Rhonda Sandtits

Activate the private space and move sandboxed google play and any non-foss apps there. You can use separate user profiles to do this, but in practical use, the private space works much more smoothly. The “private space” is a fairly recent addition to GrapheneOS which is why most advice recommends to use multiple user profiles, but take it from me, the private space is much easier to use.

Only use free, open-source apps in the main profile. Installing F-droid to handle your apps works well here.

Alternatively you can install Obtainium to manage your apps. Obtainium can install apps from f-droid or if you are adventurous you can use obtainium to install and update apps from their github repos - but this can be a lot of effort.

For gps navigation Install OsmAnd and familiarize yourself with it and learn how to get it setup to your liking. OsmAnd can be tough at first so get used to it’s limitations. You MUST get in the habit of planning your route before you leave to minimize any problems or surprises.

Go to Signal’s website and find the app download link there, determine the download URL of the .apk file and paste that address into Obtainium as a source address so Obtainium can handle the installation and updates of Signal… Even though it is open source, signal isn’t on the f-droid repo so the only clean way of getting it is from their website. It can be installed from the play store but if you do that, it is possible for the feds to force google to push a compromised update to your phone in-particular.

Remove the sim card and leave it locked away in a drawer at home. There are plenty of places around town where free WiFi is available and very few people are too important to wait for you to return their message. Use a VPN (mullvad) with other peoples WiFi, though. In the Mullvad app’s split tunnelling settings, select show system apps, scroll down to “Captive Portal Login” and exclude it from the VPN connection - without doing this you won’t be able to hit the “I agree to the terms of use” prompt free WiFi connections present to users before allowing internet to connect.

Find a cheap VoIP/SIP provider. Install Linphone as your SIP client so you can make phone calls while out-and-about on free WiFi if the need ever presents itself.

That number is about right assuming you have disk encryption enabled as the CPU will keep a decent chunk of ram occupied to handle decryption.

Go to whatever service/exchange is easiest for you to buy a common crypto that has low fees (either Litecoin or Doge) and use https://changenow.io/ to swap to monero and send to your own wallet.

Use Guiwallet on desktop or for mobile you can use either cake wallet or monerujo wallet to hodl your monero.

Just transfer $20 into monero every couple of months and use it to buy time on mullvad as you need

Con Air

It is absolutely not well written but I just love how the film and all the actors are completely aware of how dumb the entire thing is.

Oh, and casting Chief Engineer Miles O’Brien as the jerk that everyone hates is the icing on this guilty-pleasure cake.

Wow, that’s crazy. Could really get creative with your config using that!

If it was Windows, it would simply be a matter of configuring the Split-tunneling options in the mullvad app and it would work the way you want, but on to use the split tunneling feature in mullvad on linux is a bit clunky and doesn’t remember your settings so it annoyingly needs you to manually whitelist each app everytime you load it up.

What I do is I run mullvad in a gluetun docker container on my nas and have the environment variable “HTTPPROXY=on” set.

Then, I connect apps on my desktop computer to gluetun by going into the network settings of whatever app I want to route through mullvad and set the proxy settings to “HTTP proxy” <nas ip>:8888. I use these proxy settings for things like FreeTube and one of the web browsers i have installed that I want to use only with a vpn.

This will work if you set the http proxy setting in qbit, but if you are going to the trouble of setting up docker, you may as well have qbit running in a docker container too.

Maybe the best option for you is to install docker (even if you don’t have a server or nas, you can run it on your desktop), and run gluetun and qbit in docker containers, this will auto start on boot running headless in the background and the vpn wont interfere with the rest on you computer.

There are 2 methods:

First method is to open preferences in qbit, under Advanced > Network interface, select “wg0-mullvad” from the drop-down menu. The interface might be named something different for you, but it should stand out as pretty obvious which one to select.

Other method is in qbit > Preferences > Connection, under “Proxy Server” select “SOCKS5” from the drop-down, input 10.64.0.1 as the host and 1080 as the port.

You could even do both these options at the same time if you like, there is absolutely no downside. It’s like wearing 2 condoms except it feels the same as wearing nothing at all.