abrahambelch

joined 10 months ago
[–] abrahambelch 11 points 4 months ago (3 children)

Here in Europe there are a lot of country-specific instances (e.g. feddit.de or feddit.nl). I can confirm the German one has quite a lot of members and some large German subreddits moved to Lemmy when the blackout happened. Germans are quite privacy focused in general with a generally higher Firefox market share and a lot of shops only accepting cash (not proud of the latter haha)

[–] abrahambelch 23 points 4 months ago* (last edited 4 months ago) (2 children)

First of all:

You can always copy storage if you're able to physically access it. The only way to prevent this is to secure the chip in a way it destroys itself if physically tampered with (like some TPM chips).

You should instead opt for a passphrase that is practically impossible to bruteforce on current hardware due to its complexity. Also, try not to disclose the encryption algorithm or software used as this information opens the possibility of exploiting known vulnerabilities.

VeraCrypt for example is able to completely hide its presence on a volume and the only way to know if a device is encrypted with it is trying to decrypt it using VeraCrypt with the correct passphrase.


Trying to answer your questions:

  1. Most modern smartphones encrypt their data by default nowadays. The rest depends on the phone itself. Mostly they just delete the encryption keys from the TPM when formatted so this still enables an authority to copy your storage and bruteforce.

  2. No. Encryption does never prevent you from copying the encrypted information. Those are two completely different things.

  3. No. You cannot encrypt the SD card with say Bitlocker and use it on a phone afaik.

  4. Yes, some Androids allow you to encrypt the SD card from within the storage settings.

[–] abrahambelch 21 points 4 months ago* (last edited 4 months ago)

Sometimes you have to learn the hard way...

[–] abrahambelch 14 points 4 months ago

Even if degoogled, Chromium still does a poor job at protecting your privacy.

[–] abrahambelch 4 points 4 months ago

Thanks for sharing, actually this very project inspired me to do it myself. It is an incredible resource when it comes to certain aspects of the database format!

Imho it has some deeper architectural issues though which I wanted to avoid in my implementation. I'm also using an entirely different tech stack I wanted to train myself in.

My implementation is not as feature complete as osxphotos but I'm sure I will be able to contribute back to the project with the occasional bug fix.

[–] abrahambelch 25 points 4 months ago* (last edited 4 months ago) (5 children)

I reverse engineered the Apple Photos library file on my Mac as a side project and can confirm that hidden assets are not actually encrypted or otherwise protected. The respective assets are just not shown in the apps and can be accessed via Finder on macOS.

I didn't know they were visible when you connect your phone to your PC but I guess it makes sense.

[–] abrahambelch 8 points 4 months ago* (last edited 4 months ago) (2 children)

Maybe it's the wrong person if they can't be with someone who doesn't use Instagram ;)

[–] abrahambelch 154 points 4 months ago* (last edited 4 months ago) (16 children)

Don't make the same mistake as our generation and fall for TikTok, Instagram and that shit.

Almost everything is better without it, from concerts to weekend trips to relationships.

[–] abrahambelch 1 points 4 months ago* (last edited 4 months ago) (1 children)

When you re-import the images into another program/library, they will not be displayed in the correct order and all other information will be lost as well.

Metadata in general is very useful and contains a lot of valuable information like location data, lens, focal length and device information which you have to manually re-integrate into each and every photo.

I mean yes, I could write a quick and dirty Python script for this, but why should I have to do this in the first place?

In my subjective opinion this is malicious as in it only being this way to make it as hard as possible to migrate away. I highly doubt this is the way their servers store the images as it is very inefficient and the images are likely stored in a database instead. This means in order to retrieve a file they have to process each image anyway, so why not follow the universally accepted and well defined standard and include the metadata in each file?

[–] abrahambelch 23 points 4 months ago* (last edited 4 months ago) (14 children)

First thing: Privacy. I am aware that iOS is not entirely private too, but I trust Apple Photos much more than Google Photos. You can even enable end-to-end encryption iirc.

Second point is control over my data. I can easily export my photos from Apple Photos as files, whereas Google maliciously separates Photos and Metadata upon export. In my experience this is the same for a lot of other services as well. Being able to easily export my data enables me to escape the walled garden more easily should I get fed up with one system. I also try to use as many open source services as possible for this as well as other reasons.

Apple has a lot of malicious practices too, especially when it comes to EU citizens and third-party app stores, etc. - but in my experience Google is no better.

Lastly, I considered switching to an Android with Graphene OS (privacy focused Android derivate) a couple of times, but the added control over your data comes with a lot of other inconveniences. So for now, I’m just sticking to iOS.

[–] abrahambelch 3 points 4 months ago (1 children)

I’m afraid there’s no way to do this without a second Nintendo DS or an external tool like a save editor (PKHex, for example) :(

view more: ‹ prev next ›