Thanks for the tip !! I will certainly give it a look, It’s kinda annoying for my family members to always connect via wireguard.

For me it’s fine though, I even route my traffic to ProtonVPN but my family is always nagging how they need to “do something” to get access to the hosted services or that it “doesn’t work”.

Except that everything is under your control and not managed by a third party, not much I think.

If this setup works for you and you’re happy with it, just keep it going.

If you have time to spare, want to learn new things, tinkerer arround with network security, certificates, DNS, reverse proxy and, and, and… You can give it a try in a virtual machine and docker containers. But keep in mind that’s not an easy way and involves a lot of personal time before you get a GOOD working self-hosted / exposed services.

I wouldn’t recommend to open any port on your router except for a secured tunnel like wireguard and connect to your services through that tunnel. Opening port 443/80 on your router is bound to some heavy automated scanning and brute force by bots. If you don’t have the necessary knowledge/tool/hardware, this is just going to put you at risk of ddos and remote attacks.

That’s way something like cloudflare is populare, they most of the time take care of that nuisance and also why something like wireguard is popular among the selfhosting community.

Yeah… But not sure I2P could handle a big influx of new users over night. This will probably break the whole project if all the piracy community would switch.

But it’s very very slowly growing, I hope they are prepared for such a case.

Just out of curiosity, I haven’t seen anyone recommend miniconda… Why so, is there something wrong I’m not aware of?

I’m no expert, but I totally feel you, python packages, dependencies and version matching is a real nightmare. Even with venv I had a hard time to make everything work flawlessly, especially on MacOS.

However, with miniconda everything was way easier to configure and worked as expected.

As long as the EU doesn’t reinvent the wheel, why not? I mean if they are going to fork Linux and rewrite a EU-based linux OS, this would further divide the community and make issues and security a lot more wacky… Not sure this is a good idea.

Lutris + wineprefixes works great but most of the time it’s harder to configure and needs some search around the web to get it right !

Non-steam games with proton on steam works like nearly every time without to much hassle (if supported) !!

If you’re afraid of your account ban, create a dummy steam account only for your pirated games.

If you’re tired of python’s and venv issues, give miniconda a try. It solved most of my issues with dependencies and different python version in scripts.

It’s probably a skill issue regarding to pip/pipx/venv… But miniconda really made everything easier.

What about exFAT? It overcomes FAT32’s limitation and is nearly readable on every OS and has way higher file size limits.

Edit: In case of external storage like USB/hard drive.

Hahaha… What a stupid take. Yeah scientific research isn’t biased and hasn’t been poisoned by conflict of interest… never has been and never will I guess? Scientific research is the ultimate truth of wisdom and you don’t need your own critical thinking anymore 😮‍💨 (Yeah the tobacco industry was right, smoking is healthy !)

when the researchers themselves are saying the work isn’t over. why are all the super geniuses in this thread so smugly announcing this topic is wrapped up?

It’s better to be safe than sorry

Edit:

Therefore, the fact that no evidence for large-scale mobile eavesdropping has been found so far should not be interpreted as an all-clear. It could only mean that it is difficult – under current circumstances perhaps even impossible – to detect such attacks effectively.

https://link.springer.com/chapter/10.1007/978-3-030-22479-0_6

Scientific enough?

76 up’s / 68 down’s on OP’s post.

It’s very close, still the majority wins, that’s how it works, if not happy change the system not the voters.

Maybe not 24x7 but this did happened and people have reported it multiple times. If you really think those multi-billion dollars companies are not capable of or won’t do anything so sketchy because it’s not “worth it”, then it’s time to open your mind to the possibility that those companies are not your friends.

Hello !

Version 6.1.1 (250) arm64-v8a https://f-droid.org/en/packages/chat.simplex.app/ https://f-droid.org/repo/chat.simplex.app_250.apk

Here’s the analysis: https://www.hybrid-analysis.com/sample/9b14b4f80b479a7eb2a5e9fb22ad3f5d547690f4e30da6b5c6f0e9ed8d4039da/672727b3fd3db6063b002513

Same exact result:

• Pattern match: “https://android.googlesource.com/toolchain/llvm-project”
• Pattern match: “https://developers.google.com/protocol-buffers///”
• Pattern match: “https://issuetracker.google.com/issues/new?component=618491&template=1257717”

Dunno if this is something we should worry about or not ? Maybe OP and myself are not educated enough to interpret the results, however I’m also not very comfortable seeing those Found potential URL in binary/memory from SimpleX’s APK. Do you have any further thoughts?

Thanks.

For using Obtainium, how do you avoid or block all apps from Github that depend on GCM, Firebase, or Google services?

You do have a point though, but how does that even comes into the mix? Obtainium fetches directly from the source (api.github.com).

But to answer your question, it’s blocked at the DNS level with RethinkDNS. Blocking all requests, except those explicitly allowed by myself.

This seems more like hardcoded into the .APK or that we can’t correctly interpret the results or something is wrong in the analysis. And I’m also curious to get more Info’s from someone.

I tried it with the official github .apk and same result. I have no idea what it means though maybe someone could chime in?

Found potential URL in binary/memory:

• Pattern match: “https://issuetracker.google.com/issues/new?component=618491&template=1257717”
• Pattern match: “https://android.googlesource.com/toolchain/llvm-project”
• Pattern match: “https://developers.google.com/protocol-buffers///”

Except that they need something to make an android application (android SDK) and somehow to get issuetracker feedbacks, there’s nothing to worry about ? I guess? I don’t know.

Haha! Seriously? This works? I mean they will probably just disable your account that’s all, but that’s a neat trick if it works !

This is a neat workaround !! Still, for privacy reason I keep my addons to a strict minimum.

However I save your comment as emergency workaround ! Thanks for the tip !

While I do get most of them, I’m really confused by NOR and XNOR.

Why is there suddenly and out of bound mask outside the circles? (If that does make sense :/)

PS: sorry for the serious question XD I probably don’t get the joke?

Not sure if this is what happend, but there is a sync option in samba where you can sync your samba user password with login user password.

However this needs explicitly be stated in the samba.conf and needs some further configuration. It could be possible that the installation fuckedup something with passwd.

Just guessing here, I played a bit arround with samba and password syncing.

From another poster above, it seems only Windows machines are affected.

I get your feeling :) Don’t worry the silent majority is on your side. However they won’t comment because they fear from being banned or backslashed…

While It can’t be proven or disapproved, I also had my share of strange coincidence where my mind goes “Huh? How is that even possible?”… Kinda strange feeling! But that feeling gave me the push to the privacy route maybe in a rather to extreme direction? Always follow your guts when there’s to much noise to make a clear decision.

• RethinkDNS (block every in/out request except those manually allowed)
• Degoogles android (Shizuku+canta, magisk, debloater)
• Only open source apps and delete everything else (no exceptions here) -…

You will never get full 100% privacy or anonymity, however you can make your data as much as difficult to get and waste some of their resource and time :).

Good luck !

Yeah… This was probably intentional. Now we get why ! They didn’t put to much effort for the self-hosted version, because they didn’t want you to self-host.