polarhive

A fediverse enabled blog with all my latest posts

by Nathan Paul

China, heard about China in the recent days? the app bans and censoring websites in the so called name of national security and the privacy of our citizens?

Photo by Parker Coffman on Unsplash

While ironically we use American services and big tech giants like GAFAM

Google, Apple, Facebook (Instagram and WhatsApp), Amazon and Microsoft and these don't face the ban hammer under the government because of their countless privacy violations as long as they have existed and the government has no problem with American governments (3rd party) spying on us. While have problems when their Chinese counterparts do, both are very bad for you, the user and India does not have strong data protection laws yet and these companies often partner with the governments to stay afloat.

Microsoft partners with schools to trap children in using their proprietary platform and not showing exposure to alternative solutions, it goes deep down the rabbit hole having numbing effects on for the use of free and freedom respecting software and far better ecosystems.

Facebook earns $50Billion or in revenue selling your data and you seeing very relavent ads on WhatsApp and Instagram. Guess what? you get paid nothing.

More the people in their platform, more customers to sell ads to and they intern bring more profit.


The price of petrol topped at ₹84/L recently. Remember Reliance the big oil company now it's Jio. Data is valued more than oil, and everyone's fighting to get your spot because that's how these companies work.

Even right now. Microsoft, Google, apple with the other big 5 partners with the American surveillance programs called the PRISM to give direct access to your account, even though you might now live in India, Edward Snowden a whistleblower exposed this 2013.

A really bad state for companies as they push to colonizes every budding internet market including India we lose our sovereignty..

So India is indirectly under the American and Chinese surveillance programs depending on what apps and hardware you buy. For the majority Your Laptop with comes with Windows or MacOS phone belongs to Apple and Microsoft and not you. They control everything you loose your freedom because they run nonfree software.

Infact try it now a device nearby is listening for the phrases 24/7 Ok Google or hey Siri, Alexa or Cortana.

Every message sent is through Facebook via WhatsApp and Instagram. Which have backdoors in them, because they're American [PRISM] and non free. [Proprietary]

Explaining the importance of privacy is like explaining climate change except that it's not nature who's suffering it will be you. You reep what you sow. I'll assure you that you'd have to pay more for your rent, taxes, if you ignore the importance of privacy. Let's take a real life example, China people are recognized by their faces and are given a rank. its called the social credit system they don't have access to the outside world.

Test it out [https://www.comparitech.com/privacy-security-tools/blockedinchina/(https://www.comparitech.com/privacy-security-tools/blockedinchina/)] They don't have YouTube, Google, Twitter, and other things we take for granted. Instead they're in their own cocoon and anyone who speaks out gets jailed.

We're seeing this in Hong Kong, where protesters hide from CCTVs using umbrellas, using encrypted messaging apps like Signal and Telegram.

They're ahead of the curve, they're seeing the effects now. They didn't have effective data protection laws.

While we take this for granted back here. Here's something to think about as India censored apps on one side and allows privacy breaching companies on the other. While Facebook and Jio tie up together and garner market share by selling products like amazon through Jio Mart in WhatsApp, that's a huge market, 400 Million users in India alone. These apps don't respect the user's freedoms, like the British who came to India which only saw it as a mere colony.

Finally it's the user who's losing in the long term.

Here's an analogy- Using these apps is like consuming a product for example, a cake – you can see the cake, taste it, use it, eat it, but you don't know how it is made, what ingredients it's made of or its recipe and they charge how much ever we want for the cake and still you never own the cake, only I, the cake maker [BigTech] can make and sell the cake and then you get sick because of the ingredients in the cake and you have to pay a huge bill for medical recovery

Stay away from non free software.

What I fear, in the not so far future/-

  • Countries get colonized by tech giant and the ones which do not give up user data get shadow banned by ISPs, people, who are first time internet users fall for scams, get phished, spread fake news. The ad industry gets ahold of everyone's searches and people are mined on the daily.
  • A world where federation is irrelevant and using proprietary services at the cost of everyone joining you to jump on the bandwagon.

