Sharing privacy and security setups, the digital equivalent of leaving a detailed map to your treasure chest and then wondering why pirates are interested.

There’s actually two distinct ideas here:

1. “Sharing your setup leads to insecurity” If this were true, then software being open source would make it insecure. It simply isn’t true, most of the time. While yes, making your setup public can lead to spotted flaws that can be exploited, in general it has no effect so long as you can trust the system you use. For example, I could give you my encrypted KeePass database file, and feel relatively certain that my passwords are safe. It isn’t a good idea for me to do that, because it leads to an increased attack surface, but until you manage to brute force the password for it or a zero day is found in how the database is stored, my passwords are still safe.

2. “Sharing your setup makes you a target” To a degree, this can be true. The Streisand effect is evidence that this can happen. Again, though, as long as you anonymize some specific portions of your setup that can directly be used to exploit you, you will remain safe. I’ve shared my setup in the past (although it’s quite outdated by now), because I trust the way it is set up.

Hello there!

First off, good for you for looking out for the privacy of others!

Unfortunately, you can’t force privacy onto someone. That has to be a choice the person makes for themself. If you want your teen to live a private life, talk to them about it. Explain the dangers of social media, and don’t try to sidestep the issue, just be honest. Avoid trying to “trick” someone into privacy, because that leads to bad outcomes down the road.

Using GrapheneOS is your best bet for a private phone. If you want to maintain some control over the device, have your teen use a secondary profile and restrict which apps can be installed using the owner profile that only you have access to. This also adds the benefit of being able to restrict access to the device (if that’s your thing) just by restarting it, since the teen won’t be able to unlock it. I’m not here to tell you how to be a parent.

Social media I’m not sure if fediverse stuff is the right path especially for lemmy, since it’s just tech nerd stuff and politics which isn’t interesting really unless they go out of their way to find smaller communities.

I agree with this, and it’s currently a downside to less mainstream social media. It will always be tailored to a specific community until it grows or becomes mainstream. If you really want your teen to use only open source apps, Bluesky is a good open source option while still being mainstream.

My parents probably want tracking features so it’ll probably be Find My or a 3rd party app like life360

You can talk with them about alternatives, such as an Airtag or other similar devices, or having no tracking at all. One point you can bring up is that it’s quite easy to trick those tracking apps (turning off the device, turning off location, turning on Airplane Mode, using a mock location app, leaving the device at home, etc.) so they aren’t very useful. Again, I’m not here to tell you how to parent.

It’s just kinda hard trying to blend being a functional member of society and maintain your mental well being and privacy.

This is why privacy is a choice. It’s up to the person how private they want to be, but the most you can do is educate about privacy and raise some alternatives.

In general, it depends on how much control you want to have over the digital life of your teen. The more control you have, the less autonomy the teen has and the more likely it is that the teen will resent the practices you put in place. However, the less control you have, the higher the risk of bad things happening. It’s up to you which path to take. Something I learned is that you can never have total control, because people are crafty, but people are also very understanding and can adapt to their environment.

Hope this helps!

Even tho some privacy respecting search engines like brave and startpage too showing me captchas.

I’ve never had a captcha with DuckDuckGo, if you want to give that a try. Otherwise, metasearch engines like SearXNG act as a proxy between you and other search engines.

From my search i finded that adguard or any other dns servers establish dnsotls-ds.metric.gstatic.com this connection in order to check the status of the private dns enabled or not. To block this i have to use a no-google blocklist which leads to inconvinience.

Good to know. It’s up to you whether you want to trade privacy for convenience.

No gecko based android browsers provide option to change dns provider.

GrapheneOS’s browser Vanadium is a good option if you want to move away from Firefox-based browsers, but it’s not easy to install anywhere other than GrapheneOS. If you’re up to try, here’s how.

Brave is making too much background connections which is annoying.

Brave can be hardened to minimize most of those, but I agree it is annoying that there are still background connections.

Also it would be nice to know leaking my location to dnsotls-ds.metric.gstatic.com leads to any consequences. Or is it just a private dns current status checking url ?

Besides Google being able to see every time you ping the domain, there’s not much else going on. It’s unlikely that it’s leaking any private data, so it’s relatively harmless. It’s not ideal that it connects to it, but it doesn’t pose too large of a threat.

