• Activity
  • Votes
  • Comments
  • New
  • All activity
  • Showing only topics in ~tech with the tag "security". Back to normal view / Search all groups
    1. How long can I go with an obsolete phone?

      Right now, I have a Samsung Galaxy A12 phone, which has done everything I need for quite some time. It was bottom of the barrel in the Samsung lineup, and it quit receiving updates of any kind...

      Right now, I have a Samsung Galaxy A12 phone, which has done everything I need for quite some time. It was bottom of the barrel in the Samsung lineup, and it quit receiving updates of any kind back in November of 2024. For a cheap phone, I've been pleased with it.

      My use case is unusual. I rarely use my phone to go online, but on occasion, I am forced to do so. Most of the time I use it to make calls, or send and receive texts. SMS is fine for me. I don't play games on it, though I do use the camera now and again.

      One slightly unusual task is tethering. When my internet goes down on my computers at home, the mobile network is often still available, so I tether my desktop to the phone connection. Visible will slow the connection speed tremendously, so I use an app that disguises the tether connection, and I get full speeds. So I need this app to work when the main internet connection goes wonky.

      One year and eight months without security updates makes me a little more cautious about using the phone for anything online. I don't use it for bank accounts or credit cards, no instant payments of any kind, and there are no passwords saved within it. Even if I still got updates, I wouldn't use it for any type of financial transactions. I don't even check email with it.

      In reality, a dumb phone would probably work for me, but Visible is notoriously picky about Android phones they will accept. And I don't use Apple for anything. No plans to change that.

      I have been more and more interested in ditching Google software. I was recently forced to switch to Google Messages, since Samsung is turning their messaging app out to pasture. A Pixel 10a with GrapheneOS is something I'm considering. Visible will accept any modern Pixel phone, so they aren't a problem.

      The question is, is any change necessary with how little I use the phone online? Perhaps I should just wait till the battery dies, but that doesn't help me in my efforts to de-Googlize.

      26 votes
    2. Thoughts on graphene OS?

      I got a pixel 9a recently and am debating whether to install graphene OS on it. My main motivations are wanting to avoid AI bloat, potentially improve battery, and reduce tracking. Though, I'd...

      I got a pixel 9a recently and am debating whether to install graphene OS on it. My main motivations are wanting to avoid AI bloat, potentially improve battery, and reduce tracking. Though, I'd rather not have to spend time continuously troubleshoot my phone for stuff that doesn't work properly. Also, graphene OS is considered quite secure, but is there a plausible risk I need to worry about of the project losing support and eventually becoming less secure than stock Android? If any of you run graphene OS, what are your long-term experiences with it?

      47 votes
    3. Ring camera is getting more and more annoying

      I've had a ring camera for several years. Historically I've been mostly satisfied with it, but lately they are adding some features that are pretty annoying. The worst is that they've been adding...

      I've had a ring camera for several years. Historically I've been mostly satisfied with it, but lately they are adding some features that are pretty annoying.

      The worst is that they've been adding neighborhood alerts and other proximity alerts, with categories for traffic and weather and lost pets and things like that. Today I got a "community alert" which was actually an advertisement for a local animal shelter. I don't have anything against animal shelters, but my motion detector camera alter is not the correct venue for this message. It's clear that amazon is trying to muscle in on Nextdoor. I don't use Nextdoor. I find it to be like facebook, full of cranks and advertisements and nosey annoying people.
      So now I had to wade through a few pages of menus to find where to turn of this new annoyance. Obviously, if I could I would opt out of all new features.

      The other annoying thing is that they turned on some AI evaluation of what the camera sees. So I was getting messages like "there's someone with a garden hose on your lawn" or "a person is carrying a cardboard box". There were a few things wrong with this

      • I didn't sign up to have this and it slows down the alerts so they are up to 30 seconds after the motion is detected
      • The AI sometimes made errors, especially at certain times of day where it misidentified different things in the yard (for example, some place marked by shadow was interpreted as a sidewalk when there isn't a sidewalk there). This happens of course because the AI doesn't know anything about my property, it evaluates everything from scratch each time it looks at an image.
      • The ring app started bugging me with upselling messages to pay extra for the AI messages

      So yeah. I just wanted to vent about the enshittification of this thing. I'm also aware of the privacy issues of ring cameras and how they're going to use the "pet finder" functionality to keep track of everyone. But this rant isn't really about that more important stuff, just the frustration of how these tech companies won't just leave anything alone because they have different goals than us.

      33 votes
    4. Need help deciding if I need to replace my Pixel running grapheneOS

      so like most of the community, I wanted to do a dance when I saw https://tildes.net/~tech/1t09/motorola_and_grapheneos_foundation_partnership_announced. However I have a Google Pixel 6 and...

      so like most of the community, I wanted to do a dance when I saw https://tildes.net/~tech/1t09/motorola_and_grapheneos_foundation_partnership_announced. However I have a Google Pixel 6 and according to this page, that stops getting security updates this October.

      now what I can't tell is is it a better idea to wait for the new moto+grapheneOS phone or bite the bullet and buy a supported pixel. I don't know if anyone know how long until a moto+grapheneOS phone actually hits the market. If it's next year, not a big deal to wait. If it's 2+ years, I get worried about missing out on security updates.

      Not sure the best course of action, security wise.

      14 votes
    5. I need a sanity check from security experts (opening ports on the router)

      First, let me just say that I'm tech savvy, but I'm self taught for the most part. I never studied cybersecurity or network security. I know the basics, but not the nitty-gritty. I used to host my...

      First, let me just say that I'm tech savvy, but I'm self taught for the most part. I never studied cybersecurity or network security. I know the basics, but not the nitty-gritty.

      I used to host my own Anytype Server (note taking app) on my raspberry pi. To do this, the documentation says that I need to open two ports, one TCP and another UDP. So that's what I did, and had it set up this way for a while now.

      Yesterday though, my raspberry's microSD died. So while I wait for the new one to arrive, I'm taking the chance to review my home network settings.

      I closed off a third port that I had for my synology server (for the OpenVPN). I am now using Wireguard (with Tailscale) which doesn't require opening ports. And since my raspberry is offline, I also turned off the other two ports (as of now, I have none opened)

      So here's the thing: I remember from my searching that a lot of people are strongly averse to opening ports. Iirc, the basic idea is that if a bad actor knows my home IP and which ports are open, they can enter. So, in theory, a hacker could potentially infiltrate my raspberry pi - and from there potentially wreak havoc in my other devices.

      So my questions are:
      1- Is it really like that? Could a hacker gain unlimited access to my raspberry via an opened port?
      2- If yes, is there something that I can do to strengthen my raspberry pi security?
      3- Am I being overly paranoid by worrying about this, even if it’s theoretically possible?

      12 votes