Re: De - Googling yourself ?!

23 Antworten [Letzter Beitrag]
Staircase
Offline
Beigetreten: 02/24/2022

I've kept a journal of my move away from Google/Apple products and the likes since 2017: https://yctct.com/log.

andyprough
Offline
Beigetreten: 02/12/2015

yt-dlp is the replacement for youtube-dl, and is presently working fine. I think it's in the Trisquel repos; at least I've been using it on Trisquel and it seems to be updated without manual intervention. There's additionally ytfzf which will allow you to search for videos from the CLI.

JC8
JC8
Offline
Beigetreten: 12/29/2020

yt-dlp is a program that has high tendency to break and stop working properly because there's an active effort from Google to constantly cripple and break it by tweaking and changing the backend behavior from YT. The stable releases from this program are usually not very reliable and I don't recommend them.

Instead, just clone the repo directly and compile it, or download the binary directly and put it on /bin, with a symlink in /sbin, then you can upgrade it individually through yt-dlp -U, mpv will work just fine. Better than waiting for the stable release on repos to get patched which can take years, it's just about time that it'll eventually breaks.

prospero
Offline
Beigetreten: 05/20/2022

yt-dlp is available in the backport repo for Aramo: https://packages.trisquel.org/aramo-backports/yt-dlp.

That said, yt-dlp supports a monstrous amount of video sources, so the best way to avoid being annoyed by ggl's annoying behavior is probably to avoid ggl's services for good.

andyprough
Offline
Beigetreten: 02/12/2015

>"yt-dlp is available in the backport repo for Aramo"

It does look like I am using the backport version:
$ apt policy yt-dlp
yt-dlp:
Installed: 2023.07.06-1~bpo22.04.1
Candidate: 2023.07.06-1~bpo22.04.1
Version table:
*** 2023.07.06-1~bpo22.04.1 500
500 https://archive.trisquel.info/trisquel aramo-backports/main amd64 Packages
500 https://archive.trisquel.info/trisquel aramo-backports/main i386 Packages
100 /var/lib/dpkg/status
2022.04.08-1 500
500 https://archive.trisquel.info/trisquel aramo/main amd64 Packages
500 https://archive.trisquel.info/trisquel aramo/main i386 Packages

I haven't had difficulty using the Trisquel backport version of yt-dlp. I did have trouble in the past using youtube-dl on occasion. It seems as though the yt-dlp devs are staying on top of things.

prospero
Offline
Beigetreten: 05/20/2022

Yes, backporting yt-dlp is yet another great gift from the Trisquel deities.

Staircase
Offline
Beigetreten: 02/24/2022

The first message of this thread was a reply to:

> Hi Everyone !
>
> Anyone care to share info, links to websites etc that are fairly up-to-date
> about
>
> how to de-google yourself most effectively ?
>
> Thanks :)

received via the mailing list. Not sure why it does not show up as the first message of this thread (or whether it should at all).

prospero
Offline
Beigetreten: 05/20/2022

Threads seem to get split when replying to the OP through the mailing list.

EDIT: in addition, the original thread has now disappeared.

EffingComputer
Offline
Beigetreten: 07/17/2023

Some cool stuff on your site.
I'm curious to know why you deleted Signal and Proton?
I've had my doubts about Signal for some time but have started using Proton about 6 months ago.

Trying to get away from these "big tech" companies is a real challenge now. Everyone I work for is always using microsoft platforms for everything.

JC8
JC8
Offline
Beigetreten: 12/29/2020

I could take a guess as to why they removed those two, but I can give you my reasons to avoid them.

1. The Proton service is provided by proprietary servers.

2. Their own obscure PGP implementation breaks compatibility with any standard Email client and makes user-controlled GPG encryption as aggressively inconvenient as possible, on top of paywalling IMAP and SMTP.

3. The aforementioned encryption is completely pointless if you send emails to people that has addresses on other email agents (like Gmail, Outlook or standard Email servers), as the email must be decrypted for them to read the contents, this proprietary encryption scheme only works on addresses inside Proton servers and there's no evidence that they're not saving unencrypted copies anyways.

4. Considering all of that, Proton totally stinks of a honeypot and makes privacy more inconvenient than it should. Use Email proper, standard-compliant providers that give clear access to IMAP and SMTP, setup your own GPG keypair and communicate that way, if you have your own GPG keypair Proton has nothing to offer and it's yet another compromise.

