Wait for them to be audited. Trusting a company just because they say the right thing is silly.

I know people are up in arms about Andy Yens silly comments, which is fair but, Proton is a proven service.

If your looking for an alternative go for another proven service such as Tuta or Mailbox.org

I don’t know your specific circumstance but I highly doubt you only have one option for a bank or credit union or other financial institution. Time to adult some shit and do your research. Complaining on Lemmy will only get you so far.

I think there are a few things to clear up…

a VPN and an ISP are two different types of services. VPNs are not an internet service provider. They are held to two different standards.

Good VPNs don’t log your information. Depending on what country they are based in they are obligated to hand over information if they have it but since they keep no logs there is nothing to hand over. Even if a court wanted to force a VPN to cut off service to a user there would be no way to know who that user is.

VPNs are beholden to the laws of the country they are based in, not the laws of their users. Its very hard for a US court to force a Swiss based VPN to do anything. That’s why it’s important to have a VPN that’s based in a privacy friendly country. Sure a US court could sieze their server if one is located there but if there are no logs, it doesn’t provide much.

I think there is this misconception that your VPN provider will break the law for you. Its not the case. Your VPN is going to hand over any info it’s legally obligated to if it has that info

Threat modelling would be good here. You can spend a bunch of money on crap they don’t need.

Broadly speaking…

a heavy built-in / fire resistant, safe is a great thing to have.

As much wired internet throughout the house as possible along with a decent firewall solution.

So you actually inspect the source code of everything you use?

This whole line of reasoning really only works if you have the expertise to understand the code in the first place. Otherwise you are just shifting trust from what the company tells you to what a third party looking at the source tells you. Sometimes that works but its in no way fool proof.

There is open source malware. FOSS /= trustworthy the same as closed source /= not trustworthy.

If you don’t trust Apple that fine. Some people won’t ever use a Pixel because they don’t trust Google. It doesn’t change the fact that Google currently makes the most secure, hardware wise, consumer smart phone. The point being this shift in trust is more of a personal choice then a good privacy or security practice. Just as using something like e/os or lineage over iOS is.

I didn’t like my tone in my last response so I apologize.

Something being propriety isn’t evidence of anything nefarious nor is something being from a large company. That’s not evidence at all.

I’m not trusting Apples word, the privacy feature examples I’ve mentioned are proven working methods. Unless you have some source showing that RCS or their private relay don’t work in someway.

deleted by creator

Not necessarily, there are tons of things that are very secure but not at all private.

But… having a massive attack surface and known security issues and thinking your data is somehow private because you use a FOSS application is silly.

EDIT to answer your edit: partly. I mean regular timely security updates seems to be a struggle for most of these android OS but also because it provides a bunch of privacy by default options that these other android ROMs don’t such as a private relay, default RCS messaging, and makes them easy for users.

I know a lot of people like the LTSC version but just a warning, they are slightly different then the regular home and professional versions in terms of policy settings.

This can make it more difficult to use things such as https://github.com/HotCakeX/Harden-Windows-Security

If you are someone interested in trying to harden your windows device but are not familiar enough to change all these policy settings yourself.

I’m not saying its easy or convenient but users here love to complain about issues while being complicit. I just find that annoying.

My main bank is sunsetting allowing users to have a hardware token (they only offer it to users without a smart phone now) and is forcing users to either use a proprietary token app or SMS. Did I just accept that? No. I made my voice heard and got an exception made and now I use a hardware token as my 2FA.

People need to realize, privacy requires some personal responsibility. Complaining on Lemmy isn’t enough.

Relax homie don’t pop a blood vessel. I know it can be frustrating to realize you have to take some personal responsibility for your privacy.

You don’t have to use a bank at all, you opt for a credit union or a host of other options.

The irony in you invoking the dunning-kruger effect when all you have probably done is read the wiki page gave me a chuckle.

A bank is a choice. You can always choose a different bank.

Obviously it doesnt bother you that much if your willing to stick with that bank.

Doubt.

Regardless, don’t use shitty banks. Being a customer of then just tells them your OK with it.

RealDebrid

I do. I think its a bit overblown as none of these operating systems are completely degoogled.

I think its much better to focus on things like not having apps with privileged access this includes, a lot of peoples go to play services replacement, MicroG.

Good call deleting that trash comment.

Don’t use those banks. Why are you staying with a bank that has terrible security practices?

Next your going to tell me you pay ATM fees as well.

EDIT: lol what’s with the down votes? If you don’t like your banks practice, don’t use that bank. Being complicit and allowing banks with shitty practices to be your bank only makes it easier for them to not change.

Folks, it being hard to get people to switch from SMS to a more secure messaging platform is not a critique of the video.

Everyone knows its hard, its why videos like this that explain the benefits in simple terms is a useful tool.

Personally I think if you look at what privacy features CalyxOS actually offers or read reviews from someone like kuketz you realize its pretty lacking in both privacy and security.

What Calyx does offer is a decently degoogled experience for people who don’t have the budget, access, or want for a Pixel with GOS.

I understand your issues with Apple, that’s fair. OTOH I think their offerings, such as private relay, RCS messaging by default, properly implemented sandboxing are objectively better privacy features then what most android operating systems can offer. They also are much more reliable in terms of security updates.

I also have had issues with Calyx using pretty obvious lies to market themselves such as saying the OS can’t be tampered without your knowledge. Not that Apple doesn’t have its fair share of blemishes.

Run it locally then