• 47 Posts
  • 1.16K Comments
Joined duela 3 urte
cake
Cake day: eka. 07, 2020

help-circle
rss

Well… seriously, go and read those archived r/linux and HN comments. This fellow here is pretty well known in privacy community to be basically someone who shits on Linux and praises Windows and MacOS security. This person and Brad Spengler were the ones to begin this trend of Big Tech “security” apologia in privacy community, which has become a disease with GrapheneOS on the mobile side of things now.

These specimens/entities coincidentally praise the security of Windows, MacOS, Google Pixel, Apple Secure Enclave, while calling Linux and FOSS projects horrible nightmare all the time, consistently. Moreover, they also coincidentally happen to call PRISM Snowden and Assange revelations irrelevant jokes (see https://web.archive.org/web/20220418214232/https://old.reddit.com/r/privacy/comments/iox6rq/should_i_get_an_iphone_if_i_value_privacy/ or https://i.imgur.com/xcryYvM.jpg).

There is a lot to it, and its hard to form a gist of it other than these entities being extremely dangerous to and being the equivalent of termites to privacy community, everywhere one exists.


Tor has completely broken application on Brave, and leaks a lot of information.


Be grateful for the transparency I portray, and for presenting what people otherwise would never have known. Even I see it as a bit cringey, but I was neck deep into privacy community back then, and you have to use certain lingo to mesh with that crowd.

If I told you madaidan used to (probably still moderates) NSFW subreddits years ago, you would be shell shocked.


GrapheneOS is a custom Android fork with largely no security enhancements, besides UX rework and copypasting other security projects. They sell snake oil in the name of prestigious glory that FLOSS label carries.

https://np.reddit.com/r/privatelife/comments/v4wkon/i_guess_people_still_havent_forgotten/iba4og2/

Its lead developer (who became irrelevant in society) and his acolytes believe in purposely creating insane amounts of toxicity and drama to remain relevant in the privacy community. They baselessly label everyone with political epithets to defame everyone, and then scream “defamation” when a counter argument is presented to their manufactured position.

The long comment by official GrapheneOS account should be here: https://web.archive.org/web/20220502064114/https://old.reddit.com/r/PrivacyGuides/comments/uged1y/is_grapheneos_actually_good_or_just_hype/

Recently someone informed me of them creating drama with Bromite (on which their Vanadium browser is based) and FlorisBoard projects. They labelled those project maintainers with very bad, false epithets.

https://github.com/bromite/bromite/pull/2102#issuecomment-1155760155

https://github.com/bromite/bromite/issues/2141

http://web.archive.org/web/20220803142758/https://github.com/florisboard/florisboard/issues/1921

I had the opportunity to elaborate on the entire feature list of GrapheneOS, as per their website, last year. Look here. https://i.imgur.com/pQHoq84.jpg

There are only 3 things they ever did on their own as extras, and even they have basically no value in the grand scheme of things, them being offering:

  • instead of 16 character, 64 character password limit on lockscreen
  • PIN scrambling
  • Morula method of exec spawning instead of Zygote method used in most AOSP projects

Now, I will elaborate on these 3.

  • Elaborating on first one, it is kind of useless as you can see for obvious reasons.
  • For second one, you already understand why fingerprint avoids the issue of someone peeping at your PIN/password entered across your shoulder. Fingerprint is infinitely superior. Even more so with Android and iOS both offering biometric Lockdown features.
  • This one is somewhat half credible, but the goal is to destroy the memory blocks used by an app after it is exited, so that memory blocks do not retain essential text strings of data to exploit. For this, you can just go to Developer Options and enable “Don’t keep activities” and it will achieve the same effect as Morula method of exec spawning implemented by GrapheneOS.

So out of the 20-30 features GrapheneOS claims they developed, everything is either a modification of app permissions or firewalling or AOSP feature rebranding.

Also, as you may have famously heard about “Sandboxed Play Services”, it is not developed by GrapheneOS, but a project called ProtonAOSP, whose developer is kdrag0n. GrapheneOS copied that off and rebranded it as their own developed thing.

Recently someone informed me of them creating drama with Bromite (on which their Vanadium browser is based) and FlorisBoard projects. They labelled those project maintainers with very bad, false epithets.

https://github.com/bromite/bromite/pull/2102#issuecomment-1155760155

https://github.com/bromite/bromite/issues/2141

http://web.archive.org/web/20220803142758/https://github.com/florisboard/florisboard/issues/1921


Brave is basically just for people too dumb to install uBlock Origin on Firefox, and who desire a worse experience with the fickle greed of BAT garbage.


