Encrypt all the things!

My mobile setup:

• Rooted phone (but not using a closed source / one-click rooting tool, as they all include spyware) & open source ROM
  
• No google apps.
  -- This is a huge compromise, and many things don't work without the Google framework. MicroG makes some things workable, and Yalp is useful for installing Play store apps, but over time, fewer and fewer apps will work without Play services.
  
• I use f-Droid predominantly for apps
  
• AFwall (a per app firewall that uses IPTables) takes care of most privacy concerns. If they can't send data anywhere, it doesn't matter that they are collecting it.
  
• Titanium backup gets rid of all the bloatware & unneeded services (or I could just do this manually via the command line)
  
• LBE security manages permissions. I should switch to xprivacy, but I'm lazy. NB - LBE dials home, so keep it behind a firewall! No apps get access to anythihgm, unless they strictly need it and I explicitly want them to have that permission.
  
• Browsing is Fennec, with ublock origin, Noscript, Cookie autodelete, decentraleyes, httpseverwhere, toggle referrer, user-agent switcher & manager (and facebook container on desktop)
  
• Facebook is via Tinfoil for Facebook
  
• ssh tunnel & proxydroid
  
• Find alternatives. They're around.
  
  

Being non-Google, I host a lot of things myself - calendar, email, cloud storage etc... on a few VPS servers.
All of my own cloud stuff using Owncloud & an AWS-like S3 solution (storage on the S3 box is all encrypted and served via my own VPS)

GoogleFit

What is the least dodgy smart weight + app combo? I'm keen to do some tracking of my non-cycling efforts, including getting one of them smart scales to help track my podge, but concerns over privacy is holding me back.

Garmin appears to keep everything within the Garmin walled garden, and not share it with everyone else in the room (unless you ask them too).

Truly private means hosting it yourself. Or just storing it locally.

Otherwise, you need to pick one provide and trust that they won't sell you out.

Or sell themselves, and your data.

I wish I understood all this / Could implement this...same goes for boss man's advice.

Garmin appears to keep everything within the Garmin walled garden, and not share it with everyone else in the room (unless you ask them too).

So far this is my conclusion too.

Their strategy has led them to create their own universe, and so long as they don't get into the business of selling this data to insurers, etc... they've gone and created the most private health / activity monitoring app.

It's possible to configure Garmin to share nothing publicly but still to use their cloud.

It's also possible to configure Garmin to save local activity files and not even upload it to their cloud (but this does render their app useless too).

Ta.
Seems Garmin has got their own smart weight model. Doesn't get great reviews though...

Hmm, Revk from Arnold and Andrews was doing some work with smart scales...

https://www.revk.uk/2019/04/upgrading-my-marsden-m-125-scales-to.html
then
https://www.revk.uk/2019/04/upgrading-scales-to-wifi-and-rfid.html
then
https://www.revk.uk/2019/05/tipping-scales.html

Separate email addresses means that you can keep track of who's been sharing your email and spamming and block them

@aggi how do you do that in practice? Hypothetically if I have 3 email accounts I use to mix up purchases and accounts, how do I track who has shared my email? If I had one email per account/ purchase (infeasible) - I guess I could see it

I wish I understood all this / Could implement this...same goes for boss man's advice.

@ChainBreaker this. Journey of 1000 miles and all that though...

if one of them is a gmail address you can use the + to do this

so test+company@gmail.com would go to the test@gmail.com inbox, and you can then filter on it.

don't know about other places though.

Some websites object to the presence of the "+" in the email address. Some even worse websites allow you to sign up with such an email address, but won't let you actually log on with it...

Personally I have my own domain so it doesn't matter what's before the @ if it's sent to that domain I get it (unless I've blocked it).

E.g. for lfgss you could use lfgss@mydomain.co.uk BBC you'd use bbc@mydomain.co.uk and so on.

I use gandi.net which is something like 10 or 20 euros a year.

E.g. for lfgss you could use lfgss@mydomain.co.uk BBC you'd use bbc@mydomain.co.uk and so on.

That's really annoying for other people if you're on mailing lists or Usenet, for what it's worth; the default behaviour for the web archives and for many mail/news clients is to show LFGSS or BBC as your name, unless you make sure your real name is appended. Problem 1: if LFGSS or BBC is the subject of the discussion forum, it looks as if you're claiming expertise or authority for something you don't own. Problem 2: you won't be the only person doing it. And since almost all the people doing this are unclueful, you can find yourself tarred with their stupidity (as well as drawing some heat for what is, in those contexts, a really annoying practice).

How does one get around this?
Numbered? Jo.blogs1?

I can see how that could be an issue that I hadn't thought of. I haven't posted to Usenet for about twenty years though so not an issue for me fortunately.

@aggi cheers - makes sense

if you're on mailing lists or Usenet

There's only 6 people on usenet or using mailing lists any more, so it's not as if you wouldn't know their first names anyway.

If the system lets you register a proper name, do that. If it just takes an email address, it may accept or or both of these ways of attaching a proper name:

Chain Breaker <lfgss@chainbreaker.com>
(Chain Breaker) lfgss@chainbreaker.com

@TW

There's only 6 people on usenet or using mailing lists any more, so it's not as if you wouldn't know their first names anyway.

You'd be surprised. Usenet was effectively absorbed into Google Groups, so the total number of users has risen significantly, even if only a minority access them via Usenet clients.

@Velocio how much do you really trust plex not to send stuff to them on what you viewing etc... ? I still use kodi as it's toally isolated, but man the lack of SQL DB drives me nuts (and lord forbid you change your media mount points, or have multiple head ends... etc...)

I like the idea of a plex server, with plex front ends but I really don't want stuff leaving my network (even "anon" metadata or whatever)

You can configure Plex to be entirely local, but the value of it is much diminished and I'm not using it for mass piracy as I spent years (over 3) ripping all my CDs and I'm still going on the DVDs.

fair... I mostly watch stuff from netflix/amazon which I have paid for, I just find the single view of kodi easier to deal with than the two apps (that randomly crash and do weird shit)

also, I've noticed more and more stuff using hard coded DNS via HTTPS (looking at you google devices) which is a fucking nightmare for security

Google Groups

I'm fully expecting google to shut down google groups in the next few years.

The only reason they haven't done it already is that they seem to have forgotten they exist.

It's Deja News deja vu...

queue for Cloudflare's Warp.

How's everyone getting on?

still around 400k

i think it once went down a few numbers but basically nothing's happening

#256335
When I had my issue,iit was the sage it actually dropped for me. No movement since.

Though I'm trying to change every dns to 1111 I can.