With the stories about data from period tracking apps being shared with law enforcement, I was wondering if there was a self hosted alternative I could host for my daughter. My searches so far have not returned any good results. Thanks!

  • CameronDev@programming.dev
    link
    fedilink
    English
    arrow-up
    65
    ·
    1 year ago

    I wrote a period app for my partner, everything is encrypted and never leaves the device.

    It has a option where you can set false passwords, so that if you are being compelled to unlock it, it will get up fake data.

    Code is open source: https://github.com/cameroncros/PrivatePeriodTracker

    https://play.google.com/store/apps/details?id=com.cross.privateperiodtracker

    It may not meet your needs, but perhaps worth a look. I am open to adding features (except for ads and tracking obviously).

    (I have posted this before, but with an inappropriate account)

    • Biff@lemmy.world
      link
      fedilink
      English
      arrow-up
      35
      arrow-down
      1
      ·
      1 year ago

      “if you are being compelled to unlock it” What kind of world are we living in? I feel awful for the kids of today.

      • UFO64@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        This could 100% happen in the US today given the reproductive laws being passed.

      • Countess425@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        That’s just if it’s unlocked with your thumbprint, since, if you’re being arrested the cops get your thumbprint anyway, but if it’s a password or phrase, you have the right to remain silent, correct?

    • JonDotG@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      This is super cool. Unfortunately all the teens are using iPhones and I don’t think I’ll be able to install this. If it’s ever an iPhone app I’ll be the first downloader.

      • socphoenix@midwest.social
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        If you have an Apple computer and are willing to download some code there’s period underground… it’s terribly written by me for my wife. She uses it on her iPhone and it keeps all data local. I never tried to get it on the App Store due to qt licenses, and because the encryption module didn’t compile so it will rely on you not unlocking your device for someone who shouldn’t be seeing the data. There’s other options I’ve seen on here hopefully one of those will work.

        It does exist on the android store with encryption as an option and blank data with no warning if you enter the wrong password. Also includes a quick delete and a quick delete with random data written into the database as deletion options

      • CameronDev@programming.dev
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        Pretty unlikely that I ever port to iPhone, I dont have one to dev on. To be honest, my partner doesnt even use it, so it was a little bit of a waste of time, except for a learning opportunity.

      • cooopsspace@infosec.pub
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        8
        ·
        edit-2
        1 year ago

        Given that Apple is more likely to submit to government (any, any country) coercion and doesn’t allow side loading of apps your next phone should be Android. Especially one that supports GrapheneOS or CalyxOS.

        Failing that, many apps work as web applications and if saved to the home screen it’ll both look and feel like a native app.

        • UFO64@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Apple’s systems are designed so that they don’t really have a choice in the matter. The end user holds the only master key.

  • Dandroid@dandroid.app
    link
    fedilink
    English
    arrow-up
    34
    ·
    1 year ago

    Sorry, I’m just a dude with no periods that buries my head in the sand a bit to much. The government is doing fucking WHAT with your period information? How is this any of their business? Why would they want to know this information?

    • pyromaster55@lemmy.world
      link
      fedilink
      English
      arrow-up
      42
      ·
      1 year ago

      Using it to determine if you get pregnant and then suddenly aren’t. So they can charge you for getting an abortion.

      • Dandroid@dandroid.app
        link
        fedilink
        English
        arrow-up
        19
        ·
        1 year ago

        That is fucking insane, considering there are a million reasons why someone might not have a period (stress, could just be an irregular person, or literally no reason at all. Humans are not all the same). Or they could simply forget to input data into their calendar one time. Or they could simply decide that they don’t want to use the app any more, then change their mind a few months later. This data would be circumstantial evidence at best, and if anyone is being convicted of a crime based on this data, I am extremely suspicious of the court system in that country/state.

        And that’s BEFORE we even talk about how it’s a huge invasion of privacy.

        And which governments are doing this?

        • JonDotG@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          30
          ·
          1 year ago

          The third world government of Texas for one. Whether they target my kid or not, better safe than sorry.

          • Dandroid@dandroid.app
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Ah, based on the original wording, I thought this was something that was already happening. As you said, absolutely better to be safe than sorry. Do everything you can to avoid being put in a situation where you need to figure out if this will hold up in court. I want to believe it wont, but who tf knows with how this world is these days.

            • rhythmicotter@midwest.social
              link
              fedilink
              English
              arrow-up
              11
              ·
              edit-2
              1 year ago

              A US state has already subpoenaed Facebook for Messenger texts to prove an abortion case. It’s not speculative.

              • Dandroid@dandroid.app
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                I read about that case, but if I am understanding that correctly, in those messages someone admitted to having an abortion. Having evidence of something happening and not having evidence of something not happening (e.g. a gap in period tracking data) are pretty different in the courtroom. I was specifically asking about subpoenaing period tracking data, citing a gap in the data as evidence of anything. If that held up in court, I would lose any remaining faith that I had in whatever government this happened under, because from a purely logical point of view, lack of data is not evidence of anything.

                • rhythmicotter@midwest.social
                  link
                  fedilink
                  English
                  arrow-up
                  5
                  ·
                  edit-2
                  1 year ago

                  Police prefer that criminal cases are resolved by compelling a confession. If a woman is told by the police they have her period data, most people would crack in that situation. Whether it holds up in court is mostly irrelevant.

                  It should go without saying, but never talk to police and if you’re being interviewed, insist on invoking your 6th amendment right to an attorney and your 5th amendment right to remain silent. And don’t engage with anything the police say.

        • TWeaK@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Circumstantial evidence can still be enough evidence to start an investigation, in pursuit of more solid evidence.

