Don't use VPN services. (For anything else than their intended purpose, which is NOT anonymity)

https://schub.wtf/blog/2019/04/08/very-precarious-narrative.html

https://gist.github.com/joepie91/5a9909939e6ce7d09e29

TL;DR: Using a VPN does not make you anonymous and you shouldn't trust "no log policies".

Use Tor for browsing.

VPN protocols:

OpenVPN vs IPSec, WireGuard, L2TP, & IKEv2 (VPN Protocols 2019)

What are VPN protocols and why do you need to understand the different options?
— What is IPSec?
https://news.1rj.ru/str/BlackBox_Archiv/66

— What is IKEv2/IPSec?
— L2TP/IPSec
https://news.1rj.ru/str/BlackBox_Archiv/67

—WireGuard
— PPTP
— SSTP
https://news.1rj.ru/str/BlackBox_Archiv/68

— OpenVPN UDP vs OpenVPN TCP
— What is the best VPN protocol?
— VPN protocols conclusion
https://news.1rj.ru/str/BlackBox_Archiv/69

Why you should not use Tor with VPN (neither Tor over VPN nor VPN over Tor, unless you have some special needs or you cannot access Tor even using bridges):
https://write.privacytools.io/my-thoughts-on-security/slicing-onions-part-2-onion-recipes-vpn-not-required

Another POV on the matter:
https://matt.traudt.xyz/posts/you-want-tor-24tFBCJV.html

https://matt.traudt.xyz/p/mRikAa4h.html

#OpenVPN #IPSec #L2TP #IKEv2 #WireGuard #guide

📢📢We're moving most of the notes here, so don't pay attention to new messages📢📢

https://news.1rj.ru/str/NoGoolag/1170

https://news.1rj.ru/str/BlackBox_Archiv/322

Custom iptables noscript to block ASNs of multiple companies such as Google, Facebook, Microsoft.. (configurable), compatible with GNU/Linux, FreeBSD and Android:

https://notabug.org/maloe/ASN_IPFire_Script

Follow the guides on the linked website carefully. This may block more than you wish to be blocked.

Some recommendations about the use of AFWall+:

✅ ALLOW CONNECTION ONLY TO TRUSTED APP

ℹ️ Allow only apps that require Internet (For example, a file manager doesn't need internet if you don't use its FTP/other network features).
ℹ️ In order to have the time correctly synced and keep working apps that require root and Internet connection you must also allow connection to ntp and root.
⚠️ Don't select "Any app" or all of your entry previously inserted become useless.


✅ PREVENT DATA LEAK DURING SYSTEM STARTUP

[MAGISK]
1️Preferences > Experimental > Startup directory path of noscript > > Select/sbin/.magisk/img/.core/service.d/d/
2️⃣ Tick now "Fix startup data leak" checkbox.

[LOS su ADDPreferences > Experimental > Startup directory path of noscript > >ript > /system/etc/init.d/d/nit.d/
2️⃣ Tick now "Fix startup data leak" checkbox.

from @qd_invitation

Only way to backup apps without root is with ADB (Or TWRP).

Read:
- https://android.stackexchange.com/questions/28296/how-to-fully-backup-non-rooted-devices

- https://android.izzysoft.de/articles/named/adb-for-end-users#backup

- https://android.izzysoft.de/articles/named/android-backup-options?lang=en

Backup apps:
- OanBackupX: https://f-droid.org/en/packages/com.machiav3lli.backup/ (open source)
- Titanium Backup: https://play.google.com/store/apps/details?id=com.keramidas.TitaniumBackup (not open source, but reliable)
- Swift Backup: https://play.google.com/store/apps/details?id=org.swiftapps.swiftbackup (not open source, gapps necessary)

Things to delete

Whatscrap
• https://news.1rj.ru/str/NoGoolag/1359

Fakebook
• https://news.1rj.ru/str/NoGoolag/1358

Goolag
• search #deletegoogle in @NoGoolag, or read:
• https://news.1rj.ru/str/NoGoolag/1848
• https://news.1rj.ru/str/NoGoolag/1822
• https://news.1rj.ru/str/NoGoolag/1764
• https://news.1rj.ru/str/NoGoolag/1748
• https://news.1rj.ru/str/NoGoolag/209
• Google also excersises tyrranical control over devices, not granting the owner the freedom to use their devices as per wishes.
• https://gnu.org/malware/malware-google.en.html
degoogling guide(s)
• https://github.com/tycrek/degoogle
Apple
• https://gnu.org/malware/malware-apple.en.html
• https://www.vox.com/2017/12/22/16807056/apple-slow-iphone-batteries
• https://gizmodo.com/apples-favorite-anti-right-to-repair-argument-is-bullsh-1837185304