Let me provide you a little more on the subject.

https://web.archive.org/web/20220418212845/https://old.reddit.com/r/netsec/comments/i80uki/theymozilla_killed_entire_threat_management_team/g1703is/

https://web.archive.org/web/20220418213345/https://old.reddit.com/r/netsec/comments/i80uki/theymozilla_killed_entire_threat_management_team/g162g4r/?context=10000

Tweet linked in above hysteric post https://web.archive.org/web/20200812145114/https://nitter.net/MichalPurzynski/status/1293220570885062657

The job of madaidan/Spengler/GrapheneOS church is to hate and destroy FLOSS projects that condemn their actions or do not fall in line with them, and even attempt witch hunts on people that criticise them. I was a victim of it last year, as they hijacked the Matrix room of this very community (which I was unable to save since admins did not listen to me) and attempted to create fabricate projection lies against me because I moderate this place. https://archive.ph/acy2h


No, he is just another victim of madaidan/Spengler/GrapheneOS church propaganda.


One of the best… you mean toilet papers of the internet, repeatedly trashed by r/linux and HN users?

https://web.archive.org/web/20210929053611/https://old.reddit.com/r/linux/comments/pwi1l9/thoughts_about_an_article_talking_about_the/

https://web.archive.org/web/20220111035527/https://news.ycombinator.com/item?id=25590079

https://archive.is/zxS72

madaidan is an admin of GrapheneOS, NoGoolag, SpiteChat communities/chatrooms across various platforms. The “insecurities” blog chap, notorious for a lot of misinformation in FOSS and Linux communities but opposite in a big chunk of mainstream privacy community. A staple of the “redditor hackerman” starterpack, for people who know nothing better.

He knows literally nothing and has proven his credentials https://i.imgur.com/UHhQRIU.jpg and https://i.imgur.com/FiYhbkk.jpg, among many other places.


BAT is Brave Attention Token, a form of crypto exclusive and locked into Brave. Its like a little crypto mining scam.

Brave Browser is funded by DoD: https://np.reddit.com/r/privatelife/comments/fe34ls/exclusive_brave_browser_funded_by_dod_contractor/

Brave traffic detected with Cryptocompare despite BAT rewards disabled: https://unddit.com/r/privacytoolsIO/comments/gr8nue/ (removeddit no longer works, use unddit)

Brave also has a known history of whitelisting Facebook and Twitter trackers, and has a crippled adblocker that does not work on Brave’s “acceptable” advertisements.

Brave Browser hardcoded their crypto partner Binance referral links (https://twitter.com/cryptonator1337/status/1269201480105578496) alongwith Ledger and soon-to-be-compromised Coinbase (https://decrypt.co/31461/coinbase-wants-to-identify-bitcoin-users-for-dea-irs)

Also some new stuff you might want to check.

https://sick.codes/sick-2021-109/

https://github.com/brave/brave-browser/issues/13527


Well, Braxman is not really about the useless services he offers. His commentary on privacy is fine, and there are a lot more scams like GrapheneOS that people need to worry about.


Because I wanted to democratise privacy for masses by giving them 97-100% benefit of “elitist” setups.

Also I must destroy the elitists, pretend experts and privacy circus that goes on in the community. They exist to harm FLOSS movement, use the prestigious label to masquerade as sheeps and harass and datamine privacy users by gaining trust.


It was always a lie to fool everyone thinking GrapheneOS is in the same race as XDA, Braxman and individual reflashed Pixel sellers, trying to capitalise on privacy market by selling a phone.



It was always a lie to fool everyone thinking GrapheneOS is in the same race as XDA, Braxman and individual reflashed Pixel sellers, trying to capitalise on privacy market by selling a phone.


I wholly support this and would have done the same in their place, before AI art gets out of control.


That moment when even Taiwan sees USA as a threat to its future…


Thread is locked due to unnecessary back and forth comments.


If you believe DMCAs ever got successfully enforced on wild west internet, I have a little whisper secret to share with you about digital piracy.



Xiaomi lacks the patents and uses Qualcomm Snapdragon hardware. This is the same reason Honor will remain unaffected similar to Xiaomi. The goal was to destroy 5G patent pool of Huawei and prevent people from buying mainstream phones devoid of NSA backdoors.