Signal is just a worse and more stupid XMPP, XMPP has cross platform clients, proper decentralization and has no arbitrary requirements such as phone numbers, Signal is phone only, requires a SIM card, requires a phone number and the service snitches to everyone that has your phone number saved in their phone that you installed and have a Signal account.

EffingComputer
Offline
Beigetreten: 07/17/2023

hmmm interesting. I wasn't aware of the proprietary nature of Proton.
Sadly ALL encrypted email platforms are pretty useless, unless the recipient is also on the same platform. Not everybody wants to use GPG/PGP so it's sometimes difficult to have fully private communications with everyone.

I'm interested to know your thoughts on other email providers such as Tutanota and StartMail. I just don't believe providers websites or content creators anymore.

As for signal, I setup a signal proxy a while ago and had people using it but when I was checking to see if it was working, I notice lots of communication to and from AWS servers. Researching at the time showed me that Signals servers were running on AWS servers.
Every person online that promotes Signal, also tells people NOT to use ANY amazon services........yet they push using a messaging app that uses amazon services.

At the moment I'm using https://www.privacytools.io for privacy info and looking into StartMail and some other apps like Session.

Staircase
Offline
Beigetreten: 02/24/2022

> I'm interested to know your thoughts on other email providers such as
> Tutanota and StartMail. I just don't believe providers websites or content
> creators anymore.

I personally switched from Gmail to Proton a few years ago -- kept learning
along the way to later realise I had fell in what we could call "the Proton
trap", i.e. some of the shortcomings discussed above.

My next step is *not* to switch to another email provider such as Gmail or
Proton, but instead setup Mail-in-a-Box.

Or, as Leah Rowe wrote "The best email provider for YOU is YOU" - with
instructions:
https://trisquel.info/en/forum/free-email-providers-being-banned-gmail-alternatives#comment-163588

Avron

I am a translator!

Offline
Beigetreten: 08/18/2020

Mail-in-a-Box looks like an interesting project but

Setup guide:
curl -s https://mailinabox.email/setup.sh | sudo bash

I'd rather read the whole contents of the bash scripts before running them as root.

preflight.sh:
if [ "$( lsb_release --id --short )" != "Ubuntu" ] || [ "$( lsb_release --release --short )" != "22.04" ]; then
echo "Mail-in-a-Box only supports being installed on Ubuntu 22.04, sorry. You are running:"
echo
lsb_release --description --short
echo
echo "We can't write scripts that run on every possible setup, sorry."
exit 1
fi

I'd rather not use Ubuntu, but perhaps it can run on Trisquel.

Setup Guide:
Can I run my Mail-in-a-Box at home?
No. Computers on most residential networks are blocked from sending mail both on the sending end (e.g. your ISP blocking port 25) and on the receiving end (by blacklists) because residential computers are all too often hijacked to send spam. Your home IP address is also probably dynamic and lacks configurable “reverse DNS.” If any of these apply to you, you’ll need to use a virtual machine in the cloud.

I would not make the effort of configuring my "own" email server on the computer of someone I don't even know (this is what a "virtual machine in the cloud is"). To solve filtering/connectivity issues, it would be more acceptable to use someone else's computer only to route/forward traffic.

Staircase
Offline
Beigetreten: 02/24/2022

Thanks, Avron. Could you (or someone else) possibly suggest a guide or a tutorial which explains how to route traffic from a home server to a third-party server a.k.a VPS? I've searched around but I am not sure who to trust. I have no reference in mind.

EffingComputer
Offline
Beigetreten: 07/17/2023

I just read about Mail in a box, seems like it's worth a test install. Many years ago I had setup iRedmail, which was good but having to manage it all the time due to spam or emails that didn't get received was painful.
Using a provider would releive that stress but I really don't want to pay so much extra per month to have extra users and proton, tuta, startmail and the like seem to hide (at least a little bit) that their "15 email addresses per account" are actually just aliases for the one account.

I will see if Mail in a box can work on a Trisquel server. :)

Staircase
Offline
Beigetreten: 02/24/2022

> At the moment I'm using https://www.privacytools.io for privacy info and looking into StartMail and some other apps like Session.

I also used this website in the past. Unfortunately they recommend proprietary software. I now search through this forum when looking for new tools (latest finds are foxtrotgps and luakit[1]), or alternatively I run $ apropos -a keyword_1 keyword_2 - when looking for utilities. I found pdfunite and the likes this way.

