Careful what you wish for, if Firefox dies now (before alternatives are viable) then Google owns the web and no new browser engines will be able to even get a sniff of a foot in the door!

There’s also UntrackMe which does similar things on Android

Given that I recently read the intro on Codeberg (which I think is the main public Forgejo instance) and it was very pro-copyleft, I’m surprised this wasn’t already the case! Good news, though.

I think the real old big dogs like Microsoft, Google, and IBM still have a lot of dedicated developers for big projects like the Linux kernel. I doubt they bother that much with smaller projects though.

Hopefully this xz scandal will give the kind of big corps which already pay OSS maintainers the kick up the arse required to treat their entire supply chain as a potential attack vector that should be audited and supported. Or maybe I’ve just asked the monkey’s paw for increased corpo control over OSS projects…

Not according to the article at the top of this thread:

Proton does also offer a VPN service of its own — and Yen has claimed that Swiss law does not allow it to log its VPN users’ IP addresses. So it’s interesting to speculate whether the activists might have been able to evade the IP logging if they had been using both Proton’s end-to-end encrypted email and its VPN service.

“If they were using Tor or ProtonVPN, we would have been able to provide an IP, but it would be the IP of the VPN server, or the IP of the Tor exit node,” Yen told TechCrunch when we asked about this.

Doesn’t Proton specifically provide instructions for how to use proton mail via proton vpn (and/or tor, discussed in the article) to provide extra privacy against IP-demanding court orders?

How can I enjoy game if it doesn’t constantly tell me how to have fun??

Isn’t this just an ad for their custom laptops? There isn’t really that much talk about Intel ME, which is a shame.

I think it was three years from launch, though I believe newer Pixels offer at least 5 now

FYI the Pixel 5 is in “extended support”, which I think means they are still supporting it but they might stop at any point. From their actual doc:

The following devices are end-of-life, no longer receive firmware or most driver security updates and receive extended support from GrapheneOS as part of the main releases with all GrapheneOS changes including all of the latest Android Open Source Project changes

NFC works, it’s just some very-Google-integrated apps like Google Pay that don’t

I don’t know anything about jellyfin so no idea if this actually fits your requirements, but hosting your own invidious instance would give you a YouTube web interface which you could use to watch directly or download for later.

It depends entirely what you use your phone for, there’s no one-size-fits-all answer for everyone’s threat model. The sandbox means Google Pay Services can’t do most of the things we’d normally be worried about it doing, MicroG still has the power to do all those things it’s just not Google doing them.

Yes, by default it has no Google stuff in it at all. Adding in a sandboxed (i.e. without the normal privileged access to everything) version of Google Play Services is covered in the Features section on their website.

True, different use cases, that said GrapheneOS does still provide security updates for a year longer than they claimed they would on my last phone. I think DivestOS is the best choice otherwise, I’ve not got round to actually installing it on anything though so I can’t really offer much more on it.

GrapheneOS aims to provide reasonably private and secure devices. It cannot do that once device support code like firmware, kernel and vendor code is no longer actively maintained. Even if the community was prepared to take over maintenance of the open source code and to replace the rest, firmware would present a major issue, and the community has never been active or interested enough in device support to consider attempting this. Unlike many other platforms, GrapheneOS has a much higher minimum standard than simply having devices fully functional, as they also need to provide the expected level of security. It would start to become realistic to provide substantially longer device support once GrapheneOS controls the hardware and firmware via custom hardware manufactured for it. Until then, the lifetime of devices will remain based on manufacturer support.

From https://grapheneos.org/faq#legacy-devices

Basically they don’t want to support devices if they can’t make them secure, which is something that requires at least some input from the manufacturer. I imagine a GrapheneOS dev would say that CalyxOS’s updates to a device where the manufacturer isn’t providing kernel updates isn’t a worthwhile update.

There was a good discussion in the degoogle community last week which can give much more specific details, but the short version is that GrapheneOS’s main focus is security (and you get a lot of privacy stuff too), whereas CalyxOS’s main focus seems to be privacy but it lacks on the security side. For instance CalyxOS uses MicroG instead of Google Play Services, which keeps you private from Google but is still a black box that you have to give privileged access, whereas GrapheneOS has nothing by default (and that can work fine for some users), but you can install real Google Play Services within a sandbox where it has no privileged access.

If you’ve got a pixel why would you use calyx rather than GrapheneOS?

Discord is terrible for both public and private communications. It locks public discussions (which would otherwise happen somewhere open like a traditional forum) away somewhere you can’t search without logging in, meaning you can’t get quick answers without already knowing where you need to look. It also offers no E2EE on its ‘private’ chats, so presumably datamines everything you type.