Even tho am using proton VPN (free) with private dns enabled

Do make sure Block connections without VPN is enabled. I know ProtonVPN had issues with leaks in the past, but it’s been resolved. I don’t know if it was only resolved for GrapheneOS devices, or ProtonVPN as a whole. You may look into Orbot if you’re willing to put up with the slow network speeds, to fully lock down any leaks from the VPN side.

dnsotls-ds.metric.gstatic.com this domain directly connects to my real isp and leaks my real location.

Where did you find this out? I’m assuming from your DNS provider, but which one do you use?

Am using private dns in order to block trackers in my bloated phone.

This is reasonable, but it won’t protect you if no DNS query is made in the first place (i.e. directly connecting to the IP address, rather than a domain name). In this case, however, it looks like it is creating a DNS query, but be careful because DNS based filtering isn’t magic. If you pay for ProtonVPN (or Mullvad VPN, which is a better VPN in my opinion) you can have greater control over what gets blocked.

Debloating is not an option for me as i lack a laptop and bootlocker is not unlocked, i tried many ways to debloat but all i can do is disable system apps

Thanks for the information, and that’s unfortunate. I’ve messed around debloating cheap Android phones, but you can barely scratch the surface from a user standpoint.

I don’t installed any proprietary apps even whatsapp or banking apps to never sent my data to them.

dnsotls-ds.metric.gstatic.com is a Google-owned domain, used for DNS over TLS. I don’t know much about it, as I don’t use a custom DNS provider, but check if your DNS provider is using Google’s DNS as a backend or a fallback. That may be where it’s coming from.

The issue is just system apps trackers. Am using ironfox with ublock and tor with noscript.

Check IronFox’s DNS settings, and set a custom DNS over TLS server, if you’d like.

Any way to prevent this vpn leak ?

Since you’re using a custom DNS, this likely isn’t a VPN leak, but more likely a DNS leak. If you want to simplify things, using your VPN’s DNS can help prevent misconfigured custom DNS solutions, so it reduces the risk of a leak. This will remove some of the filtering you have in place, though.

My threat model is to hide my traffic from isp as my isp is a spyware privacy invader.

It seems your threat model is hiding traffic from your ISP, minimizing telemetry, and using as much open source software as possible. If you prioritize only hiding traffic from your ISP, using your VPN’s DNS would achieve this, but there are known cases (especially on iOS) of the system bypassing the VPN and connecting directly anyways.

Best of luck!

Yes!

My list of open source software lists LibreTrack as an open source delivery tracking app for Android and Linux.

excellent writeup with some high quality referencing.

Thank you!

though i’m not sure it’s fair to say FF is insecure if we are by comparison inferring Chromium is secure?

The whole debate is a mess, so at some point you have to pick a camp of thinking and stick to it. I tried to clear this up before, but failed:

• https://lemmy.ml/post/21367269
• https://lemmy.ml/post/21887275

does this read like coreboot is proprietary? isn’t it GPL2? i might’ve misunderstood something.

Good question! I should have clarified. Libreboot removes proprietary drivers, firmware, and other code from coreboot in favor of their open source counterparts (where available). Some of that code is used to keep the system secure, even if it is proprietary, so Libreboot favors open source over security.

there is still an implicit arms race where privacy corroding features might be implemented at various layers vs the inevitably less resourced team trying to counter them.

is there some additional semi-blind ‘faith’ we’re also employing where we are probably assuming the corporate entity currently has little financial incentive in undermining the opensource base project because they can simply bolt on whatever nastiness they want downstream?

Most Google BS is simply not included in AOSP at all, and is instead added to their own proprietary Pixel OS (based on AOSP). For the invasive bits that are included, it’s easy enough for GrapheneOS to look over the incremental updates in Android and remove the bits that they don’t like.

and now I see that this person is flaunting the fact that they can ban people for whatever they consider “misrepresentation”?

Do check out this amusing post. The GrapheneOS team has a long history of being kind of a dick. It sucks, but there’s no alternative mobile OS as secure, so it’s currently a necessary evil. I even talk about the community in this post. They are seldom open minded, which is a trap many people who share their ideas fall into. I recognized this early on, so I choose to adopt their ideas but keep an open mind and open heart about other differing ideas (as best I can).

I was debating making a part 2 to this post, because one topic I wanted to talk about is Briar. Briar is a messaging app with the ability to work offline over Bluetooth. I don’t think it’s as secure as Signal or SimpleX Chat, but I recognize that there is a proper use case for it.

