Compiler engineer for the Chisel HDL.
I also trickjump in Quake III Arena as a hobby.
None of these “Apple bad” types read anything beyond the headline.
Nowadays, anything remotely outrageous or negative is very hastily construed to be “Apple bad, duh” without a second thought. We legitimately can’t have genuine, thoughtful criticism of these companies anymore.
There is also the approach of representing 0.999… as the infinite geometric series 9(1/10) + 9(1/100) + 9(1/1000) + 9(1/10000)… which, by definition, is equal to 9(1/10) / (1 - 1/10) = 0.9 / 0.9 = 1.
Not only are root accounts themselves disabled by default, but it’s also highly recommended that any methods of remote and local login to root are disabled. It’s literally the most basic hardening step you can do for any Linux setup.
My VPS gets hit by tens of thousands of attempts to SSH into root every single day. My fail2ban jail for ssh alone get so absurdly large that it fills my remote terminal, and that’s not even including the fact that I ban by CIDR blocks, not individual IP, so I have hundreds of IPs blocked for a single fail2ban entry.
None of those attempts are actually successful as I’ve completely disabled password authentication and logins to root. The last thing I would want on my phone is full, unadulterated root access for that reason alone.
I think you might be overthinking things. “Apple devices you use on a regular basis” just generically means whatever you use and plan to enable hardware 2FA for.
Maybe it’s to emphasize that you’re now going to have to use your hardware keys to regularly use Apple services on your phone, in addition to things like passwords, Face ID, etc.
I have Librewolf with uBO and CanvasBlocker whitelisted for very specific websites. It required me both disabling uBO and allowing *.google.com in CanvasBlocker’s whitelist for my browser to suddenly be “secure” again.
In other words… “we won’t let you sign in unless you enable your trackers on your browser.”
In my personal experience this is blatantly untrue, because now I can’t even log into my Google/YouTube account on Librewolf anymore. I get a prompt saying “this browser may be insecure” and requesting that I use Chrome instead. This is exactly what the Web Environment Integrity API was intended for — maybe they did decide to shelve it for general use, but Google is still absolutely trying to push this bullshit for their own services.
I never had this issue for the past 2 years I’ve used Librewolf until, coincidentally, Google “decided” to “sunset” its browser DRM.
I tested it on iOS Safari with my own hosted instance and it seems to be fine. Is macOS Safari different? Maybe that’d be a good bug to report.
Fair enough, it’s definitely not for everyone. It’s a great learning experience though!
In that case, Joplin and something like Syncthing + Git (so that you remain in control of your data) would fit your need, since in essence you’d just be securely and privately passing around all your notes/files over a decentralized network.
If you’re comfortable with self hosting, I recommend SilverBullet: it’s a Markdown-based knowledge management solution that runs as a PWA in any modern browser. It automatically syncs to a hosted SilverBullet server during use when you have an internet connection, and otherwise can run completely offline (provided that you use a browser that supports offline PWAs)
The author of this article has pages on “the dirty tricks of conspiracy deniers” (???) and cites another site as his inspiration that purports to debunk skeptics of “conspiracies, extrasensory perception, [quantum consciousness] and life after death.” He also cites another nutjob who claims that humans are the product of chimpanzee and pig breeding.
Dude’s easily got several loose screws up there.
OP’s “evidence” is that Kagi internally uses Sentry.io (a FOSS crash report aggregation service for developers) to report crash logs, which they then use to assert that Kagi is aggregating personal data and sending that data to Sentry. The “proof” is that they used an Android tool that reports whether an APK contains specific Java classes whose fully qualified names match a “tracker” name filter (which, coincidentally, cherry-picks Sentry.io as a tracker), runs it on some completely irrelevant Android APK, and then concludes that because these classes are showing up with their cherry-picked filter, Sentry.io is a tracker, ergo Kagi is tracking personal data. Q.E.D.
In short, it’s complete nonsense. I did a thorough debunking of their methodology in a previous comment of mine. You can safely ignore anything they have to say.
You clearly don’t understand how this works, do you?
Let’s start from the beginning: Your suggested app, “classyshark3xodus”, notes that the database it uses is the concatenation of the existing exodus-privacy trackers, as well as an addendum list of 31 “additions”. Most importantly, this list comes from the repository linked here.
Let’s ignore, for a moment, that this clearly implies that the creator of this app lied about the database it uses (because it’s very clearly not some official “new” Exodus database, but a hodgepodge mashup made by some complete stranger on the Internet…) The repository for the addendum list states that the Sentry listing comes from the Exodus Tracker Investigation Program (ETIP). Thus, we expect that there should be a page on the ETIP for Sentry, and indeed there is one here.
We can see that the description for this tracker is… hold your breath… to report unhandled exceptions to an online service. It’s almost as if… that was the exact, entire, unmitigated stated purpose of the fucking software in the first place! Also note that the stated category is… again, hold your breath… crash reporting. Again, this is exactly the stated purpose of the SDK, which was advertised on their own site.
This means you already lied multiple times about the intended purpose of Sentry. Your own source states that Sentry is not an “analytics company”, but a “crash reporting” service. Again, this is what we have already clearly established by a very cursory, trivial look at the software itself. Oh, also, it’s also stated in the ETIP that Sentry is not even listed in Exodus as a tracker. Gee, I sure wonder why…?
I also had the displeasure of going through with downloading this app from F-droid and testing it on Fennec as you stated. As expected for the simplistic process of “does the fully qualified name of this class begin with this specific filter?” Sentry classes show up.
