this post was submitted on 07 Jun 2025
73 points (100.0% liked)

Privacy

38637 readers
754 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 2 days ago

Google is banned in china so 1/6 of the world population can bypass it automatically. You need state power to deal with oppressive corpos.

[–] [email protected] 9 points 2 days ago

This might be a hot take but the best way to avoid or "bypass" onerous things like the "integrity API" is to opt out of the proprietary world as much as possible. Use exclusively free (Libre) software and technology where you can.

We should not be thinking in terms of how do we get proprietary crapware onto our free systems, because that defeats the purpose of a free system. The idea is to build an alternative to the proprietary world.

[–] [email protected] 7 points 2 days ago (1 children)

GrapheneOS is already working on it:

We're going to add a secure way of working around this without breaking the app source security model. We'll be adding support for having the OS automatically verify the Play Store signing metadata and then inform Play services those apps were installed from the Play Store.

https://grapheneos.social/@GrapheneOS/114554622772349562

[–] [email protected] 1 points 2 days ago

That's already released and only deals with recent changes. It doesn't fix apps using strong integrity challenges

[–] [email protected] 8 points 2 days ago (1 children)

Do you think we can find a way to bypass these,

Yes. Direct physical access always wins. A device in my hands is my device.

or is the future of the digital world just authoritarian and dystopian?

Yes. Many people aren't going to explore the solutions, or be willing to give up the convenience that comes with not changing what they're doing.

[–] [email protected] 2 points 2 days ago (1 children)

A device in my hands is my device.

Could you then please help root the Meta Quest 3? So far I believe nobody managed.

[–] [email protected] 7 points 2 days ago (1 children)

We're a decade too early for open source vr.

That's not a VR headset, You bought an expensive Facebook paperweight.

[–] [email protected] 0 points 2 days ago* (last edited 2 days ago) (1 children)

Edit for TL;DR as this became lengthy : agreed, do NOT buy "an expensive Facebook paperweight" but also, open source VR exists today! Depending on your definition and needs, there is a lot that can be done and you can help.

Rooting isn't open source...

Anyway Valve Index runs perfectly on Linux, that's how I finished Half-life: Alyx. I also do already have a rooted Lynx XR1 and a Project NorthStar which is open hardware (even though not OSHW iirc).

There are also :

  • open source runtimes for OpenXR like Monado,
  • runtime managers or switches e.g. xr-chooser or openxr-explorer
  • window managers (ish) like xrdesktop or Stardust XR
  • browser like Wolvic (with Gecko and now Chromium backend) with cross-platform supports with WebXR
  • streaming from desktop to standalone HMDs e.g. WiVRn or ALVR
  • some distributions have dedicated documentation e.g. NixOS for desktop and PostMarketsOS mobile
  • plenty of tools that run on standalone HMDs as most are "just" Android devices, e.g. termux letting you install NodeJS then run your own on device Web server to code on device, standalone, offline, alternative launchers e.g. LightningLauncher, removing some telemetry and plenty more I'm not even aware of.

IMHO one of the best resource covering that and more is https://lvra.gitlab.io/

So... I'm a bit confused, maybe I misunderstood, what did you mean by being "a decade too early"? Which functionality specifically is missing today?

[–] [email protected] 1 points 1 day ago (1 children)

The Index and the Quest are entirely different things.

The index is a monitor with sensors attached to it.

The Quest is a proprietary PC with an ecosystem, DRM and billion dollar company backing.

Rooting isn't open source They don't have anything to do with each other other than the fact that you don't need to root open source devices. They lock us out of root because they don't want us to control our own devices, They want us to use their stores, they're walled gardens, and their support for everything which is very un-open source.

My point behind touting an open source mobile VR device would be that it would not need to be rooted.

I looked at the hardware you mentioned and while the open stuff looks very nice it looks very not available for anyone to purchase. Do you expect any of that hardware to be more available soon?

[–] [email protected] 1 points 1 day ago
  • for the Lynx (that can't be bought rooted already but takes about 15min to root) I wouldn't buy it right now but wait for their AndroidXR release... and see if that would be rootable. I personally share my Lynx with hardware and software hacker friends nearby because I know it's a relatively rare device.
  • NorthStar is AR, not VR, and by default isn't mobile but there are compute pack explorations and opaque covers. Honestly if you are not into hardware tinkering I would not recommend it. If you are though then you probably don't need a lot of hand holding, just connecting with peers to learn from each other.
  • SimulaVR https://simulavr.com/ is very tempting but the price tag is quite high and to be honest I worry that they are following the Lynx delivery delay path. I also haven't put my actual hands on an actual product so I can't comment on it.
  • Valve itself has been leaving hints for mobile VR and they did IMHO an amazing job with the SteamDeck, namely something reliable (it "just works") while running Linux proper (even though most players will be totally unaware of it) ... but it's Valve. So they will release it, if they ever do, whenever they will believe it's ready. This is also pure speculation! They have not announced anything but they did sell the Index, SteamDeck, SteamVR on Linux, and there are bits of code hinting at a standalone HMD.
[–] [email protected] 13 points 3 days ago (2 children)

I sadly believe we’re fucked

[–] [email protected] 2 points 1 day ago (1 children)

We where fucked when the internet got consolidated into what five companies.

