Pixel 7a is more expensive than Pixel 8a???

100% if you have enabled “Safe browsing” (which is enabled by default). This also applies to Firefox, but I don’t know if there is enabled by default.

Favourite: GrapheneOS

Others that I like: Monero Librewolf SimpleLogin MullvadVPN PiHole

I was usimg TPM on my Arch laptop, but then I swizched to a fido device - nitrokey.

Damn thats interesting! I would love to get one but currently I wouldn’t pay 500$ because I don’t have enough knowlage yet to do fun things with it.

Nitrokey

Yubikeys are defenetly the most popular ones, but I prefer Nitrokey which is based in Germany and open-source. I have 3 Nitrokeys and I’m very happy with them.

I have an IdeaPad and I can confirm that I can physically remove the Wifi card.

True but then you actually have to remember the password. Or you can use an USB key to store keyfile or a hardware security key like Nitrokey or Yubikey to decrypt it.

Yep, its stupid. But its not online service, you just have to be installed and have file permission, thats it.

Hardware tokens are handled by Google Services and not by Android itself :( That means you have to have Google Services installed if you want to use your Yubikey.

For banking apps I recommend to have in seperate profile (like you wanted) together with Google Services. You should also disable everything under Exploit protection section in settings for every banking app.

I would do the same but it uses too much battery for me so I had to figure out how to self-host ntfy and mollysocket.

Or you can uninstall/disable google services and inatall something like ntfy. Molly-UP (signal fork) supports that.

Not with Molly (hardened signal fork)

Yes but you have to do that for each service if I understand correctly.

I switched from Docker to Podman, because Podman is more secure (if rootless) but it was just hard to autostart containars. You have to start one by one because they don’t have a central service like docker. And watchtower and nextcloud AIO don’t work on Podman. So I switched back to docker.

Personaly I would trust Nitrokey, but I don’t have to.

Looks nice, I’ll try it!

I’m already building the website ;)

It’s private if you give email alias and pay with crypto or prepaid cards.