Baidu
• poke around the code, and bask in the glory of com.baidu.bbb.analytics

Deodexing services.jar (Tried on Android Pie)

REQUIRED: MacOS or Linux machine (Cygwin, windows, or whatever you have may not work)

♦️ Checking

1. In TWRP find /system/system/framework/services.jar and pull it to your PC

2. Extract it using "unzip" or "jar -xvf"

3. Check if the jar file has classes.dex
-- IF IT DOES - You don't need this, use Nanodroid Patcher directly
-- IF IT DOESN'T - Continue

4. Go to /system/framework/oat/[your arch] or if that doesn't exist /system/system/framework/oat/[your arch]

5. Check for "services.vdex". if you have this, you can continue. Otherwise, you're screwed

♦️Preparation for patching

6. Make a new directory somewhere and enter it via git.

7. Clone vdex Extractor from here: https://github.com/anestisb/vdexExtractor

8. Enter vdex Extractor and follow the instructions on the github page to compile it (I am not spoonfeeding you guys)

9. Now, pull the framework folder from your phone by doing "adb pull /system/framework" or if that gives nothing "adb pull /system/system/framework"

10. Open the framework folder and copy services.jar somewhere safe as a backup

11. Create a new folder named "input" and make another copy of services.jar in there

♦️ Extracting vdex

12. Put the vdexExtractor bin into the main directory, or perhaps /usr/bin directory or /usr/local/bin (depends on your OS) so you can execute the bin from anywhere

13. Copy services.vdex from the framework folder (step 4) to the main folder

14. Extract it using
"vdexExtractor -i services.vdex"

15. You should get a services_classes.cdex file

♦️ Converting cdex to dex
(These instructions are very vague on the github for vdex extractor, so I'm fixing your problems here)

16. Go to this link:
https://github.com/anestisb/vdexExtractor#compact-dex-converter
and download a standalone build for your system (I used MacOS).

17. Extract and copy the [compact dex converter] folder to the main folder

18. cd into [compact dex converter]/bin

19. Execute ./compactdexconverter ../../services_classes.cdex

20. This should create a services_classes.cdex.new file (This is the .dex file, they don't rename it to .dex for some reason). Rename this file to classes.dex

21. Copy classes.dex into the input folder.

22. Now type "zip -j services.jar classes.dex"

23. Push input/services.jar to /system/system/framework

24. DONE, now flash nanodroid patcher

su

pm disable com.android.captiveportallogin

settings put global captive_portal_detection_enabled 0

settings put global captive_portal_server localhost

settings put global captive_portal_mode 0

Reboot

According to kuketz:
https://translate.googleusercontent.com/translate_c?depth=1&pto=aue&rurl=translate.google.com&sl=auto&sp=nmt4&u=https://www.kuketz-blog.de/android-captive-portal-check-204-http-antwort-von-captiveportal-kuketz-de/&usg=ALkJrhi5Tb27og7-1NQwSQZK62gVFeUskw

According to prophet madaidan:
The captive portal is just an empty HTTP request to check connectivity. It's not used for tracking and contains no information. It worsens usability and makes you stand out as every other device on the network connects to the captive portal after connecting but your's doesn't.

1. Download and install Shelter from FDroid

2. Set it up to use Android Work Profile

3. After setup, disable everything shown in the work profile except files (and contacts if present)

4. Download and install discord but DON'T OPEN IT

5. Go into Shelter and tap on discord

6. Select "Clone to Shelter"

7. Sign into discord

8. Hide the notifs saying discord doesn't work with play services (goolag trying to trick you)

If there is a captcha: Select "Having trouble?" and open in browser. This will allow you to properly sign in. Then try signing in from the app again

9. Profit

If Discord isn't working or there's a black screen: Install Bromite WebView via nanodroid. It's just an addon and won't overwrite your existing installation

Discord steps I did :
- No gapps nor microg nor magisk hide, bare Lineageos
- Login to discord in the phone browser, hopefully whitelisting the IP by doing this
- Cutting internet connexion
- Open discord, fill the login form
- Get back internet and quickly press login, Discord don't have time to "try to load the capchat", and login then crash
- try opening back the app a few time, hopefully it will be connected and you will end up with a fully working discord (minus push notifications ofc)

Information about signature spoofing (required for microG)

Signature spoofing support
https://forum.xda-developers.com/android/general/index-list-custom-roms-offering-t3557047