I once opened an issue on GrapheneOS’s issue tracker, asking for a way to install GrapheneOS offline from another GrapheneOS device. Tails and Briar both include that functionality. GrapheneOS completely deleted the issue (not just closed, but fully deleted) and (after an extreme amount of prying) I was able to find out that they removed it because they don’t want to endorse Briar in any way.

You can actually check how many issues GrapheneOS has deleted by adding up the number of open issues/PRs (currently 725) to the number of closed issues/PRs (currently 3,941) which currently adds to 4,666. Subtract that number from the number of the latest issue/PR (currently #5708) and you get 1,042 deleted issues (~18.26%).

That might sound like a lot, but I measured the percentage of deleted issues from other big repos, and it’s about standard.

I hope that the GrapheneOS community will recognize the dangers of centralizing all moderation power to somebody who seems so self-righteous.

Me too. I do think there is a place for strict perfectionism in the context of security, but there are better ways to go about it. Not everyone on the GrapheneOS team is as bad, thankfully. Most people in the GrapheneOS community are quite nice and welcoming.

That’s fair. I have nothing else to say. Thank you for this discussion!

The system you linked is a WiFi 5 system. That’s 10+ year old technology.

I feel old… First adopted in 2013

Outside of the US nobody uses SMS or the built in text apps.

Which is for the best, since SMS is insecure.

it’s just a weird thing to wrap my head around that Android would be the most secure option.

An easy way to imagine it is that all apps on Android have permission control. That’s only available on Linux through Flatpaks, but Flatpaks have issues of their own.

Another issue is that for what I’m doing I need to rent VPSes and there you’re already quite limited as to what you can run on them, probably Android wouldn’t be an option right?

Probably not, at least not yet. Android runs on a specific instruction set (ARM chips), so you’ll find it difficult finding a place that hosts those. It’s a growing standard, though. Even then, proper security on Android relies on GrapheneOS, which itself only runs on Pixel devices (for now).

And let’s say I want to deploy some apps there would this work on Android out of the box?

With the Linux terminal added to Android, technically yes. However, it’s still quite experimental, and you’ll need to do some specific configuration to get it working properly.

I know it’s Linux under the hood I’m just not really deep into the more advanced Linux stuff tbh.

No worries! Do check out this post where people share things they have hosted on Android. It’s mostly hosted from the Termux app, rather than the new terminal.

If you want to host a server securely and with at least some documentation, do try Qubes OS or securecore (made by secureblue).

Hello there!

It’s nice to see some constructive discussions going on, thank you for that!

First off, most recommendations for Debian are recommending it for use on the server.

Madaiden’s Insecurities admits that Linux is more secure when run on a server for various reasons, so I didn’t really focus on the server side of things. I’ll talk more about this in a bit. I do think Debian is better suited for a server rather than a desktop, but I see Debian recommended countless times for desktop use as well.

But for the server, after having used both Debian and Fedora CoreOS

Nice to see someone who has experienced both!

I trust Debian more in terms of security and stability. For example, last summer when there was a major OpenSSH vulnerability, Debian had already patched it, because the security researchers had notified the Debian maintainers prior to the announcement. CoreOS on the other hand, took multiple weeks to release the fix.

secureblue includes modified images of CoreOS called securecore. While this doesn’t fix the issue you described, it is worth mentioning as a (technically) more secure option than both Debian and CoreOS. Qubes OS can also be run as a server, and that’s what Let’s Encrypt uses for their servers.

I can’t speak in terms of stability, since the most I’ve done is a couple Docker containers on a Raspberry Pi.

As for the topic of F-Droid, you brought up the PrivSec article on F-droid security issues. This article is a few years old and is always brought up in criticisms against F-Droid.

This was actually my first time doing proper research on the F-Droid insecurity issues, so I went with the sources I thought were most credible. Privacy Guides also recommends against using F-Droid’s main client in some cases.

F-Droid has had issues with certificate pinning, and this whole thread has a lot of things against F-Droid.

It’s a deep rabbit hole that I don’t quite want to spend time digging through.

(I say as I set up my media center)

I’m getting flashbacks… If you feel like living on the dangerous side, don’t be afraid to bork all your security and chmod -R 777 /!

(This is a joke. Don’t actually run that)

I’m just curious what exactly makes the Fedora and secureblue distros more difficult to understand how far I am from running a secure distro.

Bleeding edge distros (especially Fedora Atomic distros and especially especially secureblue) tend to have less documentation and less people available to help. secureblue is currently so obscure that the best way to get help is by using their Discord or contacting the developers directly. This makes it difficult for users using Linux for the first time to fix basic issues that arise simply from never using Linux before.

