overview for SecurityPro

FOSS alternative to google forms? in c/foss@beehaw.org

[–] SecurityPro@lemmy.ml 4 points 2 months ago (1 children)

One of the most useful features of Google Forms is automatically transferring the form input to a spreadsheet. Any of FOSS alternatives have that ability?

Problem with new Tailscale install to bypass ISP CGNAT in c/tailscale@programming.dev

[–] SecurityPro@lemmy.ml 1 points 3 months ago (1 children)

I did some more testing and I can access my Nginx Proxy Manager from outside my network. The issue appears to be accessing the self-hosted applications on my home server, mainly Jellyfin. I still think the issue is the IP conflict with Tailscale. NPM is fairly easy to configure and is setup correctly with my domain name.

5

Problem with new Tailscale install to bypass ISP CGNAT (lemmy.ml)

submitted 3 months ago by SecurityPro@lemmy.ml to c/tailscale@programming.dev

3 comments fedilink

I have a cloud VPS running Ubuntu with Tailscale installed directly. I also have Tailscale installed on my home server.

I'm trying to access my self-hosted applications from outside my home network which I did easily until I switched to fiber internet that uses CGNAT.

Tailscale is working locally but not outside my home network. A suggestion was to disable IP v4 on Tailscale since it conflicts with the CGNAT IP my ISP is using. However when I add the "disableIPv4": true to the config file in the access control area of Tailscale, I keep getting various errors.

Any help would be appreciated.

Seeking consumer privacy focused paypal alternative in the US, prefer FOSS if possible. Any suggestions? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 9 points 4 months ago* (last edited 4 months ago) (1 children)

Best option I can think of is privacy.com

You can create virtual cards linked to your bank account and the transaction data is masked when processed by you bank. All my bank transactions show up as NSA Gift Shop. My bank doesn't know where I'm spending my money. Yes you have to trust privacy.com...

Hybrid watch for notifications in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 3 points 5 months ago

Similar question: Android smart watches only connect to one phone. I like receiving silent notifications on my watch from my android phone. However I also have an Apple phone for work and would like a ring or some other small wearable (not a second watch) to receive notifications from my Apple phone.

Ring doorbell alternatives (only camera or plus mic and speakers) + Small Size? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 3 points 5 months ago (3 children)

I use Eufy doorbells, locks, and cameras. I realize they are a Chinese company, but that is almost unavoidable until the US gets back to actually manufacturing tech.

The reason I like Eufy is the local storage and no required subscription fees.

Permission Slip by Consumer Reports in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 8 points 5 months ago (1 children)

First quick check of the app with classysharkExodus shows the following trackers built in:

Google AdMob - "AdMob makes earning revenue easy with in-app ads, actionable insights, and powerful, easy-to-use tools that grow your app business"
Google Firebase Analytics - This logs user language preference and user location

14

Permission Slip by Consumer Reports (lemmy.ml)

submitted 5 months ago by SecurityPro@lemmy.ml to c/privacy@lemmy.ml

4 comments fedilink

The October issue of Consumer Reports has a full page ad for their app called "Permission Slip". The tagline reads "Companirs collect and sell you personal data. Our easy to use app helps you take back control."

Anyone have any experience with this? I haven't heard of it before but plan to install and do some testing.

know this company? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 4 points 7 months ago (1 children)

https://x.com/GrapheneOS/status/1816643376109785217?t=6wum48jUmowGjsawMuwmcg&s=19

know this company? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 1 points 7 months ago (1 children)

https://x.com/GrapheneOS/status/1816643780378001697?t=98k0IGu5OM0prBMAnOFbLQ&s=19

know this company? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 5 points 7 months ago

I think Graphene OS was commenting about them on Twitter. I'll see if I can find the posts.

Privacy on Cars. How to stop data collection and transmission? in c/privacy@lemmy.ml

[–] SecurityPro@lemmy.ml 62 points 7 months ago (4 children)

We need an online guide, based on make and model, on how to disable the transmission of this data.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/degoogle@lemmy.ml

[–] SecurityPro@lemmy.ml 3 points 8 months ago (1 children)

Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.

