Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)L

liminal

@ liminal @lemmy.ml

Posts
2
Comments
7
Joined
5 yr. ago

  • Does anyone build GrapheneOS "from scratch"?

    Jump

  • The fact that devs sign the builds doesn't protect you from a Jia Tan type of actor. Jia Tan had social-engineered they way to a maintainer and then dropped their backdoor in the .tar releases. If you had compiled from the tree you couldn't be affected. It's possible to fail to review malicious commits even in this case, but it is still more transparent than pre-packaged releases. And there's no point to reproducible builds if no one actually reproduces them.

  • Tuvix Tricorder - An RSS Button For The Web

    Jump

  • Your mobile device NEEDS firewall profiles

    Jump

  • Netguard also has a separate lockdown mode (which only enables a few apps, or none, to go through) that if toggled automatically based on connected network would enable you to dictate which apps can use untrusted networks.

    While there are lots of apps that automate some sort of action based on the name of the WiFi network, activating the lockdown mode in Netguard is more specific, and I doubted if it's even possible. To start, I came up with a Termux command invocation that toggles the lockdown mode in Netguard. After customizing the quick settings (near the notification area) this adb command confirms that this method for toggling Netguard's lockdown mode really works:

     
        
adb shell cmd statusbar click-tile eu.faircode.netguard/.WidgetLockdown

    Default Termux doesn't request the necessary permission which impeded the command from running, however:

     
        
java.lang.SecurityException: StatusBarManagerService: Neither user 10472 nor current process has android.permission.EXPAND_STATUS_BAR.

    So this is where I'm at, I could probably just use Tasker to like some people do to run the cmd statusbar command, but I also wanted to call some attention to the issue report on the Termux repository regarding this permission.

    EDIT: There's a high likelyhood it won't work on Tasker without root, and on termux it also wouldn't work even if you managed to request the permission.

  • Your mobile device NEEDS firewall profiles

    Jump

  • For the record, in almost all versions of Android you can install apps in a isolated environment through Shelter. Apps in this environment get icons in your home screen just like the rest, but don't share the vpn/firewall connection that you might have active through RethinkDNS, among other things.

    You effectively have two sets of apps with different firewall settings. And if you figure out a way to automate the locking down of RethinkDNS (through something like Tasker or Schröder's Automation,) you would effectively have a mechanism that only lets the small number of apps in the isolated environment work while connected to an untrusted network.

  • File based syncing of profile data instead of Mozilla sync?

    Jump

  • XBrowserSync and Floccus don't sync to local files, unless you self-host the server or a webDAV respectively.

    Lofloccus makes it easy to spawn a local webDAV server (making Floccus save your bookmarks to local files) which I can then sync with rsync or Syncthing or whatever system I already like. It's only available for Windows and MacOS though.

  • Your mobile device NEEDS firewall profiles

    Jump

  • It's me asking if there's any firewall out there that supports profiles. I've learnt graphene has this functionality, that's become one option to go with.

  • Privacy @lemmy.ml
    liminal @lemmy.ml

    Your mobile device NEEDS firewall profiles