Now you might be thinking what do I do to protect my privacy at a basic level where I don't have to lose convenience.

Switch from surveillance tech giants. don't prioritize Google, use ones which are open source, privacy respecting and outside the US or 5 or 14 eyes countries.

  1. Switch to privacy focused messaging apps like Element (Matrix), Telegram and Signal and use them for different purposes each. (use disappearing messages in Signal)
  2. Use a different search engine like DuckDuckGo or SearX.
  3. Don't ever ever give your password or pass phrase and keep diverse passwords and store them using a password manager like Bitwarden
  4. Use hardened Firefox or Brave or ungoogled chromium over Google Chrome

Before we end Here's a common misconception or fallacy – 'I don't have anything to hide so why should I care?' I'm a law abiding citizen.

*Give me your password and username to any and all of your accounts as I please and let me take what I like, publish it and since you have nothing to hide right you'd agree right?? this raises some eye brows*

Why do we have a lock screen or password on our Phones. Why do we have locks in our houses why not let anyone look and hear what we do in our homes. Curtains in our rooms. You see...

Privacy is an integral instinct we developed through out generations and is as ever as important today than ever before.

Written by @polarhive@mastodon.social Image Photo by Alexander Andrews on Unsplash

What I mean by normal calls is heading to your phone app, dialing the number and hitting the call button. I have the phone app disabled on my phone **mad lad** and no I do not use WhatsApp (FACEBOOK) or any app that needs an active phone number.

WHY?

Freedom To not have a phone number, to not rent a number you don't own, when using a SIM there's no guarantee that SMSs are not intercepted and SIMs can be cloned by hackers impersonating you. Further more you have to trust these ISPs that they don't sell out or share my meta data with third parties for profit.

How do we talk to people normally, in real life? No one has a tape recorder running in their brain; logging everything, you live in the moment, no need to use 10 digit codes, worry about cellular range, or talk as though you have a transcript of everything you said and have it linked to any of your public life.

Don't get me wrong I love technology and use my glass brick and laptop to do VoIP calls and text everyday, I don't like phone numbers. It's like a fingerprint. I can host my email for cheap, control, encrypt it, delete it, forward it to a new one but I can never host my own phone number unless I'm a millionaire.

WHY ? because phone numbers are really old, landline days. Email uses the internet as a medium, one can host an email for cheap. So here's how I use the internet and switched to clear, encrypted VoIP calls ->


Things to Keep in Mind

  • You need an internet plan.

  • I'll compare phone calls to a emails.

  • A phone number – People get random phone numbers that you can never change and are limited to a certain country.

  • No Subscription model – In regions like the UAE, people have to pay for VoIP calls as a subscription. Do you need to pay to talk to your friend in real life and how much? the only reasonable fee you need to pay is your internet fee and donating to the developers (or self hosting is the way to go)

  • Verifiable End To End encryption (No compromises only you and the person you) normal calls have so many ISPs in play and you never have a common ground on any kind of encryption so forget encryption, it's a public stage.

  • Do not use closed source clients. (No WhatsApp) (Servers can be non verifiable, provided all calls are end to end encrypted and the protocol running on the client can be audited by anyone to ensure end to end encryption)

  • Anything sketchy such as on device recording, w/o the other person knowing.

  • Cross device calls – Since calls go through the internet it can be answered on the laptop, TV, phone, smartwatch, smart speaker or any device where the client app runs.


My setup

I use Telegram FOSS (MTProto), and Riot.im (Matrix) (using the Jitsi protocol), both are from F-Droid and as for the laptop I use their desktop apps (NOTE : Signal exposes numbers and is developing cross device calls but it's not ready yet, and it'll be copied by WhatsApp by that time)

Telegram and Riot are cross device, have opensource clients, free, signup via username / VoIP numbers and then ditch the number, number privacy, encrypted, usernames, cross device calls, and soon video calls (Telegram). Riot is federated and can be future proofed

If I can't find people on these platforms I use Signal mobile only as of now or I enter their email, and call them on Google Duo or as a last resort I use an online service to call them to their normal number with a cap of 1 minute.


