that isn’t saying a lot.

Overall, Twitter just sucks. Use other platforms where possible.

The Hated One is my favorite. I also like Mental Outlaw.

Could you please provide and example or two? I wish to verify it, since I didn’t notice any last time I checked the site.

Sure, let’s look at the page for Firefox. They claim that there are “Automatic connections to some websites you’ve visited, including their trackers” with the new tab page, and that they “couldn’t find a way to disable it.” Whoever made this website couldn’t take 2 seconds to go to about:preferences and see the option to display recently visited sites?

They also have a section titled “Firefox tracks users with Google Analytics”, which they’re very misleading about. Instead of explaining that GA is only present in about:addons and that it can easily be disabled, they’re extremely vague about it and just blindly say it “sends analytics to Google”, which would lead people to believe its much worse than it actually is (i.e. Chrome level). There’s an important distinction between: “Google Analytics is present on 1 page in the browser and can be disabled” vs. vaguely stating “Firefox send analytics to Google” without full info or context. Hopefully I’m explaining that well enough.

Its also disingenuous to consider Firefox’s Captive Portal as “phoning home” without, again, providing full info or context. It has a legitimate purpose, to allow users to connect to public networks, and can be disabled for those who wish to do so. It doesn’t give any data to Mozilla, all it does is detect if a captive portal is present. I think this is another instance of the context being important to have, which the website just simply doesn’t give.

Another instance, look at their page on Tor Browser, where they just flat out lie and accuse Tor Browser of “sending telemetry”.

I could go through more, but these are a few I notice immediately that I take issue with.

They’re very clear that this is their approach (bold text on the home page). Even if you disagree with their definition, that doesn’t make the site bad.

Categorizing something as spyware solely based on the number of connections it makes is horribly irresponsible at best and dangerous at worst. Whoever made this couldn’t even be bothered to find what data is actually being exchanged for most of these connections. There’s a lot more to determine how privacy invasive something is then just sitting and counting the number of connections it makes, and treating them all as malicious and for “tracking”.

And there are many valid situations where a threat model should be this strict, consider anti-government activists in any country.

That’s why this website is so dangerous. Calling Tor Browser spyware and saying it sends telemetry could trick people who don’t know better to use worse alternatives. This even moreso extends to casual users too, who could also be misled into using a less private browser as a result of this website’s insane claims.

It says “Not Spyware”. https://spyware.neocities.org/articles/tor

They have a separate article up calling it spyware as well, see here. Weird contradiction from them and just shows this site isn’t very well designed or thought out.

The neocities link calling Brave and other browsers spyware.