If your using good 2fa auth. and generated passwords you probably OK. It wasn’t stated you had good measures in place. I was thinking more identity theft situation where someone could compromise your financials. If all they have is some medications, insurance, and basic info you really don’t have major concerns. Now if they have your DoB, Social Security, Address, etc then that’s where locking down all your accounts would be more appropriate. Your post sounded more severe than your reply here so that lead me to believe it was more dire.

Change all your important account passwords, enable encryption where you can at rest and e2ee in transit, and enable 2FA to send to a device you know is in your possession like a SMS to keep an eye out for failed logins and such.

They’ve had these systems since the 90’s. There’s a documentary about a guy that got caught from one of these its on Netflix. I forget the name. If I remember I will edit this. He went through an insane amount of court documents and files to uncover LE has been illegally using Stingray systems and other custom made devices in cars for decades. They pinpoint physical location down to the square foot.

Edit: Avoid all networks but 5G if possible, use reputable VPN, VOIP. There are apps the send you notifications if your connected to insecure network types one on Fdroid is 5Gcell. The documentary is called Web of make believe: Death, lies, and the internet. Daniel rigmaiden is the guy who exposed the system. Highly recommend if you wanna learn to watch it.

Boot up from a USB drive that’s what I did. I was just about to add the merge list in the update manager as well. Keep me posted if it didn’t work. Best of luck.

Yea that’s it. I couldn’t remember what the options were and I was going to sleep. I’m back online and if you give me a few minutes I can do my best to help. Clear all the options you can and try running sudo apt get update. Sometimes where there’s an input output error it can also be a hardware issue such as a bad block on the drive preventing anything from writing to that block. Go to disks. Find your main drive and repair it, then check it the option above repair. After those two repeat the remove dependencies and duplicate/foreign packages. Finally sudo update. See it that helps.

I fixed this issue on mine and it took me a few tries, while I’m not currently on my PC you should be able to find some tab along the page you can change the mirrors and it says something like clear packages and there’s a few options on a small boxed list deal. Perhaps something like remove duplicate dependencies I really can’t remember the boxes so don’t quote me. You clear all of them that mention remove or clear. Change mirrors then Sudo update your APT then I switched back to the main Jammy is it? Worked for me. I could better help once I’m back to my computer. It happened to me a few weeks ago as well so my memory is hazy. If your still having trouble in 12 hours once I am able to get to my computer I will help you best I can.

Hahaha

Sometimes I think their all honeypots regardless of brand or documentation proving otherwise. Its the easiest way allowing people to auto filter themselves into more likely to be nefarious without overhead and legwork. Analog or bust.

What is unprivate about brave software? Assuming all telemetry is turned off and the browser is configured for strictest of settings no crypto, no ads, no telemetry, no java, session cookie delete, ect ect. Do we have RCP happening phoning home? I have never set brave up behind traffic analysis to see what outbound traffic gets sent that was not from the user. This can be directed towards desktop and mobile.

Besides the above the only off putting thing I’m aware they have done is installed their VPN software without permission on dekstop which I found myself before I seen the news about it. Edit wording.

My as well put a billboard up with lights and flashers haha. Giant bat signal perhaps.

Brave has been thoroughly tested from many privacy advocate organizations EFF and more known names using default settings and ranks as the highest overall rated fingerprint resistant and anti tracking protected browser, again at default settings I have ran many tests once configured and get even better results even against librewolf with and without extensions and vanilla Firefox with privacy badger and ublock ect as well as without. (I use librewolf on desktop for those who are gonna down vote this) Gecko based browsers are advised against on Graphene and is spoken in length about on reddit from one of their Devs. Chromium and google is a bad combo sure reliance on Google and all to begin with, but so is supporting Google to degoogle with a pixel device. Could brave be a honeypot? Sure and many other services. So could VPN providers and any service for that matter. The biggest advantage I see using Firefox is promoting a non google alternative and balancing the scale against googles monopoly. In some cases Tor adds risk due to it being a giant vacuum for govt or other malicious entities looking to snoop. Its like taping a sign to your traffic. I think it serves a purpose but that varies from each persons use case.

Edit typo.

Wouldn’t chats be stored locally though? So even if the service was shutdown the app and its local contents would remain. Or does the service load chats after connecting to the home server, then your scenario plays correctly. Matrix doesn’t offer ephemeral messaging which would be a stop gap in this case if stored locally. I’m not familiar with Matrix.

Its my understanding the metadata is only stored on the home server that runs for the clients, so under a self host scenario the hoster would be the only party that could access such metadata. One big con to Matrix is that it lacks ephemeral messaging so I’m not sure if chat history is stored on client side once the server goes offline? I cannot find an answer through browser search or documentation. Couldn’t the hosted server be restarted anytime and it would essentially delete the metadata generated each cycle and chat history as well because the chat room would be deleted? Or ran inside say persistent Tails and with a device shutdown or unplug all data would be wiped due to its ram only nature while persistence only keeps the base setup of matrix not a full carbon copy so a new chat would be generated each power cycle. Similar to VPN services running on ram. Thoughts anyone?

deleted by creator

I hate relying on anything big corp for privacy. Thanks for the reply and I’ll keep this in mind. It seems so far matrix chat is the only e2e chat that can remove the conversation from an individuals device once their removed from a room. I will have to do deeper research into matrix to see it it fits my use cases. I’m just not sure how it stacks up against other big name chat platforms as far as security/privacy goes. I’ve heard of it before. Never deep dived into the data.

Will do thanks. I don’t care about social graph being visible so long as there isn’t identifiable info during sign up. I’d much rather self host as needed. But what if matrix was self hosted on a hostile network. Under VPN from both sides. Say matrix was running from a hotel WiFi. How would one secure the service.

This is called ephemeral messaging. A good feature of many apps. But doesn’t serve the same purpose for which I am asking. Thanks for mentioning another option other than the usual messenger apps. This is the description for others copied from a basic browser search.

Keybase is a key directory that maps social media identities to encryption keys (including, but not limited to PGP keys) in a publicly auditable manner. Additionally it offers an end-to-end encrypted chat and cloud storage system, called Keybase Chat and the Keybase Filesystem respectively.

Website here for those interested in reading about it -> https://keybase.io

Using scifs is widely known and of course a good addition to certain threat models. But doesn’t account for distance of individuals. My post was inferring distance between parties. That is why I talked about messaging clients and their features. For times when parties cannot possible be in person, also this is for everyday use not one time, I’m asking about a messaging client and feature set. Otherwise very good info here for others to learn and read on. Good post! FYI its worth reading on Pegasus and their zero click infection capabilities and multiple zero day exploits.

I’ve been interested in looking at matrix due to its decentralyzed nature, and self host capability. But as much as I love to self host certain things. Self hosting isn’t always the shining example its portrayed as. That comes with its own security/privacy flaws. I will do some reading on matrix and learn about the features. Thanks for shedding some light on the actual topic at hand.

Edit for matrix info which can be found here for those wanting to learn more. -> https://matrix.org

Many replies here have misconstrued the total objective from my post… Of course someone could screenshot or disconnect their device. I am not looking for a foolproof feature or system. I understand compartmentalization. I do not need scenarios listed where this type of feature is useful. I understand my threat model and this is for a chat messenger not in person. You mention revokable access. But does that still leave the file on the lost,stolen device? Revoking access simply sounds like locking a file with encrypted keys. Thus it still exists on the stolen or lost device. Which means at some point or time future or otherwise a 3rd party could gain access. By all means correct me if I don’t understand.