Google Duo

It's a part of the big 5 tech giants. Only if you need to use it, use it on https://duo.google.com in a web browser it can call anyone who has a Google account. No need for a phone number from your side.

Email

it's cross device, attend at any time, on way more clients It only makes sense to use emails other than gmail because Duo calls would supersede you using gmail for emails

Online VoIP apps

like TextFree, Google Voice, a friend's landline number can be used to Signup for Signal or Telegram. You can get the login codes on previous sessions on Telegram, remember to set a 2fa passcode. Then hide your phone discover-ability and keep at least 2 sessions active, one on your PC and another on your phone. You don't need to be connected always, it works independently on the device.

If you used Signal your number is exposed so unless the fix use it with a VoIP number.


WHY NORMAL CALLS SUCK

0. Call connection issues

There are too many carriers around the world and things can go wrong due to their errors, you or your friend can get connected to a stranger, they listen in but you never know, most of the times this is a bug, when you use VoIP calls it uses open source protocols and there are rare chances of bugs, remember – no code is 100% bug proof.

Once you dial the number the call goes Over The Air through your phone's cellular network connects to the ISP's exchange does its magic and connects you to the recipient. Seems pretty on on paper.

1. Call quality

Calls over data is much better in quality, can be improved as you use them and video compression algorithms will improve as you use and give the developers feedback if you are willing.

2. Future Proof

The only thing to update on your end is the client, the app you use. The server stuff can be done easily, often no need for physical work on the medium such as phone lines or underground cables when compared to normal calls over landlines.

3. International calling and overseas charges

Get over it, these calls will always be overpriced compared to data, it was designed before the internet was mainstream.

4. Meta Data

Every call's meta data contaminates a minimum of 3 places.

  1. Your phone

  2. The ISP

  3. The caller's phone

At the most you can protect the other 2 ends but the ISP or carrier is the middle man. They can redirect your calls and you never know due to their closed source code they run and there's no way to verify it.

Most phones have malicious apps which send your phone number and call details, with other info such as birthdays, nick names without your consent.

Examples of such data mining apps are – proprietary apps like Truecaller, Facebook, Google Contacts, TikTok, MIUI.

This is sold to advertisers without your consent – and these advertisers make profiles with data points about you, send you targeted ads based off your social graph and your interaction with your friends.

If you use WhatsApp clients are proprietary you are just changing your ISP to FACEBOOK there's no proof of their encryption so treat it as unencrypted.

Not to mention the calls are un-encrypted, can be tapped by 3rd parties without you knowing, can be stored, manipulated, yada yada yada.


For reasons stated above I have a backup free VoIP number I use for Telegram and Signal.

note – Do not send texts or call this number I can not guarantee it will be me picking up as the number can get recycled or deleted and I will ditch this number in the future for any updates check my Mastodon https://polarhive.ml/mastodon

Written by @polarhive@mastodon.social Unblock domains, access websites freely and securely This article is a quick how to guide on circumventing censorship online.


What is Tor?

Tor (anonymity network) Tor is free and open-source software for enabling anonymous communication. The name is derived from an acronym for the original software project name “The Onion Router”.[7][8] Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays[9] to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis.


Step 0 : Figure if you can access the Tor Website

Visit torproject.org/download and it should look like this. Tor Project Page

Make sure you are not redirected to a spoofed website or https** is disabled.**


Then download Tor for your platform of your choice.

If you're on Android you should consider downloading Tor as an apk.

If you're on an iPhone or iPad then Use Onion Browser.

iOS : apps.apple.com/us/app/onion-browser/id519296448


If you are unable to connect to https://www.torproject.org/download

Get Tor browser over Google Play, a random VPN from your mobile App store or Chrome / Mozilla add-ons. Apple's app store or from any of the mirrors suggested below. 0. https://tor.eff.org/ 1. https://sourceforge.net/projects/tor-browser.mirror/files/ 2. https://www.apkmirror.com/apk/the-tor-project/orbot-proxy-with-tor/orbot-proxy-with-tor-16-1-4-release/

Random VPN Random VPN

Never use random VPNs other than unblocking www.torproject.org/download to get Tor. After which, you remove the VPN.


