overview for kchr

GrapheneOS vs LineageOS vs CalyxOs vs DivestOs vs /e/OS vs iodé vs CopperheadOS in c/privacy@lemmy.ml

[–] kchr@lemmy.sdf.org 1 points 4 hours ago

DivestOS sounds interesting but I am wary of any "mission-critical" software project (such as the firmware for my primary phone) that relies on a single person, for multiple reasons. Burnout and potential for social engineering by malicious actors being two of them.

GrapheneOS vs LineageOS vs CalyxOs vs DivestOs vs /e/OS vs iodé vs CopperheadOS in c/privacy@lemmy.ml

[–] kchr@lemmy.sdf.org 1 points 5 hours ago

GP:s comment made me curious as well. Usually, if multiple hardware vendors are supported there are separate branches with different maintainers. It doesn't necessarily mean that the main codebase is bloated as a result.

99

Curated list of banking app support for GrapheneOS (privsec.dev)

submitted 5 hours ago* (last edited 5 hours ago) by kchr@lemmy.sdf.org to c/privacy@lemmy.ml

4 comments fedilink

For those that are looking to install GrapheneOS and want to ensure that their banking apps work as intended, here is a curated list with app compability status per country.

Each entry also lists required settings, profile and whether they need access to Google Play services, among other details.

GrapheneOS vs LineageOS vs CalyxOs vs DivestOs vs /e/OS vs iodé vs CopperheadOS in c/privacy@lemmy.ml

[–] kchr@lemmy.sdf.org 11 points 5 hours ago (2 children)

For those that are looking to install GrapheneOS and want to ensure that their banking apps work as intended, here is a curated list of supported apps per country:

https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/

I like how the title pretends *nix operating systems don't exist in c/linuxmemes@lemmy.world

[–] kchr@lemmy.sdf.org 2 points 3 days ago (1 children)

Security. The more popular a piece of software gets (including operating systems), it becomes a bigger attack surface for malicious actors to use.

Fundamentally, Windows security is not really that much of a swiss cheese people usually say it is. It's just that more people (researchers and malicious actors alike) are actively looking for vulnerabilities in it.

My take on Linux vs QubesOS regarding privacy and security in c/privacy@lemmy.ml

[–] kchr@lemmy.sdf.org 1 points 3 days ago* (last edited 3 days ago) (1 children)

CPU vulnerability mitigations would typically be distributed with the intel-microcode package for Intel processors on Debian-based distributions, for example.

My take on Linux vs QubesOS regarding privacy and security in c/privacy@lemmy.ml

[–] kchr@lemmy.sdf.org 2 points 3 days ago

And QubesOS isnt based on linux kernel. It uses Xen. Linux is used in the Qubes aka VMs.

The dom0 is very much running a Linux kernel, the same way your domU:s are typically running Linux kernels (although you could probably run any kernel in hvm mode).

As an example, here is the documentation on how to manage updates for the dom0 kernel:

https://www.qubes-os.org/doc/how-to-install-software-in-dom0/#kernel-upgrade

How do you solve dynamic DNS? in c/selfhosted@lemmy.world

[–] kchr@lemmy.sdf.org 1 points 1 week ago

Hadn't heard about deSec until now, seems to be run by some cool privacy minded folks in Germany:

https://desec.io/

How do you solve dynamic DNS? in c/selfhosted@lemmy.world

[–] kchr@lemmy.sdf.org 3 points 1 week ago (2 children)

I guess you already know about the options, but for others:

Find the cheapest VPS out there and have a Wireguard tunnel between it and your home network. Run ddclient or similar on the VPS in case the public IP changes.