• 0 Posts
  • 27 Comments
Joined 9 months ago
cake
Cake day: February 3rd, 2024

help-circle
  • Basically every bank blocks Tor and many even block VPNs. Also, Tor Browser is not particularly secure. It’s been designed for fingerprinting resistance and network anonymity through the Tor network. The Tor Browser is based on Firefox, which lacks many important security features like site isolation, Control Flow Integrity or any meaningful sandboxing. I absolutely hate Google and their monopolistic business practices, but Chromium is by far the most secure browser. Especially when it’s running on a secure mobile operating system. GrapheneOS goes even further than Android and deploys a hardened memory allocator (which was actually ported from OpenBSD), which significantly reduces the risk for memory coruption. On the newest generation of mobile SOCs (ARMv9), GrapheneOS enables memory tagging by default. Again, find me a desktop platform with MTE. This once again proves my point that mobile devices are simply more secure. Every single piece of hardware and software in your phone has been built with a strong focus of security.

    Or, better, use monero.

    I absolutely agree on this one. Look at the Lemmy instance I’m on. I’m a big fan of Monero, but unfortunately there aren’t many places that accept XMR.



  • I’m talking about the security model of the platform, not the way you use your devices. If you do your online banking in a browser on your computer and your system gets infected with malware, that malware can access all the files on your computer. Including application data of your browser. It can access your cookies, which your bank’s website uses to store your login information. Such an attack is impossible on a mobile device, since apps can only access their own data, and inter-process communication is heavily restricted. Additionally, mobile operating systems like Android have complex permission systems, as well as kernel-based mandatory access control like SELinux/SE for Android. Your typical desktop OS has none of that. Android also has a strong implementation of Verified Boot, which makes sure that malware can’t persist on your system partition, even after your device gets infected. I recommend this video if you want to learn more about mobile device security: https://youtu.be/yTeAFoQnQPo













  • EpicVision@monero.towntoSelfhosted@lemmy.worldCloud Hosted VMs
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    9 months ago

    As far as I can see on their website, they don’t mention end to end encryption or zero-knowledge encryption. If that is true, it means that they are able to read all your emails (and so can the government if they order them to reveal the data). They sometimes use some pretty confusing marketing slag in general. It’s misleading because they advertise things like in-transit TLS encryption, which is standard nowadays. Even Gmail, Outlook, iCloud, Yahoo and other mainstream email providers have this by default. This is nothing special and they hope that people think it means the same as E2EE. If you care about data ownership, you should also care about (end-to-end) encryption. Only when you are the only key holder, you can be sure that no one can access your private stuff.





  • EpicVision@monero.towntoSelfhosted@lemmy.worldCloud Hosted VMs
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    2
    ·
    9 months ago

    I wouldn’t actually selfhost email, it’s not particularly easy and there are many issues you will probably encounter. I recommend ProtonMail, it’s $3.50/month if you only need email and for $8/month you also get calendar, cloud storage, a password manager and a great VPN. Also, they are very focused on privacy and encryption and their apps are open source. Alternatively you can go with IVPN or Mullvad, both are great. Digitalocean has been fine in my experience, have you had any issues with it?