There is no perfect email provider. You cannot provide perfect service to a deeply flawed communication method. Companies like Skiff, Proton Mail and Tuta are good email providers, but not providers that make emails good. Each one has limitations.
These companies should intend to provide you a good service that won't sell you out and make an effort to see the least information they can while following their laws, and they use the encryption and security measures to ensure that. That is what makes the 'Encrypted' in encrypted email important. The end to end encryption for emails is a good bonus but if you're using it for your accounts... it's sadly not worth anything since none of these company sites will bother with encrypting their mail.
PGP is also a usability and implementation nightmare. Encryption should be the default and always.
![final [GrapheneOS] ๐ฑ๐๏ธโ๐จ๏ธ's avatar](https://image.nostr.build/d837117ca56e292d9f16143a673f47fdb0c3f7273573a2394b1892b3c8c8a688.jpg)
I've been asked before about how Nostr differs from ActivityPub based social media like Mastodon a few times. My answer is both are decentralized but each is decentralized with a different topology.
Both Mastodon and Nostr are decentralized social media or communication platforms, however Mastodon is federated while Nostr is distributed. Mastodon is decentralized by means of having no central server by making each participant of the federated network their own centre, while Nostr is decentralized by means of none of them being a centre. Nostr relays cannot control or enforce their own rules in the same level as a Mastodon instance can.
You could say the same about an instant messenger, some are decentralized by means of having no central server, just multiple centers that can communicate with one another (like XMPP) or by letting you pick the relay servers anyone can host (like SimpleX) or by not having any servers at all and communicating between each other peer to peer (like Briar).
Not all decentralized messengers are the same, they are decentralized in different manners.
GM!
The sats pending from Stacker News have arrived to me (in 5 days) finally. As seen on my feeds I have sent equivalent payments to the #GrapheneOS Foundation already in fiat incase I didn't get them. I will add on ยฃ10 to that original donation to count for the extra. I had a reasonable amount of sats stacked from SN before I moved closer to the GrapheneOS project too, so they will be used to support my own personal endeavours. You can check my post history there to confirm that if you have doubts.
What do you think I should do with my sats? Since I sent ยฃ25 equivalent in fiat in case I have far more sats for myself. Would love to help a Bitcoin only business or I can send more to the foundation. Whatever you guys prefer.
When withdrawals are pending on SN, you lose access to the funds, and so I had to wait until the invoice removed in 5 days to have the sats again. Still unsure what happened as I have a huge amount of inbound liquidity and enough to pay fees with. Oh well, everything is good now.
Thank you all again!
We come around a lot of people running Duress / device erasure killswitch apps like Wasted or an MDM solution to try and protect their device from seizure. They don't work.
A duress app can have the erasure process cancelled by holding down the volume button to move to Fastboot mode. This cancels the erasure, and worse, the reboot performed is a warm reboot meaning that sensitive data like device credentials remain in memory.
When we reported vulnerabilities used in forensic companies targeting Pixels, the evidence acquired was a video they used marketing their bypass of erasure apps. This company in particular advertises cold boot attacks, dumping RAM to brute force the credentials. This meant for people relying on those apps outside of GrapheneOS, they weren't just bypassed - their credentials would have been brute forced if not good enough.
Many scammers selling 'secure' mobile devices which are just phones running other operating systems with an MDM app on it for 'remote erasure' or duress features mislead customers. Their methods are not foolproof. They are the same level as EncroChat or ANOM.
GrapheneOS have been developing a duress PIN feature that works without an unsafe reboot, the reason it's took time because it had to be done with a new, unique method and not relying on insecure implementations like other apps or operating systems. It is in testing. We also have been suggesting fixes to these other problems by anti-reset attack mechanisms like zeroing sensitive memory or making MDM reboots safe.
As a project, GrapheneOS continues to grow with exceptionally loyal users, and it is easy to understand.
We are not some hobby or experimental OS. We are a work of (almost) 10 years of mobile and Android security research, with paid developers, members from many branches of computer and security expertise and volunteer moderators. Everything GrapheneOS has and will implement is added to target the current threat landscape, and is designed to combat real threats. Our security developments aren't to combat irrelevant, baseless 'what-if' scenarios or create easily attacked obscurity tactics and security theater features. We are not scammers who rely on telling you that you'll be "bulletproof" or "untraceable" unlike what came before GrapheneOS.
We are not some average AOSP distribution simply taking the Android base, piling other apps or flawed, insecure additions and treating them as our features. This is not innovation. GrapheneOS changes the AOSP base from all levels, hardening the most exploited components or replacing them with extra secure alternatives that we maintain or have even developed from the ground up. Projects like Hardened Malloc, Vanadium, Camera app and PDF viewer are some users will reap the benefits of in their day to day lives. Other OS's taking such work shows how valuable this work has been.
GrapheneOS is one of the only open-source projects to trailblaze mobile security, from implementing a lock screen bypass fix before Google, reporting numerous security vulnerabilities including ones used by companies attempting to attack us, and adding enhancements upstream to numerous open source projects. GrapheneOS is the first and still the only platform to have ARM hardware Memory Tagging Extensions implemented in production with the Pixel 8 and also the only browser in production when counting Vanadium as well. If you look at the project's socials for this, you will see additions like these have been planned years beforehand.
The foresight the project has for what we should implement should tell you what the experience and skills of the team members are. GrapheneOS is here to stay, and the work done will be around to stay even longer. Even if you don't use the OS you have reaped benefits of the work. It's never too late to understand what you are missing out.
#GrapheneOS
GM!
For the fellow shinobi on Nostr, there is now a PayNym in bio.
Story: My first experience with using Lightning was during a meetup. I left the meeting with some equipment and a RoninDojo themed seed phrase paper.
That day after, my bank account was locked for 24 hours because of a supposed fraud check. I have a really bad habit of this and it was the 5th time that year. Because of the living situation I had kept no cash.
I ended up using the sats I had left to buy my food that day and the next thanks to buying a voucher from Bitrefill. If you don't feel like you need it, then you just haven't had the moment when you will yet.