Step 1 : Re-download Tor by visiting the onion page

Skip this step if you're on iOS or Got it through Google Play Decompress the zip and Launch the Tor browser you just downloaded and let it auto setup. If you had used a random VPN the package may be compromised. To be assured download a non tampered package visit the expyuzz4wqqyqhjn.onion site in the Tor browser you first download the package, yes again over Tor. Delete / Uninstall the old Tor and and run the Tor package you downloaded right now.

Step 2 : Run Tor and get apps.

Head to https://check.torproject.org to check if Tor is working. Never change any setting or install more add-ons. It neuters the advantages of Tor. Make sure you're not running the first copy of Tor we downloaded because your internet is heavily censored and we used a random VPN. As always try to verify package signatures.


Step 3 : Further steps

Make sure you're running Tor

Read my article write.as/polarhive/digital-minimalism-on-my-phone-foss

Get tips from PrivacyTools - Encryption and tools to protect against global mass surveillance -privacytools.io privacy2zbidut4m4jyj3ksdqidzkw3uoip2vhvhbvwxbqux5xy5obyd.onion

Get Manjaro and ditch Windows or MacOS

Replace your OS and get free applications, run Linux.

Get F-Droid and Orbot for Android

Get apps from F-Droid and cut Google Play.

Get Riot, Signal and Telegram for Private communications

(Signal and Telegram require phone numbers) Use a free online one from TextNow (use a 10minutemail email) for now.

Signal website Signal

Telegram website Telegram

Riot.im website Riot // Matrix

Written by @polarhive@mastodon.social

I finished setting up my two primary alternatives the Fediverse has to offer Mastodon and Pixelfed.

Image Photo by Sourabh Gijare on Unsplash

I actively use Twitter, Snapchat somewhat, Reddit, YouTube, Mastodon and Telegram channels, to connect with friends and stay updated. What is missing here is Facebook. Read more here

I prefer to choose platform that are decentralized, has good integrations with other platforms, RSS and IFTTT support.

People don't have to be locked in to a platform, when you post something they always have freedom to opt for another medium to find your amazing work. Platforms should be fast, scalable, easy to port should I need to switch platforms / servers and have a lively community. Popularity of a platform is another concern but this does not mean you “compromise for data mining monsters like TikTok or Facebook, because everyone's using it”

A way to shield yourself from all these data mining companies is to use ad blockers like uBlock Origin over a Firefox based browser. Tor won't help you since you don't plan to go anonymous after you log in. Here a VPN would help cover your IP address.


Environment

Post or tell people about your decision of shifting your primary platform from Twitter/Instagram to Mastodon Pixelfed. They can always get your posts via RSS or visit your handle regardless they have an account or not or, if you cross-post to your Twitter handle like me. One can like posts and follow Pixelfed users if they have a Mastodon account. That's the beauty of the Fediverse.

Just imagine Facebook allowing Instagram users to follow and like someone else's Tweets through the Instagram app or follow their favorite YouTube channel with their Instagram account. This is called Federation, actively implemented by the ActivityPub protocol → Mastodon, PeerTube, Plemora, WriteFreely, Pixelfed and many many more you can discover here fediverse.party and many more fan made websites.

Here's a great guide I found!

https://github.com/joyeusenoelle/GuideToMastodon/blob/master/README.md

I connect all non-Fediverse compatible social networks like Vero to Twitter to auto post to my Twitter if I really need them. Instagram could be an option for you. Use IFTTT to auto post instead of the native post to Twitter integration found on Instagram. I connect my Twitter with Mastodon with a service called Moa to cross post. Use it to connect Instagram to Mastodon if IFTTT does not work. Then I use IFTTT to auto post to my Telegram channel with Mastodon's auto generated RSS feed for my account.

