SecurityPro

SecurityPro, 20 days ago

Since it is a free phone from a carrier it will be locked until the phone is “paid off” by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.

SecurityPro, 20 days ago

I believe NetGuard will act as a VPN. This will prevent you from using an actual VPN.

SecurityPro, 20 days ago

Not in the US. A phone “purchased” on contract is carrier locked and you can’t unlock the bootloader, which needs to be done in order to install a different OS.

SecurityPro, 20 days ago

Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.

SecurityPro, 1 month ago

“helped” is very misleading. Companies can’t refuse to provide information they have when served a search warrant / court order. These companies DID NOT choose to provide the info on their own.

SecurityPro, 1 month ago

As someone who has worked fraud and online investigations, and both written and served search warrants; it is not an option. A probable cause affidavit is presented to a judge and if the judge agrees there is sufficient probable cause, a search warrant is issued. This is an order by the judge and not optional. The judge can hold the company in contempt if they refuse to obey his/her order.

SecurityPro, 2 months ago

Can I add it to my Amazon wish list?

SecurityPro, 2 months ago

Why would you want to??

SecurityPro, 2 months ago (edited 2 months ago)

Regarding: “On Android you can use [Stealth] . That’s what I use for searches that pull up Reddit posts.”

The stealth protocol does not have anything to do with accessing individual sites or services. The purpose of stealth is when trying to estata VPN connection to a provider that does not allow VPNs. For example, a public wifi that blocks VPN connections or some countries that require ISPs to block VPN connections.

SecurityPro, 2 months ago

Reach out to the job sites directly and report these as fraudulent. Ask them to remove the resume postings.

Also consider making accounts for her on these sites, may make it easier to prevent future posting and to remove any that do appear.

Then, since it sounds like you are her lawyer. Subpoena these sites for information on account, email address, IP address used for the fraudulent posts.

SecurityPro, 3 months ago

Agreed, grab AntennaPod from the f-droid store.

SecurityPro, 3 months ago

I use Anytype (anytype.io) on my phone and desktop. I make a page for each trip and add screenshots of confirmations, maps, itinerary, etc.

Anytype is similar to Notion but is open source and encrypted locally.

SecurityPro, 3 months ago

Agreed, they are continually improving it

SecurityPro, 3 months ago

I’ve contacted Anytype about this and will post their response.

I run Graphene OS on my phone and have an always on VPN connection. Plus I use a different email address, username, and password for 99% of my accounts. So I don’t worry about telemetry, analytics, or data marketing anymore.

SecurityPro, 3 months ago

I looked at some of these on my own and found:

• graylog provides data privacy and protection services for companies offering software as a service (SaaS). So this seems legit to me and needed for their core functionality. It is not a marketing or data analytics company.
• amplitude appears to be a data analytics company and on the surface is not needed and Anytype should explain this.
• sentry appears to be an application error tracking company and this seems a legit connection
• api2 seems like a generic server name and likely needed for their core functionality, this seems legit to me
• telemetry also seems like a generic server name; however, the purpose, based on its name does not seem to be needed. Anytype should explain this as well.

SecurityPro, 2 months ago

Anytype has responded and I had a couple other clarifying questions. Their first response:

“Hi! In our privacy policy we include Amplitude & Sentry & explain why we work with them: anytype.io/app_privacy. Currently, you can opt-out by electing local-only or self-hosted network Mode”

Sentry is only used for bug tracking and I don’t have any issue or privacy concerns with that.

I had already looked on their website for a privacy policy and the only one I could locate was a website only privacy policy. I learned later that the application privacy policy is buried as a link somewhere within the website privacy policy. This is not very easy to find.

I reviewed the application privacy policy and it conflicted with their answer stating that a user could opt out of information sharing with Amplitude by using “local only” or “self-hosted”. So I pointed this out and posted this reply to them:

“Also, app privacy policy section for Amplitude states: Amplitude Analytics Purpose: deliver behavioral and app usage data. Opt-out possible: NO”

This is the response I received:

“Indeed this is outdated information, as it was written before self-hosting and local-only mode were properly configurable. Opt-out is now possible using these methods, and we will be updating the policy accordingly.”