[–] [email protected] 2 points 1 day ago

And them being in the USA as well

[–] [email protected] 12 points 2 days ago (1 children)

We were fucked a long time ago it's just the effects showing now. But I hope the rebels at Graphene OS and other custom ROMs will find a way.

[–] [email protected] 0 points 2 days ago (1 children)

Sadly I moved away from Graphene because of all the restrictions :(

[–] [email protected] 1 points 1 day ago (1 children)

Genuinely curious here, I but what restrictions?

[–] [email protected] 3 points 1 day ago* (last edited 1 day ago)

No mobile payments, a lot of apps have integrity check which means I can't really use them, no way to reset the unique device ID sent to apps so they can track you (why am I even using Graphene 🙄?), slow device, annoying to set up things like carplay's android thingy...

[–] [email protected] -3 points 3 days ago

What is the future of Google Play Intergrity APIs (and similar concepts)?

They are already here

Do you think we can find a way to bypass these

Ever heard about this so called „FOSS” or is your head to empty to understand words? Baby heard about FOSS? No? Or yes?

or is the future of the digital world just authoritarian and dystopian?

Only for those who allow such things to SPÖ on themselves.

[–] [email protected] 3 points 3 days ago (1 children)

It's a rat race. You can only win by not playing.

[–] [email protected] 4 points 3 days ago* (last edited 3 days ago) (3 children)

But if you don’t play, your pay with convenience and your time. You lose the freedom of installing a lot of apps. You lose a lot :( - to the point where it would make most people give up

[–] [email protected] 2 points 2 days ago* (last edited 2 days ago) (1 children)

Imagine I said that I would come into your house and install a new TV and entertainment system, re-build your bathroom, fix your maintenance issues, clean your floors, wash your dishes, etc. That'd save you a lot of time.

Now, I'll even do it for free! But, you have to let me install a door that only I have a key to so you can't stop me from entering your house and also to install cameras and microphones covering every square foot of your house and you consent to being recorded.

That's the deal people are making with their digital lives.

Yeah, it was inconvenient to have to learn how to setup the software so I could have 'cloud storage' using my home server. It's annoying that I have to deal with IP Cameras and ZoneMinder. But, because I do the work myself, I don't have to let Google/Meta/FBI/Amazon have access to listening devices in my home (Oh, sorry Alexa, I didn't know you were listening), footage from my security system or the contents of my personal files.

[–] [email protected] 1 points 2 days ago (1 children)

Oh I agree and self host stuff as well. But I tried switching to GrapheneOS and I really can’t.

[–] [email protected] 0 points 1 day ago (1 children)

If graphene would implement find my and tracker notification, I'd be good.

[–] [email protected] 1 points 1 day ago

Mobile payments, better UI, all apps working without Google play services… those are the needed things, but they won’t happen anytime soon

[–] [email protected] 5 points 2 days ago (1 children)

If you keep feeding the monster, you know what will happen.

[–] [email protected] 1 points 1 day ago

The problem is I want to you know have a life with people. Don't want to be isolated all to myself.

[–] [email protected] 3 points 2 days ago (1 children)

As of now, I find very few apps beneficial, convenient or time savers - maybe I'm a weirdo luddite. Most apps seem to be for pastimes anyway so saving time seems odd - I prefer to take time to savour my pastimes. I think mp3 player app, and organic maps are the real ones that I actually find useful.

But refusing GPS/microG and therefore Microsoft Authenticate will become a problem for me quite soon I think. For now a phonecall still works, but I think it's only a matter of time. Once that goes I might have to quit my job, and will struggle to find one in my field that doesn't require it, so I guess I'll have to look for less skilled work or retrain, and I'm far too old for that shit. That's where it'll get constraining, when the tentacles of bundling enwrap and bind many other aspects of real society.

I really hope the EU keeps on at MS for bundling and other market power abuse, it seems so obvious that they've effectively ignored the fines from the old Internet Exploder case, and ramped up their misbehaviour regardless.

Of course the twats where I live are easily radicalised against EU regulations (or any regulations really) , so I'm probably still fucked. But at least someone needs to stand up for consumer rights and competition and keep kicking MS in the balls every time they pull their dick out to fuck consumers. Ideally kick them harder and harder too, 'punitive damages' are more than justified due to them being a repeat offender.

[–] [email protected] 1 points 2 days ago (1 children)

Why Microsoft and not Google?

Idk what’s Microsoft Authenticator. Can’t use another 2FA app?

[–] [email protected] 1 points 2 days ago (1 children)

MS is who they choose - I think its all bundled in with windows and azure and dynamics and office and that stuff. I think MS is trying to use their B2B OS deals to get some market share from AWS, so they're probably offering cheap deals for now.

MS doesn't allow 3rd party 2FA. They created a proprietary algorithm so no other apps can do it.

[–] [email protected] 1 points 1 day ago

For push-notification login, there is really no other choice beside the proprietary one.

But they do also provide universal TOTP for 2FA login, it does work with other apps too. (unless your org had set special 2FA rules) The alternative option is not so obvious on initial onboarding IIRC, though.

load more comments
view more: next ›