For browser, there is a webapp that can be selfhosted. See here https://github.com/logseq/logseq/blob/master/docs/docker-web-app-guide.md

I think you need chromium browsers due to the API they use, but it should work.

Many encryption algorithms rely on the assumption that the factorizations of numbers in prime numbers has an exponential cost and not a polynomial cost (I.e. is a NP problem and not P, and we don’t know if P != NP although many would bet on it). Whether there are infinite prime numbers or not is really irrelevant in the context you are mentioning, because encryption relies on factorizing finite numbers of relatively fixed sizes.

The problem is that for big numbers like n=p*q (where p and q are both prime) it’s expensive to recover p and q given n.

Note that actually more modern ciphers don’t rely on this (like elliptic curve crypto).

Every point can be supported with an analogy bad enough

Yep, my partner gave one for my birthday, it’s basically plug-and-play. It can automatically harvest credentials, spoof captive portals, etc. I bet that in most places nobody would question something like this hanging on the ceiling indeed.

Just FYI https://shop.hak5.org/products/wifi-pineapple. There are ready-made devices that can do basically what you are describing!

Encrypted DNS doesn’t solve everything. Handshake for TLS sessions is still in clear, you can usually see the SNI, and since we are talking about Wireless, usually this data is available to anybody who is in the vicinity, not just the network owner. This already means that you can see what sites someone is visiting, more or less. TLS 1.3 can mitigate some of this (for those who implement ESNI, but you don’t know that beforehand). Also TLS works until the user is not accepting invalid certificates prompts (HSTS doesn’t work for everything) and there are still tons of HTTP-based redirect (check mailing newsletters and see how many first send you to an HTTP site, for example) that can be used for MiTM attacks.

A VPN moves the trust to a single provider that you can choose, which is much better than trusting every single WiFi network you can attach to and the people connected to it, I would say.

Also if you pay for the VPN (I pay Proton), it’s not true that the company business is based on user data, they are based on subscriptions.

I can’t really make an exhaustive comparison. I think k3s was a little too opinionated for my taste, with lots of rancher logic in it (paths, ingress, etc.). K0s was a little more “bare”, and I had some trouble in the past with k3s with upgrading (encountered some error), while with k0s so far (about 2 years) I never had issues. k0s also has some ansible role that eases operations, I don’t know if now also k3s does. Either way, they are quite similar overall so if one is working for you, rest assured you are not missing out.

Yeah, but you don’t need anything besides the runtime with kubernetes. Podman is completely unnecessary since kubelet does the container orchestration based on Kubernetes control plane. Running podman is like running docker, unnecessary attack surface for an API that is not used by anybody (in Kubernetes).

I run k0s at home, FWIW, tried k3s too :)

Why would anybody use podman for k8s…containerd is the default for years.

Nobody talked about victims. I was just contesting your BS exaggeration. But I see you can only discuss in absolutes and you decided to simply ignore every single point I made and flip the table with all the cards.

You must be really unsure about your ideas if you can’t defend them at all.

YOU made it sound like reality is either you going around in complete peace and bliss without any danger whatsoever (man) or in complete terror with a deathly danger behind every corner (woman). Challenging this barbie view of the world is not aiming to flatten the differences (which I acknowledged since the beginning) between men and women.

So yeah, nice try but no. Maybe reflect on your position and admit you used an hyperbolic statement next time, I dunno, it might work better than strawmen and moving the goalpost.

Women fear for their safety around men in public, and rightfully so. Period. It’s so fucking bizarre that anyone would ever try to argue against this.

I am not. I am arguing against the fact that men don’t (need to) worry about their safety in public. It’s such a cartoonish way to think. You don’t worry, good for you!

The statistics you’re quoting (and likely making up, but I don’t care enough about this to look) aren’t really relevant, I’m talking about real women’s real life experience.

So one comment ago you were telling me to look at statistics, now it’s real life experience that matters.

BTW, just search and you will find data, for example https://www.abs.gov.au/statistics/people/crime-and-justice/recorded-crime-victims/latest-release, https://www.statista.com/statistics/423245/us-violent-crime-victims-by-gender/ (which shows 2022 is essentially identical, but quite a gap in 2021), etc. Note that I am searching generic violent crimes. In terms of murders men are quite universally in higher number.

Again, talk to women. Or if you can’t do that, read what actual women have to say about this subject. Do you not value the opinions of women? Do you not believe them when they speak about their personal experiences?

This has nothing to do with my argument. I am not contesting women (need to) fear for their personal safety in public. If I were a woman there would be a host of additional things I would worry about. What I am contesting is the way you present this fact, as if the difference between men and women was a 0-100 difference, when it’s not.

I don’t really see the reason to make up bullshit exaggerations to drive a point that stands on its own without them. Women have to worry and do worry differently, both in terms of quality and quantity than men when they go in public. There are certain risks that in public are fairly irrelevant for men, which doesn’t mean “men have nothing to worry about”. There are also certain risks that are much smaller for women (e.g., getting into a fight in a bar because some dude’s ego was hurt and needs to assert being the alpha).

Why is it necessary for you to make a completely unrealistic assertion (which BTW disregards my opinion as man while talking about men, so “Do you not value the opinions of women? Do you not believe them when they speak about their personal experiences?” cit.) to support a very reasonable thesis? Do you think people can appreciate the safety issue for women only if they contrast it with a completely opposite (i.e., no issue at all) situation for what concerns men?

All the crimes I have mentioned are statistically way more likely than sexual assaults, a crime that notoriously happens mostly within one’s home. So what you just said seems to me completely in antithesis with the original message.

