If you don’t mind hardening firefox on android. You can try Firefox with uBlock. It give some small advantage compared to Brave like more filters list from uBlock, the element picker thing, and no brave, etc. The performance can be questionable though.
Yes it is true. It have insecure sandbox but in your case it seem like you still use vanadium, if you only use Firefox for known website for the webapp. The insecure sandbox is not that big of a deal anymore. Still from a pure security point, Firefox is not great.
I think overall I have an edge with Brave, since I use it for NanoGPT webapp which I need to be fast or I’ll kys because it was already slow AF on Vanadium so I assume on FF it will be a lot worse
I’m thinking if I need to use WhatsApp again I’ll try to download it, connect to WhatsApp web on my laptop and then delete it from my phone. Idk if it’ll work but it’s worth a shot
I am, it’s just that for some of my PWAs, they are unusable/buggy/slow on Vanadium. And lol I’m going around in circles. Do I reinstall Cromite now haha?
Don’t!
Your whatsapp session will expire over time & you gonna need to reinstall it on your phone.
Ether install whatsapp on private space or, if you feel adventurous, selfhost a Matrix-Whatsapp bridge.
Alternatively, convince your socials to use smh foss & more reliable,
Maybe telegram if they insist on mainstream, It got a foss client but telegram doesn’t enable E2EE by default (Secret Chat).
I see,
But at this rate, you gonna always make sure whatsapp runs on a VPN AND behind a kill switch so it doesn’t leak,
also maybe you’re interested in using tailscale or netbird to skip the port forwarding / domain hassle so you can connect to your matrix server and use the bridge in minutes.
Signal would be better for a mainstream secure communication as Telegram has its flaws, and E2EE is not enabled by default. It’s also not available in channels.
WARNING: this reply have 2 ounces of opinion-like ““facts””, a pinch of logic that make 0 sense & a whole bottle of chunky post,
Read, at your own warrenty…
Of course, signal, molly&unipush or even threema or anything more practical / security-audited is more worthy of your phone number and storing your data in an encrypted form,
I’d recommend conversation or matrix even more so they don’t require a phone number(but for some reason, they’re more scarce in usage)
Since messaging apps have to do with, well, messaging people & socializing, going to a person that doesn’t have your app & genteelly asks them to install an app is an inconvenience that people want to avoid…
Don’t get me wrong, I’d spend an hour talking messaging apps their differencies & cons but, as far as I’m aware, most non-tech invested ppl would consider this “dead-time” and would rather already text on the “avaliable app”
So, instead, you’d preinstall “mainstream” apps to not even mention it and start texting instandly since you’re usually expected to have it (pre)installed. (i remember whatsapp and fb-messanger being preinstalled on some vendors)
This or use imessage & make them question their existence :) Even on android
To the best of my knowledge, the top “mainstream” apps out there are:
whatsapp, telegram, discord (yes, DiScOaRd), imessage and sadly, facebook messanger.
(I know signal is getting recognised in “mainstream” & getting more adoption, but for some reason, I don’t see ppl installing it because it’s not “that” viral to have enough contacts or it would go unoticed by them because “muh FBI and privacy controversies are too creepy” )
most ppl are aware of these apps and their mass adoptions so they wouldn’t even bother and just get it done with or install the app already.
Out of these options only 2 are actually viable for secure & private messaging especially for Floss:
Telegram, for being “transparent” & having it’s source avaliable for security auditing.
imessage: for being E2EE encrypted by default with The Manufactureᵀᴹ showing some dedication about the anonimity & security of the product.
Telegram don’t E2EE by default, but you can just start a secret chat that would be private, at least they allowed for foss, third-party clients & made their own “proxy” while encoraging VPNs,
imessage can’t be really called floss because the offical client isn’t & is also gate-limited by The Manufactureᵀᴹ , but at least it has a foss unoffical client that still faily usable (with the compromise of needing MacOS “installed & certified” or paying for an access token.
Outside of this, there’s really no scope for consideration, most messaging apps that made it to “mainstream” ether doesn’t care about their users securities & would actively report anything big bros for " the general safety of the userbase" or be a hidden honeypot that collect dats & sell it to advertisers while lying about it. (even whatsapp does that & think we’re dumbies),
When one starts to pick for messaging applications, there’s no “choice”, “consideration” or even the qualities to think if it genually a good platform, you’re left with only dedication to utilize a messaging app for what it offers & push your circle of people to join you there…
You may convince your friends, but you can’t convince your coworker, team, boss, partner of a project, your online fellas or even your family memebers depending on their tech literacy.
OP didn’t consider ditching whatsapp, instead, they considered methods to hinder whatsapp’s privacy violations & telemetry, I’m not OP but, that’s seemingly the case;
Even if they run whatsapp on an sandboxed, private space & use a 20 yr-old trash phone, running whatsapp at all on android is a risk since android has lots of APIs that provides device metadata that can be used to uniquely profile users & fingerprint them.
I can be wrong, but I see only 2 actions OP can do:
Utilize whatsapp web (& android vm to scan) to setup a bridging server / service (like matrix-bridge or beeper & make devices connect to it (port forward, local “vpn” or beeper) or,
Push their circule of people to use an another “mainstream” platform OP can trust…
Sometimes, having online conversation can be totally inconvenient or tiresome, not only because of whom, but how, this is one of them…
I don’t like telegram at all, especially so with the latest policy change but, it’s easier.
deleted by creator
If you don’t mind hardening firefox on android. You can try Firefox with uBlock. It give some small advantage compared to Brave like more filters list from uBlock, the element picker thing, and no brave, etc. The performance can be questionable though.