[1] thanks to andyprough https://trisquel.info/en/forum/configuring-and-running-luakit-browser

strypey
Offline
Beigetreten: 05/14/2015

EffingComputer:
> ALL encrypted email platforms are pretty useless, unless the recipient is also on the same platform. Not everybody wants to use GPG/PGP so it's sometimes difficult to have fully private communications with everyone.

Have you tried using Delta.chat? It works with an existing email account, and uses AutoCrypt to E2EE chat threads if the other person is also using Delta.chat (and possibly other services that use AutoCrypt?). I've had more success getting normie friends and family to use this than any other libre communication tool. Possibly because they don't have to create a new account on a new service to use it.

> At the moment I'm using https://www.privacytools.io for privacy info

I advise you not to trust that site. The domain appears to have been taken over and pointed at a fake version of the original website, full of obvious ads that are not marked clearly as ads. Even if it was the original site, and any ads were clearly marked as such, having potentially privacy-washing ads on a privacy guide like this creates an obvious conflict of interest.

FWIW I lost interest in this website and the group operating it in 2019, after a series of *long* debates over (amongst other things) their determined endorsement of Signal as the most privacy-respecting chat app:

https://github.com/privacytools/privacytools.io/issues/779

The site currently recommends two chat apps that are blockchain-based or blockchain-aligned (Session and Status).

EffingComputer
Offline
Beigetreten: 07/17/2023

> I advise you not to trust that site

Well thats a shame. I don't see any actual ads on that site though. How did you find the domain was taken over?

> The site currently recommends two chat apps that are blockchain-based or blockchain-aligned (Session and Status).

What's the issue with an app being blockchain based? (I never got into crypto currency and blockchain still baffles me, :P)

It's looking more and more like I should probably just run my own XMPP server, know of good client apps? (android or PC)

strypey
Offline
Beigetreten: 05/14/2015

EffingComputer:
> I don't see any actual ads on that site though

My first clue was the box that says "Incogni: Get your personal data deleted and off the market", which looks very much like an ad to me, and appears on multiple pages, even when it's not directly relevant to the topic of the page.

Then when I clicked around the site a bit, I found whole pages of ads, like;
https://www.privacytools.io/guides/

> How did you find the domain was taken over?

It's a guess, based on the above. I had my disagreements with the PrivacyTools group, but they seemed to be a principled bunch. I don't think they would have allowed the domain to be abused like this if they were still in control of it.

> What's the issue with an app being blockchain based?

People like Molly White can explain the larger issues surrounding the blockchain world much better than I can;
https://web3isgoinggreat.com/about

I admit that I haven't tested Session or Status yet. But my main criticism of using a blockchain as a way of decentralising a chat platform is that it seems to be more computationally expensive than other methods, and to get more so so over time not less, as the database gets bigger and the number of people using it increases. There may be things that a blockchain is the right tool for, like the decentralised identity register that Jami created;

https://jami.net/the-jami-blockchain-switches-from-proof-of-work-to-proof-of-authority/

... but I don't think it's the right tool for decentralised chat. Instead, I'd suggest an app using a federation protocol like XMPP (eg Snikket), Matrix (eg FluffyChat), or email (Delta.chat).

There are non-Blockchain P2P chat apps like Jami, and P2P protocols like Tox and ScuttleButt (eg ManyVerse), but I have yet to find one I'd recommend as a daily driver, based on the testing I've done so far, eg;

Jami: https://write.as/c7fda5x13qzve.md

Tox: https://write.as/yt03jv11742w2.md

ManyVerse: https://mastodon.nzoss.nz/@strypey/109838027859235797

Perhaps Nostr apps are worth a look? I've only tested Amethyst, installed from F-Droid, and I have struggled to find people to talk to on it. But that was true of the fediverse the first couple of times I tried to use it. I know Rabble, a fellow Indymediatista and founder of Planetary.social is big into Nostr now;

https://www.nos.social/blog/pivoting-from-ssb-to-nostr

Full disclosure: I have done paid contracting for the social enterprise that develops Snikket, including drafting the last few blog posts for snikket.org/blog

andyprough
Offline
Beigetreten: 02/12/2015

>"Use Email proper, standard-compliant providers that give clear access to IMAP and SMTP"

Disroot is pretty good, I don't know of any others that fit your criteria without being a privacy disaster. Tutanota doesn't fit your criteria as it doesn't do IMAP. Several other "privacy" email providers are sitting in 5-eyes countries - you might as well be sending your emails directly to the NSA/CIA/MI6/BND/etc. I think Disroot itself is in a 9-eyes country (Netherlands), which probably isn't much better. Did you have some particular provider in mind? Self-hosting with a VPS has the same single point of privacy failure along with often being located in 5-eyes or 9-eyes countries. Self-hosting from your own server exposes everything to your ISP or to a VPN if you go that route. Maybe a decentralized email provider of some sort?