Also, I completely disagree with your assessment. I live in a perfectly safe city and country, but when I travel I sometimes also go in worse areas, and most importantly I don’t even know whether I am in a “bad neighborhood” or not, because I don’t know the place. Hence I worry for my personal safety, which is exactly what prompts for those basic measures that you listed (and more), such as not flashing wealth unnecessarily. You do this exactly because you are aware that man or not you can be victim of such crimes just as much. In fact, statistics show that men are more likely to be victims of violent crimes in general, so I am not really sure where your core thesis come from.

Also worrying is not being terrified, is understanding a risk exists and taking precautions. Either way, this idea that as a man you have nothing to worry about is completely idiotic.

Because robberies and mugging do not exist, because I should not worry about them or because they don’t happen to me as a man?

When men leave the house, the worst thing we walk around in fear of is ridicule and rejection.

Do you live in a cartoon? Seriously, this is complete nonsense. I worry about my personal safety very often, when an environment presents certain risks (e.g., getting robbed, mugged etc.). It’s true that I don’t generally fear to be sexually assaulted by a woman, but to say that men don’t (need to) worry about their personal safety is completely absurd.

Sure! FYI, simplelogin can create aliases with prefix! I usually get service-{random 5 chars}@simplelogin.com, so you can still sort by folder using prefixes.

You should definitely be! I take backups every 6h for my self hosted vaultwarden (easier to manage and to backup, but not official, YMMV). You can also restore each backup automatically and have a “second service” you can run elsewhere (a standby basically), which will also ensure the backup works fine.

I have been running bit/vaultwarden now for I think 6 years, for my whole family and I have never needed to do anything, despite having had a few hiccups with the server.

Don’t take my word for it, but the clients (browser plugin, desktop app, mobile app) are designed to keep data locally I think. So the term cache might be misleading here because it suggests some temporary storage used just to save web requests, with a relatively quick expiration. In this case I think the plugin etc. can work potentially indefinitely without server - something to double-check, but I believe it’s the design.

Interesting! That’s very close to this blog post I read long time ago (unfortunately medium.com link)! Are you actually sending emails from those addresses? Like if you need to drop an email to your bank, do you use the banking one or your personal (or something else)?

Fwiw, I do something similar. I use a mix of domain aliases without address (e.g. made-up-on-the-fly@domain.com) and actual aliases. Since I have proton family (and the same when I used ultimate) I have unlimited hide-my-email aliases, so I have it integrated with my password manager, and I generate a random password and email for everything I sign up now. These though are receive-only addresses. In fact, with this technique I probably use 3-4 addresses in total, but I have probably 30 domain addresses that go to the catch-all one.

Spam on these addresses are basically non-existing and you can still create folders based on recipient without having a full address (e.g. bank1@domain.com, bank2@domain.com). You can make folder categorization based on recipient regex and this way you also have the “stop bothering me” option: if some email gets into the wrong hands, you can create a spam rule for that dedicated address. However, my approach is that all of these are used just to receive emails, to send I have just a handful of actual addresses or -if really needed- I can create on-the-fly an address from a catch-all one, send the email and then disable it again (so it doesn’t count towards the limit, but I still get inbound email to the catch-all).

Nice setup anyway!

Your requirements are totally fair tbh.

That said, I think you can use aliases for the use-case you have, you don’t need full addresses. Proton supports “+ aliases” as well, so name+service@domain works, and most importantly they support catch-all addresses if you have your own domain. I now use actual aliases (the ones from simplelogin), which I generate on the fly, but if you can use whatever@domain and it will be redirected to your configured address. You don’t even need to create this beforehand, so many times I was around and had to give an email address for some reason and I just made up an address on the fly. As long as you use your domain, the catch-all will get the email.

So the 10 addresses only include actual addresses, the ones you can write from. You can have as many as you want to receive emails (which is generally the use case for signing up to services, right?). Just a FYI in case tuta supports the same and you are making more effort than needed!

If XMPP were to replace emails, that would’ve been great

Who knows :) But XMPP also needed all kind of extensions to support even relatively old security measures.

Anyway, I still don’t trust Proton. Have a great day.

That’s fine, you can trust who you want, of course. The important thing is to have clear the risk model.

Encrypted or not, the fact that someone else has it stored somewhere in their computers is dangerous.

Of course. You are simply over-representing this risk, though. Besides, regular people realistically don’t need to worry about Proton being backdoored, because their device is 10-100x more likely to be breached instead. Security is not a binary, it’s a shade. Performing a software update is also “dangerous”. Do you check every time you update the software its code, to verify no malicious backdoor is there? No, exactly, you trust the maintainers and the package infrastructure.

The only recommended way to store private keys are offline and encrypted.

So you don’t store them on your device(s) (encrypted)? I store my GPG keys that I use to sign software on my yubikeys. That said, email is something I check from my phone and multiple computers (as most people). Do you really use a hardware key to do on-the-fly decryption, every time someone sends you a message, from each device?

As a security engineer, I also generally discourage such absolute “recommendations”. My threat model is different from a regular Joe threat model, and both are different from Snowden’s. There is no such thing as “only recommended way”, because this is not a religion, it’s a risk decision. Most people use Gmail, where the content of their email is literally available server side. Those same people can gain privacy and security using GPG via Proton, and in their threat model “provider gets compromised and software backdoored” is completely irrelevant. Is it relevant in your threat model? Good, then yes, you should only store keys offline and encrypted. Actually, you shouldn’t use email at all, and you should use dedicated tools and protocols that are meant for security, where metadata is not transmitted in clear text, for example. You should also have virtually no session duration and perform a full login with 2FA every time, you should probably access the software that you use to communicate only from a secure machine dedicated for the purpose etc…

I think you trust Proton a bit too much.

I simply have clear in my mind what my threat model is and what risks are acceptable. I perfectly fit in the “Anyone with privacy concerns” category in the threat model they built. What about you?