Adding signature spoofing support to various roms
https://github.com/Thespartann/android_frameworks_base_microG/blob/master/README.md

Q patch patiently being ignored in µG PR:
https://github.com/microg/android_packages_apps_GmsCore/pull/957/files

Omni's commits to get sigspoof in app permissions GUI:
https://gerrit.omnirom.org/c/android_packages_apps_PackageInstaller/+/36730
https://gerrit.omnirom.org/c/android_frameworks_base/+/36729

Q patcher PC noscript:
https://news.1rj.ru/str/NoGoolag/2428

Chile picks Japan's trans-Pacific cable route in snub to China

Decision a blow to Huawei and Chinese telecom sector

TOKYO/SAO PAULO -- Chile has chosen a route proposed by Japan for the first fiber-optic cable to directly connect South America and the Asia-Pacific region, designating Australia and New Zealand as endpoints while stopping short of landing in China, Nikkei has learned.

Japan's route beat out a pitch by China that would have made Shanghai the final landing point. This decision comes amid a U.S. pressure campaign to keep China out of global telecommunication projects.

Under the Japanese proposal, the undersea fiber-optic cable would stretch roughly 13,000 km across the Pacific Ocean, pass through New Zealand then arrive at its terminus in Sydney. The Chilean government says this route is recommended the most based on cost and feasibility.

Japan and Australia just completed their own submarine cable linking the two countries this month, meaning Japan could easily connect to the trans-Pacific cable. Both Australia and New Zealand share deep ties with Chile through the Trans-Pacific Partnership, the trade deal that Japan has pushed for.

The Japanese proposal to Chile took into account Australia's hard-line position against China, exemplified by Canberra's decision to blacklist China's Huawei Technologies from its 5G infrastructure.

Chile was caught in the geopolitical crossfire as China, its largest trading partner, lobbied heavily for cable plan to have Shanghai as its terminus. When Chilean President Sebastian Pinera visited Beijing in April last year, Huawei pledged to invest in data centers in Chile.

Huawei initially emerged as the leading candidate for the undersea cable. But the South American country was unable to ignore U.S. intentions in diplomacy and trade.

👀 👉🏼 https://asia.nikkei.com/Business/Telecommunication/Chile-picks-Japan-s-trans-Pacific-cable-route-in-snub-to-China

#telecommunication #Chile #Japan #China #Huawei #USA
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

#translating
Translator alternatives

For browsers:
- https://www.deepl.com/translator

- https://www.apertium.org

• Conversations (XMPP client)
• Riot.im (Matrix) client)
• Signal
• Wire (see metadata issue)
• Jami
• Jitsi
• Ricochet (desktop only)
Comparison/other information:
• securechatguide.org / securemessagingapps.com
• Wikipedia: Comparison of im clients
• https://eff.org/secure-messaging-scorecard
• https://infosec-handbook.eu/blog/xmpp-aitm/

⌨️ Doc editing on Android
• Collabora Office https://news.1rj.ru/str/NoGoolag/2271
• Libreoffice

📲 Document scanners on Android
• Docus https://news.1rj.ru/str/NoGoolag/2681
• Open Note Scanner https://news.1rj.ru/str/NoGoolag/2239
• DocScanner - Requires IzzyOnDroid repo

📝 Android apps to take notes
https://news.1rj.ru/str/NoGoolag/1185

Notes in chat:
- afwall
- alt_frontends
- alternatives
- amp
- apk
- assistant
- aurora
- backup
- blockadstrackers
- bounty
- browsers
- classroom
- clean
- cloud
- cloudflare
- conspiracy
- datacollection
- debloat
- deezer
- delete
- deletewhatsapp
- deodex
- disable
- disablecaptiveportal
- disablegoogle
- discord
- dns
- dnscrypt
- e
- email
- exodus
- fakegapps
- faq
- fb
- fdroid
- fennec
- find
- fossbeta
- gates
- gcam
- gmail
- google_fi
- googletakeout
- gpslock
- graphene
- gratisapps
- guide
- ipsum
- keyboards
- librechair
- lineagemicrog
- location
- logs
- madaidan
- magicgapps
- magisk
- mailalias
- manjaro
- mapsapps
- messaging
- microg
- mixplorer
- musicplayers
- netoff
- news
- nextcloud
- nitrokey
- nonrootdebloat
- notesapps
- nothingtohide
- office
- osm
- ot
- playgames
- playpaid
- plusmessenger
- problems
- push
- qpatch
- rh01
- riot
- safetynet
- satstat
- searchengines
- shelter
- signal
- sigspoof
- smalipatcher
- snapchat
- spite
- sync
- tasker
- tg
- tor
- transfer
- translate
- uber
- uncensorISP
- unlppatch
- untracklinks
- vanced
- vpn
- wear
- whatsspoofing
- wiki
- windows
- wireguard
- withoutgoogle
- xiaomi