Relevant reading: https://github.com/zlw9991/node-ipc-dependencies-list https://web.archive.org/web/20220318095406/https://github.com/RIAEvangelist/peacenotwar/issues/45 https://security.snyk.io/vuln/SNYK-JS-NODEIPC-2426370
fedilink

What are easy to present criticisms of mainstream outlets like BBC and CNN?
While it is easy to use phrases like "use critical thinking", this is not easy for elders or cousins in families to be told, as this is not lucid to understand in a snap. It is essential for criticism to be easily communicable to ordinary people that watch Google Feed or MSN News daily, and I feel that such criticism is not even easy to access or read, considering ordinary people have been cornered from MSM, YouTube, Twitter, Facebook and rest of Big Tech and Western media apparatus. If you love your BBC and CNN feeds, avoid this post, this is not for you.
fedilink

r/PrivacyGuides restored citation-less slander post as facts, and GrapheneOS community sockpuppet theory is proven correct by one of its members
cross-posted from: https://lemmy.ml/post/143981 > Mod statement: https://np.reddit.com/r/PrivacyGuides/comments/rxf02a/theanonymousjoker_false_privacy_prophet/hs1dxux?context=3 > > https://i.imgur.com/LahmNkO.jpg > > dng99/dngray has branded a citation-less slander post as facts. These are the "community standards" of r/PrivacyGuides. Always remember this. > > u/trai_dep, the record stands corrected once again > > Moreover, my theory about GrapheneOS community using sockpuppets is true, as confirmed by... > > https://np.reddit.com/r/fdroid/comments/rxtc14/came_across_this_thoughts/hs1o6no?context=3 > > https://i.imgur.com/JX6uTpx.jpg > > Tommy_Tran = B0risGrishenko (OP of slander post). Thanks for confirming my GrapheneOS community sockpuppet theory.
fedilink

r/PrivacyGuides is allowing a personally targeting post with my name in post title currently, slandering me and my smartphone guide
https://teddit.net/r/PrivacyGuides/comments/rxf02a/theanonymousjoker_false_privacy_prophet/ This is one of key GrapheneOS community members doing it, and r/PrivacyGuides has the same moderation team as r/privacytoolsio before, and the main moderator of r/privacy is also same. Has anyone seen this kind of behaviour in overall privacy community? Edit: https://ghostarchive.org/archive/ttkkU reddit post archived
fedilink

100% FOSS Smartphone Hardening non-root Guide 4.0
https://lemmy.ml/post/128667 Crosspost but the guide body is so long, I had to break it into 5 parts.
fedilink




[TINY GUIDE] How to stay safe from Pegasus and most social engineering malware these days
cross-posted from: https://lemmy.ml/post/74540 > Hello! I think it is a nice time to re-mention some 101 tips of IT security for folks here, that I also practice. Pegasus malware investigation will be big news for a good while, so the more awareness it helps spread, the better. > > # RULE 1 > > DO NOT CLICK ON RANDOM SMS AND EMAIL LINKS. Please, do not do this, ever. Just do not do it. Do not do it. Do not do it. Do not do it. > > Yes, that is how many times I repeated that line. That is how important this rule is. > > Also, do not download random email attachments. > > Phishing is such a common tactic that one would think this problem has been solved by now, but it has not. > > # RULE 2 > > Keep OFF auto download of photos, videos, documents and so on on WhatsApp, Signal and such apps. > > Drive by downloads being self executable surprise bombs is not a new thing. Basically, this rule is similar to keeping off AutoPlay for external USB sticks on Windows computers. > > # RULE 3 > > Avoid using popular software too much. > > I get it, this is a hard rule to workaround considering how much we need to use WhatsApp, Signal, Telegram and so on, so it is a lot better to compartmentalise your activities among multiple messengers. > > Pegasus and a lot of specialised malware uses zero-days to be able to design zero click deployment tricks, which is what these government surveillance tools are good at reserving. They use their millions of dollars of funding and R&D properly, so you have to be careful. > > As an example, try to keep WhatsApp internet turned off most of the times via NetGuard, and turn it on only when needed, a good method I have earlier suggested as well in my smartphone hardening guide. > > # CONCLUSION > > Those were some thoughts on the top of my head, before I go to sleep. Stay safe against surveillance! And feel free to ask whatever you want to!
fedilink


https://lemmy.ml/post/69064 They did it before too. Admins? Mods? [@dessalines@lemmy.ml](https://lemmy.ml/u/dessalines) [@nutomic@lemmy.ml](https://lemmy.ml/u/nutomic) [@AgreeableLandscape@lemmy.ml](https://lemmy.ml/u/AgreeableLandscape)
fedilink

The heck is this nonsense? Instance admins please take note of this attempt to mislead the community members. [@nutomic@lemmy.ml](https://lemmy.ml/u/nutomic) [@dessalines@lemmy.ml](https://lemmy.ml/u/dessalines) [@AgreeableLandscape@lemmy.ml](https://lemmy.ml/u/AgreeableLandscape) Also I made the post discussing soferman's month long comment and post history, if anyone wants to read and discuss it https://lemmy.ml/post/69058
fedilink

[Belarus, Russia] How ProtonMail Lost the Public Trust it Needs to do Business [Moon Of Alabama]
cross-posted from: https://lemmy.ml/post/67987 > A fellow sent this to me, providing proof of how ProtonMail is vulnerable to state actors and for any activism or non-regular activities.
fedilink