Atemu

Ah I think Windows does this "helpful" thing where it installs its bootloader into the ESP of any drive if it's already present rather than the drive you explicitly told it to install onto.

You didn't have anything in it yet, right? Unplug all other drives and then re-install Windows onto the drive. It should work as expected after that.

IIRC Pop!_OS sets the systemd-boot timeout super short; you have to hold a key after the firmware is done or something to get to it reliably or simply increase the timeout (1s is enough, I have it set to that on my systems). systemd-boot should give you the option to boot any windows installation though, it can auto-detect them.

I have absolutely no Google services in any of my devices

Well, that misses the entire point here. µG is "Google services", just a rather minimal implementation. You're talking about an entirely different scenario.

while it is true that Google can still see a lot of what goes on in my browsing, they cannot point any of that browsing to me, because I do not exist for them anymore.

They sure can. The identity may not have your clear name attached to it but that's of little relevance; it's still linked to you. Pseudonymous != anonymous.

There's tonnes of ways to map between pseudonymous profiles and real names if you wanted to but there's no real need to do that as they can deeply violate your privacy for immense profit without any clear names involved. That's the perverse thing about these data krakens.

I’m sure they do keep the data they gathered from me when I used Google accounts, and there’s little to nothing any of us can do about it, so stopping providing them with more personal identifiable data is the next best thing we have.

The Google accounts' data itself should actually be deleted if you're in a jurisdiction with half-way effective privacy laws. The shadow profiles they collect on you to this day however...

One of the advantages of having Unbound + PiHole/Adguard home, is that caching DNS, keeps most requests within my network for the translation to IP, so while my network does have to go outside every now and then to refresh translations or to get non-existing ones, it’s minimal in comparison to the regular user.

It's by no means a bad setup but I don't see much of a privacy win in it w.r.t. outgoing connections. Such DNS-based tracking outside of your home network simply isn't a huge data leak if you're not using known-malicious DNS servers and those can be changed using one dead-simple setting present in pretty much every SOHO gateway.

Some apps such as Signal implement their own push implementations that you can opt to use and they usually suck; unreliable, huge battery drain or both.

Some apps implement support for Unified push which works great IME.

Most apps rely on Google though and it sucks. Some of the risk can be mitigated by using µG rather than the regular Google surveillance services on your device. Push notifications work rather well but it's not without compromise in other areas.

/thread

I can highly recommend !fairphone@lemmy.ml if you want to avoid this situation in the future. Had she dropped a Fairphone 4 instead, this whole endeavour would have been £80, eight Phillips screws, a few clips and 10-20min of your time ;)

https://shop.fairphone.com/shop/category/spare-parts-4?category=4&filters=33
https://www.ifixit.com/Guide/Fairphone+4+Screen+Replacement/152942

They're going to be 2-3x than what you had in mind though. Here in Germany, you can get the FP4 starting at 400-450€ and the somewhat recently released FP5 for 700€. No idea about UK.

IMO it's worth it though.

Typically they only accept connections from addresses allowed within your tailnet, but there isn’t anything particularly complex about how funnel allows any incoming address.

P2P wireguard connections that is. Funnel needs to accept arbitrary connections.

Further, like most of tailscale’s operations, funnel isn’t requiring them to host or even proxy any significant amount of data, it’s just directing incoming connections on that domain to a device on your tailnet.

And how is that supposed to work without proxies? You can't just point DNS at some device's public IP and then expect everyone to be able to connect to it; that's not how firewalls work. TS IPs aren't routed on the public internet either (100.0.0.0/8 is IANA reserved).

AFAIK the way TS has always worked is that it does its P2P magic to build WG tunnels between devices and then does regular IP over those. IP traffic cannot go between devices otherwise (unless they're on the same network ofc.).

there are some advantages to using tailscale funnel in that your ip will be obfuscated and the traffic will be routed through WireGuard so potentially more secure.

How exactly is your IP going to be obfuscated without proxies? How will traffic be routed through WG without proxies?

I cannot reproduce that issue. Either site says IPv6 is working fine.

FF 121 on macOS.

it requires a lot more, which I happily have been able to implement in my home.

You have not; that's what I'm saying. TrackerControl is DNS blocking, just local on the device rather than requiring a certain network setup. Neither of them will do a dent in Google's tracking.

Montpellier residents can sign up for a free transport pass on the M’Ticket app and the TAM website. Photo ID and proof of address are required.

If fares were such an insignificant source of income before when residents had to pay, why bother ticketing at all when the only fare payers left would be an extreme minority that also happen to be your guests?
So much money spent on ticketing systems, apps, registration and other overhead that nobody needs and could be spent on improving the service instead if it was simply free for everyone. I highly doubt doing that makes any sort of profit. I don't get it.

DNS blocking is useful to have but will do next to nothing against Google's tracking.

https://blog.kagi.com/security-audit

Look into used/older Pixels.