Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
I'd like to urge you not to use GitLab for your source code due to the ridiculous numbers of severe CVEs. I don't think they have any idea how to write secure code and I don't think they care to learn.
Here is the most recent one I know of. The article mentions it's the fourth in a year. Here is the most egregious one IMO, how are they so bad at coding they would accept unverified inputs to send emails to?
I will consider making changes once I get around to mirroring to other platforms. Thank you for the information, and providing links.
Hey, your upfront, honest, no-excuses post goes a long way, in my opinion.
Shit happens. We've all screwed things up - letting everyone know immediately what's going on means we won't guess when our shortcut doesn't work, etc.
Also thanks for the effort you put into this. It's really helpful.
Thank you! I tried my best to get things back on track ASAP, but GitHub's support ticket system was in an outage at the time. I'm just happy to get it resolved.
Oh no not gitlab
What's wrong with gitlab?
Why did you choose gitlab and not codeberg/forgejo for open source everything?
I may mirror it to Codeberg in the future. The honest answer is that I was in a panic and needed somewhere to quickly get the project back up in case GitHub never resolved itself. GitLab was a good choice since it's open source and has a lot of other big open source projects on there.
please mirror to codeberg. (or move completely to codeberg). they are more in line with your mission.
since it’s open source
Open core with an open community edition. 100% better than fully proprietary & Microsoft.
Nice list! Btw draw.io is not optimized for mind maping. For mind maping I use Freeplane and realy like it.
Good to know! What would you like me to call the section for draw.io, since it is still great software?
Not sure, maybe "diagramming". Btw there is a good alternative to draw.io for self-hosting called Excalidraw. Very easy to set up with docker.
Diagramming would be a good fit imo
Look on the bright side: I bet a fair number of folks like me didn't know about this and now it's on my front burner to-do list to check it out! Thanks for the good work.
Thank you! I'm glad this inadvertently raised some awareness
Any reason why Firefox is not under Browser section?
I would personally also add original KeePass, Notepad++ and ShareX (Maybe also Greenshot). These are Windows only, but great pieces of software.
Firefox is less private than some forks (Librewolf, etc.) and less secure than Chromium-based browsers due to a lack of Per-Site Process Isolation. Mullvad Browser and the Tor Browser are the only two Firefox-based browsers I can recommend due to their high privacy standards.
I'm still on the fence about adding KeePass, since I don't see anything it provides over KeePassXC. Notepad++ I will definitely look into, as well as ShareX and Greenshot. Thanks so much for the suggestions!
Greenshot is so handy. I've successfully converted several of my coworkers to using it. Some of our corpo contract IT folks are secretly pissed about it because unlike us they aren't allowed to use open source software (LOL) so they have to put up with windows snipping tool
I'd at least add Librewolf, Mull, portmaster, RethinkDNS, protonVPN and Bitmask\riseupvpn to the list. They're must have imo.
Portmaster is hellva an app. Really needs a router and phone versions IMHO
Yeah I like it. I don't use the paid version for now so rethinkdns gives me all the features I use at PC (and more that portmaster lacks)
Gecko based browsers are less secure to Chromium based browsers due to a lack of Per-Site Process Isolation. Mullvad Browser and the Tor Browser are exceptions due to their high privacy standards. Brave was recently added, since the list previously had no Chromium-based browsers.
ProtonVPN will not be added due to their slow action taken towards fixing multicast packet leaks. Once they fix this, I will consider adding them back.
I will eventually add a section for firewalls and public recursive name servers, but there are complications finding those at the moment. Thank you for the suggestions!
Yeah first point is true for mobile, not for desktop tho. You can add Mulch tho, it's chromium based. Thanks for 2nd point, didn't know about it.
I thought Firefox desktop did have site isolation, and I think it might be in mobile too or at least the nightly builds.
Finally, I can give it a star, being only on gitlab and not on github
He tried to break free from the corpo world and they grabbed onto him.
These parasites surely know how to make life uncomfortable at most inopportune moments...
oopsies
GitHub may be able to restore it, we'll see if support is willing to bend the rules a bit...
Edit: They were able to. The project is still moved to GitLab permanently, though.
I thought audacity was purchased by some Venture Capital bros and was being enshittified.
Or am I remembering something else? Didn't they put some sort of tracker or something in their code, causing a fork?
The fork you are thinking of is Tenacity. They explain in their history why it was made. Yes, Audacity was bought by Muse Group. There were talks of adding trackers, but nothing ever actually got added. They changed the privacy policy at one point, but reverted it after backlash. The reason I am keeping Audacity there is because I believe it is better to have quick security/feature updates from upstream (Audacity) so long as the upstream project does not have any current code issues that warrant a fork (Tenacity). If Audacity ever does add any telemetry, etc. I will absolutely change it to Tenacity.
Weren’t the trackers opt-in? This doesn’t seem like a bad thing if you don’t mind giving up those user metrics for them to build something better. It is the opt-out stuff with no transparency over the kind of data collected to be worried about.
Good luck...
I remember some panic after Audacity was sold, so it's good again?
No, use Tenacity instead.
I'm going to mostly copy paste a similar reply I made in this thread: A fork of Audacity was made called Tenacity. They explain in their history why it was made. Yes, Audacity was bought by Muse Group. There were talks of adding trackers, but nothing ever actually got added. They changed the privacy policy at one point, but reverted it after backlash. The reason I am keeping Audacity there is because I believe it is better to have quick security/feature updates from upstream (Audacity) so long as the upstream project does not have any current code issues that warrant a fork (Tenacity). If Audacity ever does add any telemetry, etc. I will absolutely change it to Tenacity.
I will be creating an FAQ section that answers this question in more depth.
Can we donate for you to get a paid account? Or is it just simply not something you want to do?
I do not accept donations, although I appreciate it! I would rather not support Microsoft/GitHub if they are going to make you pay to use features that costs them nothing.
https://sfconservancy.org/GiveUpGitHub/
Also, it's Microsoft. A more evil company had never existed.
I bet I could come up with some contenders... I won't though, because I hate that M$ controls the major open-source repository.
Agreed. You fucked up and now hopefully you learned from it. The reason any of us have (typical local) backups is because we lost data, whether a little or a lot. This is no different.
I did keep local backups of the project, which is how I was able to get it up and running on GitLab quickly.
I meant general computer backups, I just had trouble phrasing it correctly. As in, you and I probably didn't backup our computers properly until we lost something. That's how most of us get into backups. Similar here.
Ah. I was always good about backups, but I never tested them. I used Timeshift for backups, and when I needed to recover a backup whoops! No user data. I fixed it to backup user data, and whoops! Still no user data.
Another time I used a proper backup client, but when I went to restore it it overwrote itself and so it failed and I lost the backup. Always test your backups.
it is still a great list so thanks for getting it back up 👍
but i have a few questions: is there a reason (or privacy concern) why Linux Mint isn't one of the recommended distros? and am I wrong or isn't bitward a good privacy friendly password-manager?
The recommended distro section will get overhauled, as it doesn't quite meet my standards. I personally don't like Linux Mint because Cinnamon is less than what I would like it to be, but it is getting a makeover.
Bitwarden was heavily considered as a password manager, and it is a great option, but they make you pay to use certain features (hardware security keys, etc.) that KeePassXC and others offer for free. Hence, KeePassXC is a better option and Bitwarden didn't make the cut.
Good questions! Thanks for taking a look!