Vinyl Music Player (Phonograph fork with all features unlocked + a few fixes/features) - F-Droid
Vanilla Music - F-Droid
Shuttle - F-Droid (Izzy Repo)
Timber - F-Droid
TimberX - GitHub
Music Player GO - F-Droid
Metro (Retro Music fork with features unlocked) - F-Droid (Izzy Repo)
LOS Eleven - F-Droid (Izzy Repo) or obviously in LOS
Musicolet - Playstore

Izzy repo: https://apt.izzysoft.de/fdroid/repo

Tools for Xiaomi devices:

https://news.1rj.ru/str/libreware/708

https://news.1rj.ru/str/libreware/73

https://news.1rj.ru/str/libreware/242

https://news.1rj.ru/str/libreware/319

https://news.1rj.ru/str/libreware/330

https://news.1rj.ru/str/libreware/343

https://news.1rj.ru/str/libreware/374

https://news.1rj.ru/str/libreware/188

https://forum.xda-developers.com/redmi-note-7/themes/debloat-redmi-note-7-miui-10-3-5-0-root-t3928466

https://forum.xda-developers.com/redmi-note-8-pro/development/easy-twrp-installation-tools-xiaomi-t4018315

WINDOWS
- https://news.1rj.ru/str/libreware/622
- https://github.com/adolfintel/Windows10-Privacy
- https://github.com/mirinsoft/debotnet
- https://github.com/Sycnex/Windows10Debloater
- https://github.com/jebofponderworthy/windows-tools
- https://rentry.co/fwt
- https://news.1rj.ru/str/NoGoolag/2549
- Also, burn your drive :)

https://betanews.com/2018/07/31/all-the-websites-windows-10-connects-to-clean-install/

SIGNATURE SPOOFING
See, all apps basicall call play services like, "Yo, package com.google.android.gms with signature x, I need this done".

So for microg to receive that message, microg:
a) needs to have the same package name (not a problem)
b) needs to have the same signature.

Since we have not stolen google's keys to sign the microg apk with the same signature as gapps yet, we add an extra feature in android that makes microg look like it has the play services signature. The app asks, "Hey android, is this really play services?" Android responds <crossing its fingers>, "Yeah, sure

____

Many ROMs already have sigspoof, but in some you may need to enable it manually, search "signature" or "spoof" in settings

In some roms it's here:
Settings > Apps > Advanced (gear icon) > App Permissions > Spoof package signature
Or
Settings > lab > misc > signature spoofing
____

Information about signature spoofing (required for microG)

Signature spoofing support
https://forum.xda-developers.com/android/general/index-list-custom-roms-offering-t3557047

Adding signature spoofing support to various roms:
https://news.1rj.ru/str/NoGoolag/4481

https://github.com/Thespartann/android_frameworks_base_microG/blob/master/README.md

Q patch patiently being ignored in µG PR:
https://github.com/microg/android_packages_apps_GmsCore/pull/957/files

Omni's commits to get sigspoof in app permissions GUI:
https://gerrit.omnirom.org/c/android_packages_apps_PackageInstaller/+/36730
https://gerrit.omnirom.org/c/android_frameworks_base/+/36729

Q patcher PC noscript:
https://news.1rj.ru/str/NoGoolag/2428

Patch for Android 11 (R)
https://news.1rj.ru/str/NoGoolag/4481
https://github.com/microg/android_packages_apps_GmsCore/pull/1222

ANDROID WEAR
Free implementation of the APIs necessary for Android Wear
https://github.com/microg/android_packages_apps_GmsCore/issues/4

https://www.bountysource.com/issues/6460438-wishlist-com-google-android-gms-wearable

AsteroidOS is an open-source operating system for smartwatches
https://asteroidos.org

Gadgetbridge
https://f-droid.org/app/nodomain.freeyourgadget.gadgetbridge

PineTime
https://news.1rj.ru/str/NoGoolag/2107

OpenWatch
https://github.com/OpenWatchProject/readme

VANCED
The microG that vanced uses is very different in purpose and function from the original, and behaves in different ways from the microG this place knows.

Your vanced questions should go here:

Group:
- http://t.me/joinchat/AAAAAEHf-pi4jH1SDlAL4w
Channel:
- @vanced
Web:
- vanced.app

PROTIP: Use Newpipe from FDroid or Github instead and save your lives