That's about it for the Twitter and Mastodon integration. Now I just post on Mastodon and anyone can get my posts.

You can join Mastodon here pick any instance which is open for registration and follow me @polarhive@mastodon.social


IRL Workflow

  1. Mastodon→Moa →Twitter →Telegram Mastodon→RSS feed found here→Telegram channel

  2. Pixelfed posts are 🔁 Boosted Mastodon and continues as the first workflow suggests. The fediverse is magic! Re-Tweets also get cross posted like 1. but in reverse. Apps

Use the PWA apps for Mastodon and Pixelfed on Firefox / Brave if you're into chrome On Tusky and Fedilab if you prefer apps. There's also Mammut I like but its in beta.


Informative fediverse.party website showing Pixelfed Informative fediverse.party website showing Pixelfed

My Pixelfed My Pixelfed

My Mastodon My Mastodon

That's how you go about fixing your social media, liberating your freedom, decentralizing and expanding your audience.

Follow my account where you'll find all my accounts here polarhive.ml/mastodon

Written by @polarhive@mastodon.social

Almost every internet user has Facebook on their phone or their provider, phone maker, friends or even your workplace knowingly or unknowingly shares your data with the F A C E B O O K

Let me rephrase that replace Facebook with Instagram and WhatsApp. And auctions your photos, texts, to advertisers and third parties. Get it?

Forced to use Facebook? Protest against such monopolizing ideology. Use libre software and services, that have the reputation of protecting user privacy.

I simply refuse to text via any of the Facebook apps (Instagram and WhatsApp)

I logged in and went to deletefacebook.com which takes me to the 'Delete my Facebook account' page and pretty Zuckerberg wants to lock me in for 30 more days. 30 days until deletion! I made use of those 30 days. I posted IG/WA Stories and set up auto reply in WhatsApp business – a short post and a link to my website, Telegram and Snapchat. Then I deleted the Instagram app from my phone the same week.

Before I made the switch I was loyally addicted to juggling between Instagram and WhatsApp. One reason! 🤦 DMs /Texting friends, followers, definitely fake accounts, fan pages, meme pages and ultimately the Direct page and Stories was the only reason I tried Instagram in the first place.. and this cringy catchphrase I bought into 'cuz everyone's using it'

But that was 2 years ago.. Today the 4th of April.

I login to Instagram and WhatsApp. check DMs and respond to each and every DM with

'I'm Deleting my Facebook account today including WhatsApp and Instagram the 2 apps owned by Facebook.

Why? because Facebook is an advertising company that profits off our data. polarhive.ml/fb contact me on Telegram and Signal or polarhive.ml/contact

This is no April fool's joke, this experiment turned to work out after 1 to 2 weeks, especially my close friends, they rang me up, quite surprised. And I'm sure none of you'll ever read the Terms and Conditions and Privacy Policy.

I got to know how toxic internet communications are

monopolistic data mining companies exploiting YOU. Like gold mines or should I say Data mines. Where in the illusion of free, and peer pressure you are the product for their billion dollar business.

I opened up VLC and started recording how I deleted my accounts, in satisfaction uploaded a video a day later. First was Facebook, then WhatsApp, then Instagram, boom finally ridden. Facebook should be obliged not to have any profile on me after this.

Which I know they surely do, even after this fiasco. It's called shadow profiles. To serve you ads off Facebook and who knows what not?

I’m better off without the zuckership.

I'm officially out of the Facebook jail.

Without the big 5 tech titans. Utilizing FOSS software. Written by @polarhive@mastodon.social

Image

Before you ask me what phone I have. Let me tell you that it’s different. I have a vince 32/3 GB — Xiaomi Redmi Note 5 India. A mid range Xiaomi phone with a Snapdragon 625 it works for communication, entertainment, photography and utility.

I prefer to use FOSS apps and strengthen my privacy online without much dependence on the big 5 tech titans. Here’s how I do it..