EffingComputer
Offline
Beigetreten: 07/17/2023

Your response notes exactly one of my biggest issues. Every provider is in one of the 14-eyes countries. Seems there is really no escape. Would be nice to just get rid of it all but in a mostly online world with everything connected to something else, it's seemingly impossible.

Avron

I am a translator!

Offline
Beigetreten: 08/18/2020

> if you have your own GPG keypair Proton has nothing to offer

This is the main point I agree with.

To me, the only real issues with protonmail are:
- dynamically loaded javascript if using the webmail
- no standard interface to write an alternative to protonmail bridge
- storing of user keys on the server

I don't agree with most of the other comments, like "proprietary server" (it hurts those who run the server, not the user), "breaks compatibility" (it works well with Thunderbird and Evolution), "paywalling IMAP and SMTP" (every service has a cost), "the email must be decrypted for them to read the contents" (headers are not encrypted with gpg, so no need to decrypt, and if you have doubts that they can decrypt, protonmail bridge is free software so you can check it).

Staircase
Offline
Beigetreten: 02/24/2022

>I'm curious to know why you deleted Signal and Proton?

TL;DR Signal, Proton, are guardians, keeping users in a position of minority.

Signal.

The main reason is that Signal's founder Marlinspike is *for* centralization, i.e. against people running their own instances. His argument for his: "the ecosystem is moving" - but he omits to ask *why* things are moving fast - instead joins the race lead by the controllers of proprietary software, chose centralization, and herds more people into a walled-garden.[1]

I am uncomfortable at the idea of someone being okay herding x00 millions users into a walled-garden.

If Marlinspike's reason is security, he misses something. For this we have look at the security question from an epistemological perspective (I shall write more about this - sorry for the undeveloped statement.)

Proton, like Signal, are telling users "it is dangerous", "encryption is complicated"[2], positioning themselves as guardians, thus keeping users in a position of minority. What do I mean by "guardians" and "minority"? These concepts are taken from a text written by Kant - an excerpt:


Laziness and cowardice are the reasons why such a large part of mankind gladly remain minors all their lives, long after nature has freed them from external guidance. They are the reasons why it is so easy for others to set themselves up as guardians. It is so comfortable to be a minor. If I have a book that thinks for me, a pastor who acts as my conscience, a physician who prescribes my diet, and so on--then I have no need to exert myself. I have no need to think, if only I can pay; others will take care of that disagreeable business for me. **Those guardians who have kindly taken supervision upon themselves see to it that the overwhelming majority of mankind [...] should consider the step to maturity, not only as hard, but as extremely dangerous. First, these guardians make their domestic cattle stupid and carefully prevent the docile creatures from taking a single step without the leading-strings to which they have fastened them. Then they show them the danger that would threaten them if they should try to walk by themselves.** Now this danger is really not very great; after stumbling a few times they would, at last, learn to walk. However, examples of such failures intimidate and generally discourage all further attempts.[3] emphasize mine

[1] https://signal.org/blog/the-ecosystem-is-moving/; also: https://lwn.net/Articles/687294/ ; also see repository of LibreSignal on GitHub, issue #37
[2] cryptography is the art of a few (including Marlinspike) but generating a GPG key pair can be as simple as $ gpg --full-generate-key and answering 4 questions. You have a key pair. Then follow the EFF guide to set up your client with your newly generated GPG key pair.
[3] "Beantwortung der Frage: Was ist Aufklärung?" translation: http://www.columbia.edu/acis/ets/CCREAD/etscc/kant.html

EffingComputer
Offline
Beigetreten: 07/17/2023

Until this post, I'd never heard of LibreSignal. Sounds great but looking it up, it was abandoned years ago and reading some of those comments on github from moxie was painful.