I know what I’m doing, so let’s dig into some of the classes. The vast majority of them are actually dummy classes that do not contain any fields or functions that mutate state. For example, io.sentry.UserFeedback:
package io.sentry;
import java.lang.String;
public final class UserFeedBack extends Object
{
/*
* Field Definitions.
*/
/*
* Declared Constructors
*/
public final String toString() { ... }
}
The reason for this is that F-Droid runs ProGuard on compiled artifacts from source, which optimizes away unused Java bytecode. This means we can be sure that the APK we received only consists of the instructions actually used by the APK. An empty class file also means that it is a stateless class, and for the sake of OOP is effectively a no-op that can’t perform anything.
So with that being said, let’s dig straight into the io.sentry.protocol.User class. We should expect this to contain the most sensitive user information sent to this “analytics” company, such as email addresses, geo locations, and… uhh wait…
package io.sentry.protocol;
import java.lang.Object;
public final class User extends Object
{
/*
* Field Definitions.
*/
/*
* Declared Constructors
*/
public User() { ... }
public final boolean equal(Object) { ... }
public final int hashCode() { ... }
}
It’s a dummy class! That means it can’t store anything about the user because it doesn’t do any of that in the first place, thus being optimized away by ProGuard. Oops.
So, how about io.sentry.protocol.Session?
package io.sentry;
import ...
public final class Session extends Object
{
/*
* Field Definitions.
*/
public String abnormalMechanism;
public final String distinctId;
public Double duration;
public final String environment;
public final AtomicInteger errorCount;
public Boolean init;
public final String ipAddress;
public final String release;
public Long sequence;
public final UUID sessionId;
public final Object sessionLock;
public final Date started;
public Session$State status;
public Date timestamp;
public String userAgent;
/*
* Declared Constructors.
*/
public Session(Session$State, Date, Date, int, String, UUID, Boolean, Long, Double, String, String, String, String, String) { ... }
public final Session clone() { ... }
public final volatile Object clone() throws CloneNotSupportedException { ... }
}
Finally, a class with actual state! We can see from here that a Sentry session can contain the following information:
User-Agent header of the HTTP request to Sentry’s servers. This value is composed of the app’s chosen programming language and platform of choice of the user, along with the version of the Sentry SDK.So what potentially personal information does Sentry “leak” in a session?
In other words… this is a typical crash log… containing the unhandled exception which caused the crash… that is then sent over to a server over the Internet via a specific user’s Internet connection (leaking an IP by necessity of the protocol). In other words… this is a crash reporting service. 🤦
As war said, you don’t know what Sentry does. Actually, you don’t understand how any of this works. This is a privacy community first and foremost, but I also expect that FOSS “enthusiasts” such as yourself actually understand how to work with FOSS.
Anonymity is not the same as privacy, because the latter fundamentally entails a measure of trust between two parties over the control of personally identifying information. Note that this is contingent on whether that personal information is exchanged.
In the situation you described, privacy is irrelevant in either case, whether you access a SearXNG instance with a VPN/Tor or use a pseudonym and Monero payments to access Kagi, because no personal information was exchanged in the first place.
The “privacy” in both situations then becomes how difficult it is for a bad actor to deanonymize you, which comes down to whether you can trust that the VPN service you’re using isn’t logging your traffic and the email service your pseudonym is on won’t just give up your data… or whether Tor isn’t being actively deanonymized via malicious exit nodes controlled by certain three-letter government agencies. This isn’t a fault on either search engine, IMO.
we can’t be sure what code are they exactly running on the server side
The same can be said about the hundred random SearXNG instances floating around on the Internet. How do you know that some of those aren’t running custom binaries that are then linking your IP to your search queries and sending them off?
The only true solution is to self host, but the majority of people are looking for a quick and easy Google/DDG replacement, not to completely overhaul their digital life.
The non-exhaustive list of Python, Swift, Java and native bindings for the Sentry SDK are all FOSS by your own criterion, so I’m not sure where this whole FOSS diatribe is coming from.
Again, can you send a direct link to a credible source (read: not a remark to “look it up myself”) that presents the evidence on exactly how Sentry aggregates and collects personal data? Your criticism about corporate privacy policies boiling down to a “just trust us bro” mentality can be applied to your own claims and chain of comments: without any evidence I’m forced to take your assertions at face value and “just trust you bro.”
Searching for Sentry with your supplied source gives nothing helpful, in fact Exodus doesn’t even list Sentry as a tracker here. I’m sure a “well known and notorious” tracker should be listed as such.
So again, citation needed. Link evidence of these claims.
From my understanding, Kagi counts searches against accounts based on how many times that account has accessed the search endpoint. That is, multiple repeated searches (over a period of time) are treated as unique searches.
According to them, searches are cached for 2 minutes, and next page results are also counted as a unique search.
“Anonymous logs are shared with Sentry when bugs, crashes, or warnings occur for debugging purposes.”
It is quite a leap in logic — a non sequitur, even — to go from “debug crash logs sent to a crash reporting service” to “your personal information is being shared with third parties,” especially since Sentry themselves advise that their own users (developers) should not send personal information to them.
Please give the evidence detailing what personally identifying information Kagi collects and how they send it to Sentry, since you clearly know how things work internally in there.
They do share data with a notorious 3rd party tracking company.
Care to give any details?
Apps can implement their own form of push notifications – most privacy-respecting ones already do. However, it’s an endeavor that’s too much effort for the average dev, so they default to using the existing FCM service instead.