Read this XDA thread for flashing ROMs if you don’t know the a b c of switching your OS

  • First up unlock your boot loader, they make you wait 360 hours as a buffer period. (Xiaomi doesn’t want you to get rid of their MIUI)
  • Flash the latest Orange Fox recovery.
  • I switched my ROM or firmware from Xiaomi’s MIUI (Oreo) to CrDroid 6.6 based off LineageOS(Q) and flashed Magisk
  • This MicroG installer for MicroG support which some apps need.
  • Reboot and setup your device. —- Here’s what’s different from your average expectation from a phone

It runs Android, but without Google or the big 5. No ads, spyware, lag or battery draining apps.

No locked Google apps, none of the ad infested Facebook apps or random Chinese CM apps, Tencent, WeChat or TikTok. They are tuned to make you feel addicted and blind you into not even looking at any of the better alternatives. It’s called the Network Effect


I do not make normal calls

I am not a fan of giving my phone number for everything. Non encrypted old school calls that suck in voice quality and frequently get connected to a different person because of call connecting issues between ISPs. Calls are based on personal and traceable phone numbers and not cross device and bar your freedom from authoritative ISPs especially ISD calls. They cost so much when data charges are dirt cheap.

Solution?

Make VOIP calls, simple as that and never give your mobile number you could always give a landline or virtual number. I also hate when call logs and other meta data are sold without consent because call logs and their meta data is available to all the apps on your phone and if you used Signal or most Messengers — meta data stays in the app and not with the phone. Note : if you’d use Messengers like ones from Facebook, WhatsApp then you’re better off using normal calls because they sell your meta-data to bidding ad companies.

We are heading into a future of VOIP calls with the Facebook monopoly; WhatsApp calls, Discord, Skype, Google Duo, Signal and Telegram and Riot. Plus you get group / Video Calls too. Read my article write.as/polarhive/why-i-dont-do-normal-phone-calls

Utilize apps without the 5 big tech giants

That means no Google, Facebook- WhatsApp, Instagram, Messenger, (Skype) Microsoft, Apple (iMessage) and Amazon apps on my phone.

If you really really need them for example — Amazon to buy some exclusive goodie use their website on your laptop or your phone, compartmentalized. Follow this practice with Instagram, Facebook. Use apps from F-Droid.

List of Suggested Apps

  • Aurora Droid [an F-Droid client] to get apps from F-Droid and various other repository
  • Telegram FOSS My go to messaging app
  • Signal Another messaging app but heavily based on phone numbers like WhatsApp
  • UntrackMe To unshorten links and open them in invido.us and nitter.
  • RiotX a federated messaging app
  • NewPipe for YouTube and SoundCloud
  • Fedilab / Tusky for Mastodon/Pixelfed and the Fediverse
  • Nextcloud to sync my cloud files
  • DAVx to sync my cloud calendar and contacts
  • Lawnchair as my Launcher / Home screen
  • Magisk Manager to manage Magisk modules and SU access
  • Potato Notes an amazing MD Note Taking app
  • Wikipedia for offline viewing and contributing to articles
  • Open Camera to take photos
  • Jami as an alternative to Skype/WhatsApp
  • VLC to play videos
  • Bitwarden as a great password manager
  • Infinity for Reddit
  • ! Authy for syncing 2FA codes
  • ! MiXplorer as my File manager
  • Firefox Preview as my browser
  • AF Firewall to block internet access to ! proprietary apps
  • OSMand+ to navigate and map new places
  • Aurora Store an alternative to the Google Play store it fetches apps and installs them if you can not find the app as an apk or on F-Droid like proprietary apps like ! Snapchat
  • ! mean proprietary apps Image

I hide most apps on my home screen

So this means I keep the apps I use on a daily basis and disable or hide them from my home screen to prevent wasting time on my phone. I actively use Signal, Telegram, Camera, NewPipe, Firefox and Tusky

Here is how that looks –> Image

The rest are used once a week or in 2 weeks I never keep stale apps enabled if I don’t use them.


I also encrypt my phone with a strong lock screen password with monthly house keeping cleaning unwanted apps. Backing up photos. Updating software