I'm currently using vim -x for plain text and stash to manage key value pairs for things like access tokens and API keys

Vim probably has something similar, in Emacs you can GPG encrypt a file and decrypt on the fly

You can also use a proper password manager like KeePassXC

Yeah, I am using vim for it

https://www.agwa.name/projects/git-crypt/ https://github.com/StackExchange/blackbox/

Thanks. Great suggestions

Curious about the ram, why do you need so many gigs?

When I was buying the 3T long time ago it was the most RAM a cellphone had (or at least on par with other "flagships"). And now, several years later, this is the norm. So why stick with something that I'd have to change in 1-2 years.

I'm deciding between Fairphone4(removable battery;would put CalyxOS) and Pixel6a(would put GrapheneOS) or maybe something else. Does anybody know anything about these OSes? Did anybody use CalyxOS? CalyxOS says that it spoofs Google's certificate to prevent tracking and that's not ideal. And GrapheneOS allows sandboxing of Play services but then I also don't trust google-made device.

That "trust" depends on your threat model. I've been completely ungoogled (in my personal capacity) for a few years, and need no convincing that Google is not to be trusted. Still I'm happy to trust Daniel Mickay (GrapheneOS lead) when he says that the Pixel's hardware is the best available for security. It might come from an untrustworthy company, but I understand it's one of the most open platforms available. Without actually installing microG (not installed by default), there isn't anything communicating with Google servers (though I haven't verified). Even the internet detection is done by pinging a GrapheneOS URL. If you need better security/privacy than that, you probably shouldn't be on Slack. 😉 CalyxOS also officially only support Pixels. It's apparently a much smoother experience, but without all the top tier security improvements in GrapheneOS. I've been very happy with my Pixel 3a XL running GrapheneOS, but now it's nearing EOL. The lack of an audio jack on the new Pixels bummed me out too, but then again I never really used it much anyway.

Yes, I shouldn't be on Slack so much. I don't have any serious thread model. I just want to avoid large corps. I'd be very happy if GrapheneOS would run on Fairphone4. I don't think physical security is such a big deal as you could also detect a reboot and ask for some kind of 2FA key. And then I could tweak my software inside as I want. That would be great.

So the question seems to be: is it better to avoid Big G, or select a phone from a smaller manufacturer with not as great security? I don't know enough to argue against the experts who opt for the former.

I asked the question regarding the Pixel's physical security on /r/privacy yesterday. There were some people who were concerned and there were people that called me dumb. And then the post got removed as being off-topic. But the interesting thing is that that same subreddit praises GrapheneOS as secure (which may totally be true) without any proof that it's secure on a clean foundation. I asked about this "foundation" and nobody answered. So it's pretty sad that people say it's secure but actually don't know if the hardware doesn't work against them. This is why I would opt for a small company because I know that they wouldn't have resources to put anything like this onto a chipset itself (ok, maybe from the chip manufacturers, but not from themselves). So the components would be good, it's the integration that would be leaky. Also Pixel6's processor is literally called Google Tensor. If that doesn't ring your alarm bells as it's the same word as in Tensorflow then I don't know what will ring them. I'll try to re-ask in GrapheneOS subreddit.

Cool guys these google bruhs... this corp just keeps getting better. Not attacking the poster because it's hilarious. But why would google want to raise awareness of an operating system that will literally end their life as a surveillance company... 200iq move really...

> "proof that it's secure on a clean foundation" That's a near impossibility with the complexity involved and closed hardware. I.e. you won't get that from any other manufacturer either. Google is evil in a "dispassionately monetize you as far as they can" way, not a "spy on you at any cost" way. What you're describing sounds a lot like the latter, but it's simply not financially worth it for them to track the <1% of Pixel customers who don't actively invite Google into their homes and lives. That's rather the purview of nation state level threats. If that threat is covered in your threat model, you have much bigger problems, and you should probably not be using a mobile phone at all, and you really shouldn't be using Intel or AMD CPUs either.

From what I know about GrapheneOS it's that "they implemented multiple features from GrapheneOS into the mainline Android OS". That means that they could implement more and probably it won't even be a threat to their business model. Or they would implement more if governments would decide to intervene. So I see this kind of platform as a perfect testing ground when they'll need to move the goalpost that little small bit further and call it "secure again".

In the GrapheneOS chat they don't know anything about privacy research in the GP devices. Unfortunately.

I only have SE215. I don't yet know if I want high-end headphones. I see that this DAC has multipoint connection and could be paired to multiple devices. How does the app work? Does it save the details on some kind of a cloud or does it talk directly to the device without any internet? Have you tried denying it the internet to see what happens (I can do this on stock android)? Also what's weird about a DAC is that it's a separate its own device with a microchip. So it could play music by itself. So why would I want to store music on my phone if I could upload+store it and play it on this kind of device too :thinking_face:

> I only have SE215. I don't yet know if I want high-end headphones. > You can use cheaper headphones. You just won't be getting as much out of the device as it can offer. > I see that this DAC has multipoint connection and could be paired to multiple devices. > You can can pair multiple devices (I think 2?) and also connect one via USB. It will switch between them pretty seamlessly (though sometimes awkward prioritizing if 2 devices are both trying to play at once). You could be watching a video on your computer, and the phone rings, and it will switch over for you to take the call. There are 2 headphone jacks, but you only use one or the other. One is a 3.5mm unbalanced connection that matches typical consumer headphones. The other is 2.5mm balanced for many high end headphones. > How does the app work? Does it save the details on some kind of a cloud or does it talk directly to the device without any internet? Have you tried denying it the internet to see what happens (I can do this on stock android)? > Settings are stored on the device. You change the settings in an Android app, but they apply when connected to any device. It doesn't connect to the internet. Firmware updates also go through the app your phone. > Also what's weird about a DAC is that it's a separate its own device with a microchip. So it could play music by itself. So why would I want to store music on my phone if I could upload+store it and play it on this kind of device too  ​ (edited) > The microchip is solely devoted to processing audio and Bluetooth. It only has enough storage to keep settings and buffer audio processing. You can buy devices that store and play music along with having high quality hardware for producing audio. But they are more expensive, nearly the same size as a smartphone, and run outdated and gimped versions of Android to provide a UI. Your phone is already great at file storage, music player UIs, and connecting to the Internet if you want to use the cloud. So this tiny device just provides the one piece that is always missing from smartphones, which is high quality conversion of binary digits into audio signals.

You could repost it as a thread and then delete your post in the main channel. Depending on how guilty you feel about not threading your answer 🙂

I almost did that, but my guilt was partially overridden by " I just think it's awesome this exists. I wish more people knew about it". 😁 I would not have done it that way on purpose. But now that it's done, I can't convince myself to back down from the mistake.

It's funny because I gave up on headphone jacks years ago. But it's also been many years since I had a DAC in my sound system setup. Back in England I had all sorts of specialized HiFi components (for years I had a UK-built valve amp at the center of it:grin:). That DAC amp and earphones combo is a reasonable price too... Tempting...

You should do it. 👅 The Qudelix 5K, is just over $100 right now on Amazon, and could easily hold its own as $500-$1k range USB-C DAC/amp. Then throw in the fact it is roughly the size and weight a bottle of eyedrops. Then add the option to use Bluetooth, with surprisingly little loss in quality. (So even if you have wires you are not tethered to your phone or pc.) Suddenly hifi is a truly portable experience. 🎉 Chinese companies have been pumping out budget-hifi IEMs. There are a boatload of $100-$300 models that totally meet the requirements of "hifi" (and even a few standouts in the $50-$100 range). Or $300-$700 should easily be enough to buy an excellent pair of headphones. (You could of course spend several thousand a pair on either if that's your thing, or $60 for something that is not great but still obviously outclasses pretty much any Sony product..) The Thieaudio Legacy 3 is an IEM I can personally vouch for, currently $120 on Amazon. Combined with the 5K, that gets you back into hifi for $230 + tax. 🕺 It's all digital and solid state though. Price ranges get much higher before valves and tubes can be at all cost competitive (besides some gimick amps pushing primarly solid state amplification through a small tube for some analog distortion).

Amazon and Apple both offer hifi streaming, along with Tidal, Quobuz, and others. Lot's of music available on demand in lossless or minimally compressed formats. For a few dollars a month, you don't even need to rebuild your music collection. Just listen to whatever, whenever, wherever, all in hifi.

I don't use spotify and other music services :thinking_face: It's a weird value proposition for me :thinking_face: But it's probably a good option for somebody who would use these.

Thanks skylize! I bought 2 (3?) of this kind of thing a few years ago, but abandoned them because of flakiness. Maybe I'll give the Qudelix a try! (btw, wouldn't have seen this if threaded)

> (btw, wouldn't have seen this if threaded) > Haha. Glad I could help.

> I don't use spotify and other music services  ​ It's a weird value proposition for me > Interesting statement. I'm curious for more detail on what you mean.

behavior https://www.youtube.com/watch?v=fwNYjshqZ10

This is why I value the audio jack. It's not perfect but it's good enough.

Disclaimer - this may make you unhappy about what you do in coding. I have to warn you. Seriously. In more ways than one. A longer one: https://www.youtube.com/watch?v=5AvtUrHxg8A

Hmmm. Yeah I guess thinking too hard about data collection would make any sort of streaming seem unattractive. ... Not sure what that has to do with a headphone jack. Nobody is collecting data about you through the 20-30 feet of broadcast from a Bluetooth connection.

Having no audio jack means that I'll use Bluetooth some of the time but currently I don't use it at all. I even forget that I have it as it's useless otherwise. And this leads to systems which has less and less cables over time. And this leads into the society where by having one secret key you can listen to everything that's happening. We already get into these problems when web certificate authorities go rogue, I didn't ask for this. So what I currently experience is that society is already being transformed into this cordless way of living and there is less and less choice. I can't have a reasonable price for a phone with a jack that will last more than a couple of years. Sometimes I would actually prefer to have some data going through wires. For instance I'd prefer my banking details to go through wires and not through bluetooth. Even though it's old-school and "old" it doesn't mean it's bad. LISP is not bad, we're literally the definition of the answer. We literally decrease security by getting rid of physical that you can investigate and changing it into the "new" and "cool" wireless that we can't reason about. We don't know if it's secure or not, we just assume. I hope they don't remove the USB connectors and won't replace everything with wireless charging any time soon... Because this would be the final phase of the lock-in.

Just my opinion. That's it. It's fine if you use it. You don't need to agree or disagree.

You do you. 😉

Out of sheer interest just ordered Qudelix, thanks! And it having a USB input is definitely a plus, makes it much more versatile.

Me too, looks like a very solid recommendation. Was looking for an amp earlier, glad I held off on buying anything before.