if you install qpwgraph, what connections do you see? a screenshot may be helpful

though it can’t read the chat itself.

it can. I’m not saying it does, but it absolutely can

the address there can be faked, maybe your email client did not warn about it. if you can check the mail’s headers (maybe easier on desktop), look at all the addtesses you see in there and if thry seem suspicious.

also check the link they sent. Don’t open it, but copy it only.

this is a joke, right?

a default keyboard combination does not have such a meaning. they don’t want to “dress as proprietary software”. probably the creators were used to using that other combination, or they decided that it could be worth to keep the keyboard mapping similar to a very popular graphics editing software, irregardless of whether it is proprietary or open source.

don’t worry! the freedom is yours to rebind that button to whatever you want.

Could the suspension API be maliciously used to lock down users’ accounts further?

further? did I miss something?

for that you really dont need ID verification. that and 2FA serve entirely different purposes. ID verification is to ensure you are not hiding your identity. 2FA is to ensure that you are really the account owner.

simplelogin should be able to do that. you can selfhost it or pay for it to handle custom domains

yes, but actually no.

there are apps (like rethink DNS) that pack multiple functions in the app. if an app is being used to handle a VPN connection, it gets to process all your network traffic, see for each packet which app does it belong to, and can do both firewalling, split tunneling by app or type of traffic, and can also filter packets. most VPN apps just don’t bother with it because its a complex task, and most users wouldn’t use it anyway.

There’s also AFWall+ that can configure the kernel’s firewall with root permissions, without setting itself up to handle a V0N connection.

both of these apps are available on f-droid

are you sure the wife’s tv doesn’t try 8.8.8.8 or another public DNS server, or perhaps DoH after failing to resolve domains through the pihole?

same opinion here. but sometimes it’s not a choice. Especially on a company phone, but also on a personal one. Don’t forget either that not everyone here did/can degoogle their phone.

if that’s the case, that feature seems to work rather poorly

any that has got permissions to do so. its a toggle in the permission settings for apps that use it

Op: read about pgp/gpg. Do it now. When you don’t understand something ask questions about it instead of giving up.

While that’s usable for files, they cannot use it for the app backups and conta ts and such that the system creates on iCloud

that’s not what I meant. but that when you export the contacts, that happens to shared storage, that other apps can see

And the extremely low tech solution of just having them offline in a foss contacts app and exporting backups from that app to your storage in case you lose them.

that’s not a good solution because a lot of apps will be able to read them. It’s not always possible to decide for yourself what apps you have, sometimes more powerful people are going to make you use one that you don’t trust.

privacy protection with a service that’s only accessible through an ownership controlling, datamining-filled smartphone app? it was just a joke, right?

if they do this on your phone, what are they doing with your transaction data…

I2P is not an alternative to bittorrent, but to IP networks. Essentially I2P is an overlay over the IP-based Internet.

bittorrent can work through I2P just like it can over IP or Tor.