I’ve been using Authelia for almost 2 years and I really like it. Never had any issues.
I’ve been using Authelia for almost 2 years and I really like it. Never had any issues.
Mull is even better, it’s hardened Fennec. It’s basically like LibreWolf but for Android.
It’s pretty good for desktop apps, but it doesn’t provide CLI applications, so I still have to rely on the AUR. There are some issues with it, but overall I think it’s the best solution we currently have. And it’s very easy to use, which is great for new users and it will become important if Linux continues growing like this.
It’s more secure than F-Droid. It’s still in a pretty early stage of development though and currently only offers a handful of apps.
- App signing key pinning: first-time app installs are verified so you don’t have to TOFU.
- Signed repository metadata: repository contents are protected against malicious tampering.
- Automatic, unattended, unprivileged updates (Android 12+): updates are handled seamlessly without relying on privileged OS integration.
- First-class support for split APKs: downloaded APKs are optimized for your device to save bandwidth.
- No remote APK signing: developers are in full control of their app signing keys.
I like the direction this is going
Have you tried out Molly? If yes, did you use the normal version or the FOSS build? Btw the Version available on Accrescent is also FOSS
Molly claims to use OSM in their FOSS builds: https://github.com/mollyim/mollyim-android/blob/main/README.md#dependency-comparison. I can’t confirm this because I never use any Signal features that require map integration.
Signal doesn’t “heavily use Google services”. They only use proprietary libraries and integrations for 2 purposes: Donations and push notifications. Signal uses the platform’s native way of handling push notifications, on iOS it’s APNs and on Android it’s FCM. This is also the reason why it’s not available on F-Droid. You can use a fork of the app like Signal-FOSS or Molly. These remove all proprietary dependencies and you can download them from their custom F-Droid repositories.
I’d also put Passbolt on the list, it’s not that well known, but it’s really great. I selfhost it on my home server and I’m very happy with it.
Sure, but in my experience it’s not that hard to convince people to get on Signal. (Maybe because here in Europe everyone already has like 15 messengers on their phone, so it doesn’t bother anyone to download another one)
If you use SMS, you can argue that Signal has much better photo and video quality, it can be used from a tablet or a computer and it’s basically just like iMessage but for all platforms.
I would recommend you to try out Linux in a virtual machine and play around with it. You can watch this video if you don’t know how to set this up. You can do much more with a VM than with WSL. It allows you to basically try any Linux Distribution, whereas WSL only supports a few distros. In a VM you also get a desktop environment by default, whereas WSL mostly restricts you to the terminal. Sure, you can run graphical apps in WSLg, but you still don’t have a Linux desktop. Lastly, it’s much easier to take a snapshot of a VM, and roll back in case you break something.
After you get comfortable in a VM, maybe try booting a Live USB of some Linux distribution. That way you will be able to try it out on your actual hardware.
After that, you can set up dual boot. That way, you can still keep your Windows installation, but also use Linux without any restrictions or limitations.
Replacing Windows is always an upgrade
I recommend the following section of this article:
Rooting your device allows an attacker to easily gain extremely high privileges. Android’s architecture is built upon the principle of least privilege. By default, only around 6 processes run as the root user on a typical Android device, and even those are still heavily constrained via the full system SELinux policy. Completely unrestricted root is found nowhere in the operating system; even the init system does not have unrestricted root access. Exposing privileges far greater than any other part of the OS to the application layer is not a good idea.
It does not matter if you have to whitelist apps that have root — an attacker can fake user input by, for example, clickjacking, or they can exploit vulnerabilities in apps that you have granted root to. Rooting turns huge portions of the operating system into root attack surface; vulnerabilities in the UI layer — such as in the display server, among other things — can now be abused to gain complete root access. In addition, root fundamentally breaks verified boot and other security features by placing excessive trust in persistent state. By rooting your device, you are breaking Android’s security model and adding further layers of trust where it is inappropriate.
A common argument for rooting is that Linux allows root, but this does not account for the fact that the average desktop Linux system does not have a security model like Android does. On the usual Linux system, gaining root is extremely easy, hence Linux hardening procedures often involve restricting access to the root account.
I agree. You’re much better off just using Signal. It’s not federated/decentralized, but all client apps, the protocol and the server code are completely open source and anyone can fork the project. It also works on every platform, its encryption protocol is the most secure one out there and it’s been around for over 10 years. They also recently added some cool new privacy features.
*counterproductive in regards to security, I updated my original comment
Nextcloud Notes is pretty good. Btw Joplin has an option for End-to-end encryption.
These guys can go fuck themselves
Yes, they are called data brokers and there are a lot of them, e.g. Acxiom, Kochava, Huq, X-Mode, SafeGraph and many more