Encrypt all the things!

I'm pretty sure I have no idea if we are arguing or agreeing.

I'm right, though, whichever we're doing.

Nope. Hippy's always right. I read it on the internet.

NotThamesWater?

Coming to a Microsoft Windows pc near you

https://news.itsfoss.com/microsoft-windows-creepy-ai-move/

Who was asking me about Nord VPN recently?

SDP free four months
https://nordvpn.com/socialdistance

I installed graphene os yesterday after seeing velocios recommendation. Very straightforward to do. I'm now wondering whether better to put play store and all associated apps in a separate user profile or just keep them in the main/ only profile. Hard to figure out what is gained lost by either? If anyone could advise I'd appreciate it.

Good question, I'd like to know too. I tried island but yeah... Can't get it to work

I've actually deleted play store now and use aurora instead. So , same question for WhatsApp. Separate user profile or in the main/ only profile? I know you can use storage scopes to limit its reach but beyond that nor sure.

Keep it in the same profile... it's not much of a benefit TBH.

I run GrapheneOS, but still use Play Store and the biggest benefit is that it's all sandboxed from each other, and the deep surveillance just isn't working... there's virtually no real use experience difference, a few things don't work (such as Google Assistant and the AI stuff) but that's a positive for me.

The only other thing that I occasionally use is that some apps I disable network for. This isn't possible on the default Google Android OS, but it's great... i.e. I have a Sudoku game app, and game apps are awful for adverts and intrusiveness, but hah this one has no network connection granted to it and it works great.

I use ChatGPT for information about everything rather than any search engine (unless specifically shopping). while I asked ChatGPT how strictly encrypted it is regarding my search input. I mainly do this becuase there are no ads, and I assume the bias of any particular website is negated.

ChatGPT

When you interact with ChatGPT, your search terms and communications
are subject to multiple layers of protection to ensure privacy and
security. Here’s a breakdown of the extent to which your search terms
are encrypted and protected:

Transport Layer Security (TLS): Your data is encrypted during transmission between your device and OpenAI’s servers. This encryption
ensures that any data exchanged over the internet is secure and cannot
be easily intercepted by third parties.

Data Storage Security: Once your data reaches OpenAI’s servers, it is stored in compliance with security best practices. This includes
encryption at rest, which protects your data from unauthorized access.

Access Control: Access to your data within OpenAI is restricted to authorized personnel only. This ensures that only individuals with the
necessary permissions can access your information.

Data Anonymization: OpenAI employs techniques to anonymize data to protect user privacy further. This means that even if data is
accessed, it is not easily traceable back to an individual user.

Regulatory Compliance: OpenAI adheres to relevant data protection regulations and standards, such as the General Data Protection
Regulation (GDPR) for European users and the California Consumer
Privacy Act (CCPA) for users in California. This ensures a high
standard of data privacy and security.

Internal Policies and Procedures: OpenAI implements strict internal policies and procedures to maintain data security. This
includes regular security audits, employee training, and incident
response protocols.

Overall, your search terms with ChatGPT are encrypted both during
transmission and while stored, with multiple layers of security
measures in place to protect your data. However, it is always good to
be aware that no system can be 100% secure, and it is essential to
avoid sharing sensitive personal information unnecessarily.

Is there a way to automate a phone to switch on/ off its vpn when off/on the router network (with its own vpn)?

Depends on your vpn provider but in Nord there is thing in settings called trusted networks where it doesn’t use vpn when connected to that network.

Private Internet Access has a similar setting to the above in the app.

And, like most things, if you're on Android you'll likely be able to do it with Tasker.

Thank you guys! ExpressVPN does as well. Didn't think to actually check the service /app.

https://www.engadget.com/twilio-hack-leaves-authy-users-exposed-to-text-messaging-scams-165156650.html

(new to VPNs - set up nord recently - so naive question) do I not need to use the VPN as standard on my home network? I guess same Q when using mobile data?
Cheers

I guess it depends on whether your router is running a vpn for your home or not. You either have it per device (common practice) or have your mobile devices switch it on when you leave the safety of your home network.

You don't "need" to. I do for the most part but then provide exceptions where there's issues

Anyone else had Bitwarden just not save changes to creds? Fucking piece of shit

I find it is very sensistive to having to click save or else stuff just disappears or doesn't update. Click onto another window for a second and everything is gone.

The session is still active and I sure as shit didn't click CANCEL so how does it just blast all my notes and new passwords in a dialog box is beyond me. Where's the "do you want to save these changes?" shit?

Also, why does it NEVER fucking save my session timeout setting? I've changed it from 15mins to all other variations and saved it fucking 20x since using it and none of the browsers will actually respect it.

Yeah, you get what you pay for but it should be better. Very tempted to fuck off to 1Password instead.

Try KeePass? Also free (and open source), absolutely doesn't have a problem with changes disappearing.

That's just an app isn't it? I need cloud-based

Yep, it's a bit shit that something where you're inputting one off info is so eager to close stuff without saving.

There's decent ports for android and iOS, and you can just store the database in your cloud service of choice. KeePass2Android has native support for Onedrive/Google drive/Dropbox.

Seems clunky, but then again, so is ShitWarden not saving my fucking creds.

I'll probably stick with it, because I share creds with my partner. But I'll be a bit more paranoid about its behaviour (hello, sticky note passwords)