Mikelius

I’ll have to check out TrackerControl, that’s a new one to me!

I have seen app manager but currently use AppOps. I didn’t recommend AppOps above because I’m not sure it’s still supported or not, and it’s also not really Foss. It’s treated me well over the years, but I’m definitely interested in finding a better alternative. The last time I checked app manager, it wasn’t as good… But maybe that’s changed as it’s been several years now so I think I might be due for looking at it again!

My wireguard connection on my phone connects to my home network to an pi hosting my internal VPN… But the network is completely covered by a mullvad VPN through opnsense. I’ve got pihole setup using the mullvad anti-trackkng private DNS. With this setup, the only real need I have for root on my phone is because I do some pretty low level automation on it through crond and some backups of core app data that I’d really hate to lose… And the complex firewall rules lol.

This is where rooting the phone is required. I use wireguard without root and have AFWall granted with root at bootup so it doesn’t require acting as a VPN

1. AFWall+ firewall to allow list apps to internet using your preferred method (e.g. VPN, wifi, data, etc)
2. PcapDroid to help monitor and analyze packets, or to just confirm things aren’t communicating unexpectedly
3. AdAway if you’re not using your own dedicated dns over a permanent VPN connection

If not all 3 of these, AFWall is probably the best to go with. Having a way to not only block Apps, but also define your own custom firewall rules is very powerful. For example, I redirect all DNS requests to my own DNS with a custom rule (for apps, like Termux, using hardcoded DNS lookups instead of what the phone is set to)

I totally thought because of how long the equals looked, it was multiple equals characters, not just >>= lol. That’s what got me confused. Don’t think these are things I’d personally use but each to their own preferences right xD

What is that weird >>=== symbol? Looks like a cross breed between C and JavaScript here.

Try using the private IP options instead and see if that works. The generic one being 10.64.0.1, but other options that include ad voicing and such ranging from 100.64.0.1 to 100.64.0.25 or something like that. I’ve got my entire network setup behind their VPN and a a pihole pointing to one of their private DNS addresses without any issues. I left their pubic DNS years ago so that I could make sure my DNS requests were always within the tunnel instead

I hate short variable names in general too, but am okay with them for iterators where i and j represent only indices, and when x/y/z represent coordinates (like a for loop going over x coordinates). In most cases I actually prefer this since it keeps me from having to think about whether I’m looking at an integer iterator or object/dictionary iterator loop, as long as the loop remains short. When it gets to be ridiculous in size, even i and j are annoying. Any other short names are a no go for me though. And my god, the abbreviations… Those are the worst.

Even if a game doesn’t look like it’ll work based on protondb, try it anyway. Many times I’ve had games that were marked as low ratings start up without any changes lol. I remember even when d4 beta came out, I saw people struggling to install and play it on the first weekend… Worked out of the box for me.

I also use Linux mint with cinnamon… Is this not just the Ctrl + Fn + arrow key? I think that’s it, or maybe shift (not at my computer to check). Either way, I use this all the time to fit windows either on 50% of the left or right, or in one of the 4 corners. For example, if I want it in the top right, I just use the hot keys and target right then up.

I tend to find out about vulnerabilities before it hits the news outlets from the rss feed at https://seclists.org/oss-sec/

Other than that, I’ve got a bunch of other security feeds I follow and also have automated updates with just about everything.

I personally use it on a protectli with the 2.5G ports. I also replaced my ISP modern with a protectli running OpnSense. Decided to opt into that as my solution to have two different softwares protecting my network and also so I could scope internet facing devices at the OpnSense level instead of internal to the network. Just in case they get compromised, they can’t access the rest of the network. Call me paranoid… But I also find it much easier to manage lol.

Just to get it out there… I checked this out about a year ago. It’s not completely open source. The project consists of many executables and “pre complied dependencies” that don’t appear to share matching checksums which may indicate modifications of some sort. Looks like a great tool, but I’m extremely skeptical of what’s going on under the hood.

Hopefully they do truly open source it and prove me wrong, I’d love to give it a try some day.