I heard gecko browsers are insecure on mobile
Yes it is true. It have insecure sandbox but in your case it seem like you still use vanadium, if you only use Firefox for known website for the webapp. The insecure sandbox is not that big of a deal anymore. Still from a pure security point, Firefox is not great.
I think overall I have an edge with Brave, since I use it for NanoGPT webapp which I need to be fast or I’ll kys because it was already slow AF on Vanadium so I assume on FF it will be a lot worse
I’m thinking if I need to use WhatsApp again I’ll try to download it, connect to WhatsApp web on my laptop and then delete it from my phone. Idk if it’ll work but it’s worth a shot
Brave is WAY worse than cromite. And, why aren’t you using Vanadium more?
I am, it’s just that for some of my PWAs, they are unusable/buggy/slow on Vanadium. And lol I’m going around in circles. Do I reinstall Cromite now haha?
Don’t!
Your whatsapp session will expire over time & you gonna need to reinstall it on your phone.
Ether install whatsapp on private space or, if you feel adventurous, selfhost a Matrix-Whatsapp bridge.
Alternatively, convince your socials to use smh foss & more reliable,
Maybe telegram if they insist on mainstream,
It got a foss client but telegram doesn’t enable E2EE by default (Secret Chat).
Alright, in the future I will likely run an Android VM with WhatsApp using a physical SIM bought with cash or a virtual SIM bought with monero
I see,
But at this rate, you gonna always make sure whatsapp runs on a VPN AND behind a kill switch so it doesn’t leak,
also maybe you’re interested in using tailscale or netbird to skip the port forwarding / domain hassle so you can connect to your matrix server and use the bridge in minutes.
There’s a new foss netbird client for android if it satisfies.
Ofc, I always have killswitch on my VPN, using alternatives didn’t cross my mind so thanks, I’ll also keep the client in mind
Signal would be better for a mainstream secure communication as Telegram has its flaws, and E2EE is not enabled by default. It’s also not available in channels.
WARNING: this reply have 2 ounces of opinion-like ““facts””, a pinch of logic that make 0 sense & a whole bottle of chunky post,
Read, at your own warrenty…
Of course, signal, molly&unipush or even threema or anything more practical / security-audited is more worthy of your phone number and storing your data in an encrypted form,
I’d recommend conversation or matrix even more so they don’t require a phone number(but for some reason, they’re more scarce in usage)
Since messaging apps have to do with, well, messaging people & socializing, going to a person that doesn’t have your app & genteelly asks them to install an app is an inconvenience that people want to avoid…
Don’t get me wrong, I’d spend an hour talking messaging apps their differencies & cons but, as far as I’m aware, most non-tech invested ppl would consider this “dead-time” and would rather already text on the “avaliable app”
So, instead, you’d preinstall “mainstream” apps to not even mention it and start texting instandly since you’re usually expected to have it (pre)installed. (i remember whatsapp and fb-messanger being preinstalled on some vendors)
This or use imessage & make them question their existence :) Even on android
To the best of my knowledge, the top “mainstream” apps out there are:
whatsapp, telegram, discord (yes, DiScOaRd), imessage and sadly, facebook messanger.
(I know signal is getting recognised in “mainstream” & getting more adoption, but for some reason, I don’t see ppl installing it because it’s not “that” viral to have enough contacts or it would go unoticed by them because “muh FBI and privacy controversies are too creepy” )
most ppl are aware of these apps and their mass adoptions so they wouldn’t even bother and just get it done with or install the app already.
Out of these options only 2 are actually viable for secure & private messaging especially for Floss: Telegram, for being “transparent” & having it’s source avaliable for security auditing. imessage: for being E2EE encrypted by default with The Manufactureᵀᴹ showing some dedication about the anonimity & security of the product.
Telegram don’t E2EE by default, but you can just start a secret chat that would be private, at least they allowed for foss, third-party clients & made their own “proxy” while encoraging VPNs,
imessage can’t be really called floss because the offical client isn’t & is also gate-limited by The Manufactureᵀᴹ , but at least it has a foss unoffical client that still faily usable (with the compromise of needing MacOS “installed & certified” or paying for an access token.
Outside of this, there’s really no scope for consideration, most messaging apps that made it to “mainstream” ether doesn’t care about their users securities & would actively report anything big bros for " the general safety of the userbase" or be a hidden honeypot that collect dats & sell it to advertisers while lying about it. (even whatsapp does that & think we’re dumbies),
When one starts to pick for messaging applications, there’s no “choice”, “consideration” or even the qualities to think if it genually a good platform, you’re left with only dedication to utilize a messaging app for what it offers & push your circle of people to join you there…
You may convince your friends, but you can’t convince your coworker, team, boss, partner of a project, your online fellas or even your family memebers depending on their tech literacy.
OP didn’t consider ditching whatsapp, instead, they considered methods to hinder whatsapp’s privacy violations & telemetry, I’m not OP but, that’s seemingly the case;
Even if they run whatsapp on an sandboxed, private space & use a 20 yr-old trash phone, running whatsapp at all on android is a risk since android has lots of APIs that provides device metadata that can be used to uniquely profile users & fingerprint them.
I can be wrong, but I see only 2 actions OP can do:
Sometimes, having online conversation can be totally inconvenient or tiresome, not only because of whom, but how, this is one of them…
I don’t like telegram at all, especially so with the latest policy change but, it’s easier.
Yeah I would rather just nudge them towards Signal, I very much dislike telegram and have recently retired it
:O uhhhhm, Great!! 👍 Don’t mind me, I accidentally wrote a whole blog
It happens to the best of us
I use Molly with Orbit proxy, so I feel Signal is the next best thing after SimpleX