          Normally this would be a reasonable course of action in proving someone guilty of a crime. However, here the law is completely unreasonable, and the process is being exploited.

    • Midas@ymmel.nl
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      1
      ·
      1 year ago

      Men trying to control women’s bodies. Tale as old as time sadly.

    • starcat@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      3
      ·
      1 year ago

      Folks are misleading you. There’s CONCERN this could happen, it’s not happening.

      • Dandroid@dandroid.app
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        1 year ago

        Got it, thanks. I tend to not pay attention to the news, so sometimes I peek out of the rock I live under and am surprised at how much the world has gone to shit. The scenario described by OP is unfortunately plausible.

  • nutbutter@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    25
    ·
    1 year ago

    Menstrual cycle trackers

    • Drip - Menstrual cycle and fertility tracking. Everything you enter stays on your device.
    • log28 - a (very) simple no-frills period tracker for Android.
    • RBG@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Started using Drip a few months back, seems interesting as it bases next period time on the last ones.

      Log28 just takes what you enter as period length to show when the next one starts.

    • Thorned_Rose@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Drip looks great! I’ve been using Ovuview which says it keeps your data private, but being proprietary I can’t easily know for sure. I love Ovuview for its depth of tracking (Symptothermal plus any custom symptoms you want) and it’s accurate predictions.

      But will be really nice if Drip works out well (gonna try it for a while first before ditching Ovuview) so I can finally use something FOSS.

  • TenderfootGungi@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    3
    ·
    1 year ago

    Use the one built into iPhones and either encrypt iCloud so Apple cannot read it ( but no way to recover if you forget password) or turn off iCloud sync for health data (you will lose history with new phone).

    Or, print out a one page annual calendar and use a pencil.

  • grannyweatherwax@feddit.nl
    link
    fedilink
    English
    arrow-up
    15
    ·
    edit-2
    1 year ago

    A woman. I’m interested too… It’s really tiring keeping track of it on an analog Calendar.

    If you can’t find anything, I suggest you make her a barebones one or get her to use something like etar. It’s all local.

    • Chaphasilor [he/him]@feddit.nl
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      2
      ·
      1 year ago

      While that is actually nice and does focus on privacy, I’m not sure if “funded by […] government” is a good argument in favor in the context of this post…

      • jman6495@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        The German Government, and it is an offline and encrypted app. Not everything governments do is bad.

      • jman6495@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        The German Government, and it is an offline and encrypted app. Not everything governments do is bad.

  • Black616Angel@feddit.de
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Look into Periodical as well, it’s on fdroid and completely local. It also shows when the next period should be and works better than some closed source apps.

  • cooopsspace@infosec.pub
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    1 year ago

    I’d probably just spin up a calendar such as one on Nextcloud but also change the name of the event to another plausible name such as:

    Pay day.
    Grandma coming to town.
    Grandma leaving town.
    Walk the cat.
    Pick up groceries.
    Collect mail.
    Drop off mail.

    • corroded@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      As someone who uses Nextcloud, why do you suggest obfuscating the name of the calendar event? My nextcloud instance is only accessible from outside my LAN via HTTPS, so no concern about someone using a packet sniffer on public WiFi or something of that sort. The server is located on my property, so physical security isn’t a real concern unless someone breaks in with a USB drive or physically removes the server from the rack and steals it. If someone was to gain access to my network remotely, they’d still need login credentials for Nextcloud or for Proxmox in order to clone the VM drive.

      To be clear, I’m not disagreeing with you; I’m wondering if I may be over-estimating data security on my home network. Considering you’re posting from infosec.pub, I’m assuming you know more about this than I do.

      Also, I feel like I need to say that the fact that OP even needs to consider data security for something like really makes me wonder how parts of our society have gone so wrong.

      • bogo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 year ago

        If your concern for wanting to self host is that you’re concerned your government might attempt to access that data, then you should also assume they could get a warrant for that data and force you to decrypt it if it were encrypted at rest on a machine in your home.

        • corroded@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          That’s a very valid point, and certainly a reason to obfuscate the calendar event. I would argue that in general, if the concern is the government forcing you to decrypt the data, there’s really no good solution. If they have a warrant, they will get the encrypted data; the only barrier is how willing you are to refuse to give the encryption key. I think some jurisdictions prevent this on 5th amendment grounds, but I’m not not a lawyer.

          • bogo@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Right, this is exactly what I was saying. Plausible deniability because you know you’re not going to be able to fight to protect the data when they come knocking.

      • SeriousBug@infosec.pub
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        The police can confiscate your servers. Considering some states are treating abortion as murder, I don’t think it’s unrealistic to say the police could raid your home and confiscate your devices just on suspicion.

        The only thing safe against that is an encrypted device locked with a password, no biometrics like fingerprints or face ID. As far as I know, you can refuse to give a password under the 5th amendment, but you can’t refuse to unlock a device with a fingerprint reader or face ID.

      • cooopsspace@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        To tell you the truth - I don’t bleed from my genitals so I don’t have the solution for you.

        Time between periods should be 24-38 days. If you can’t manage that in a calendar, how can an app know?

  • iamacat@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Drip is one of the better options if you want to just download something from your app store of choice. It’s FOSS, requires minimal permissions, and seems to store all data locally.

  • irotsoma@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I’ve heard log28 is a good simple app with a local database and without tracking. I haven’t looked at it too closely to verify much. But seems like it hasn’t had an update for a while.

  • Jo Miran@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    If for some reason self hosting doesn’t work out, try looking into Proton Calendar. Secured, encrypted, and Swiss. They do not entertain subpoenas.