Probably a stupid question, but what can I do to 'degoogle' a Google Pixel 8? in c/degoogle@lemmy.ml

[–] SecurityPro@lemmy.ml 5 points 8 months ago (3 children)

Not in the US. A phone "purchased" on contract is carrier locked and you can't unlock the bootloader, which needs to be done in order to install a different OS.

2

Hulu ad blocking (lemmy.ml)

submitted 1 year ago by SecurityPro@lemmy.ml to c/pihole@sh.itjust.works

0 comments fedilink

I've had some luck blocking ads on Hulu but it seems to be an ever evolving situation. Is anyone having decent success blocking Hulu ads with pi-hole? What domains do you block and which ones are required?

8

Why isn't there any white laser markings ink/powder/paste/spray? (lemmy.ml)

submitted 1 year ago by SecurityPro@lemmy.ml to c/lasercutting@lemm.ee

3 comments fedilink

I recently purchased my first laser. I'm interested in adding color to my engravings. Specifically I want white text engraved on black metal. However I've searched online and can't find any white marking materials.

221

The Irish government wants to pass a law that could see you or your loved ones jailed for possession of memes, cartoons or any content that could be deemed "hateful". (lemmy.ml)

submitted 1 year ago by SecurityPro@lemmy.ml to c/privacy@lemmy.ml

53 comments fedilink

The Bill includes no definition of hate and is wide open to abuse by bad actors. Defend free speech – say no to this legislation, and any legislation of is kind... Anywhere!

https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09[https://x.com/FreeSpeechIre/status/1746854766032846910?t=g8nSn9maY3dX0v76oHa9Cg&s=09](url)

26

Xbox wireless controller pairs but will not connect. (SOLVED) (lemmy.ml)

submitted 1 year ago* (last edited 1 year ago) by SecurityPro@lemmy.ml to c/steamdeck@sopuli.xyz

13 comments fedilink

I purchased a brand new Xbox wireless controller. It paired with my steam deck easily but it will not connect and the "X" button on the controller keeps flashing. I've hit every button on the controller and can't get it to actually connect. I've also rebooted the steam deck.

Any help would be appreciated...

12

Protections gained using GrapheneOS (lemmy.ml)

submitted 2 years ago by SecurityPro@lemmy.ml to c/degoogle@lemmy.ml

0 comments fedilink

Quoted from GrapheneOS:

Cellebrite and others in their industry use logical extraction to refer to extracting data from a device after unlocking it, enabling developer options (requires PIN/password), enabling ADB and permitting access for the ADB key of the attached device. See https://cellebrite.com/en/glossary/logical-extraction-mobile-forensics/ The baseline doesn't involve exploitation. The next step up is exploitation via ADB to obtain more data than ADB makes available.

Obtaining data from a locked device requires an exploit. If it was unlocked since boot, the OS can access most data of the currently logged in users.

GrapheneOS includes our auto-reboot feature to automatically get data back at rest so that it's not obtainable even if the device is exploited. Can set this to a much lower value than the default 72 hours. 12 hours won't cause inconveniences for most users, but you can go lower.

User profiles that are not currently active have their data at rest. GrapheneOS provides the option to put secondary users back at rest via end session for convenience. Sensitive global system data is stored by the Owner user, which is why you can't log into another user first.

GrapheneOS also provides the option to disable keeping a secondary user active in the background, to force ending the session when switching away from it.

We provide substantial exploit protection features (https://grapheneos.org/features#exploit-protection), and we're working on some major improvements.

For user profiles that are not currently logged in, their data is protected by encryption even if the device is exploited. An attacker needs to brute force the password. If you use a strong random passphrase, they cannot do it. Otherwise, you depend on hardware-based security.

Most Android devices don't have decent hardware-based encryption security. If a typical Android device has the OS exploited, the attacker can trivially bypass any typical PIN/passphrase via brute force. We only support devices defending against this (https://grapheneos.org/faq#encryption).

iPhones, Pixels and certain other Android devices provide hardware-based throttling of unlock attempts via a secure element. We explain how this works at https://grapheneos.org/faq#encryption. This protection depends on security of the secure element, which is quite good for Pixel 6 and later.