As I mentioned in my post, Linux is fundamentally insecure. secureblue is almost as secure as Linux gets, but it’s only a couple steps away from desktop Android, so I would just opt for that if you can. Fedora and (especially) Fedora Atomic are bleeding edge, meaning they adopt newer, more secure software sooner, making them more modern, up to date, and secure than other distros.

I oversimplified things a bit here, so let me know if you have any other questions!

I will never by a portable device without a headphone jack

You can get 3.5 mm to USB-C adapters for relatively cheap, or buy direct USB-C wired headphones. GrapheneOS allows you to restrict the permissions of the USB-C port to your needs. Alternatively, just use wireless earbuds, if you don’t care about the security issues with Bluetooth. GrapheneOS also includes automatically disabling Bluetooth after a timeout when it’s not in use.

In my opinion, the security benefits of GrapheneOS far outweigh the need for a 3.5 mm headphone jack.

Instead I am currently trying out Sailfish OS on a Xperia 10 to use Linux

Linux phones are wildly insecure.

Thank you!

I saw your comment before you edited it, saying you hadn’t heard of Trivalent before. Trivalent is a browser developed by secureblue, and is the main browser for that OS. It was renamed a while back from hardened-chromium. It’s not easy to install on systems other than secureblue, but it is possible.

I bounced back to Mint a few times before. I didn’t like Cinnamon at the time, especially because you could accidentally end up making your system look like Windows 7, but Cinnamon had a redesign months back, so (even though I haven’t tried the redesign) I’m confident that Mint is a good suggestion for beginners.

Hey, thanks for this!

However I would like to say that you may have either oversimplified or misunderstood some concepts you talk about here.

Mostly oversimplification. However, I don’t know everything and do make mistakes like everyone else.

Debian is indeed less secure than a stable release Linux distribution based on sane defaults, however they do backport security issues into their older kernel which is how older kernels are maintained. So while yes, they may still use kernel 6.1, they also may have backported 6.12 vulnerability fixes.

I acknowledged this in this comment.

Groups being at odds is not all good and neither is it all bad.

This is true, but there needs to be more constructive discourse rather than directly attacking different viewpoints. People who say they use Brave on Lemmy often get lynched pretty quickly, for example.

For a beginner distro, definitely don’t use secureblue. While it is user friendly to use, it’s pretty difficult to install properly and requires a bit of knowledge about Linux to do so.

The ideal roadmap I would give to people trying out Linux for the first time would be this:

If you use MacOS: Buy a new laptop and install Ubuntu

If you use Windows 11: Install Kubuntu. Get used to using Linux using that, and, when you’re ready, transition to Ubuntu

If you use Windows 10: Install Linux Mint. Get used to using Linux using that, and, when you’re ready, install Kubuntu. Get used to using that, then, when you’re ready again, transition to Ubuntu.

After you’ve gotten used to Ubuntu and feel ready, install Fedora Workstation.

Once you are used to a Fedora-based distro, you can try out Fedora Silverblue.

After learning Fedora Atomic, you can rebase to secureblue without issue.

(Windows 10 -> ) Linux Mint -> (Windows 11 -> ) Kubuntu -> (MacOS -> ) Ubuntu -> Fedora Workstation -> Fedora Silverblue -> secureblue

It should give you a well rounded knowledge of Linux and an easy, slow transition to more secure distros. Really the important thing when starting with Linux is using a desktop environment that is most familiar to what you already are used to. Desktop environments are the “looks” of Linux.

• Linux Mint uses Cinnamon as a desktop environment, which looks most similar to Windows 10
• Kubuntu uses KDE Plasma as a desktop environment, which looks most similar to Windows 11
• Ubuntu and all the rest use GNOME as a desktop environment, which looks most similar to MacOS

Each transition in the roadmap teaches you something new about Linux to get used to.

Good luck!

Honestly I’m just not sure about Debian being insecure take

Besides Linux being fundamentally insecure (as I mentioned early on in my post), Debian focuses on stability by providing a set of software that is thoroughly tested but does not change for years. While they do provide security fixes for a lot of software, the reality is that using outdated software in any capacity is a security risk of its own, and is bound to provide bugs that harm stability. Comparing Debian to bleeding-edge distros like Fedora, which focuses on security, it’s clear the differences in security between them.