GrapheneOS Desktop Mode is Here!

[MUSIC]

All right, welcome back to this week in privacy, our weekly series where we

covered the latest updates with what we're working on within the privacy

Guides community and this week's top stories in the data privacy and cybersecurity space.

For those who don't know, Privacy Guides is a non-profit which researches and shares

privacy-related information and facilitates a community on our forum and matrix where

people can ask questions and get advice about staying private online and preserving their

digital rights.

Before we dive into this week's show, here's a rundown of how the show will be laid out.

We'll start by covering site updates, then we'll discuss top stories in the data privacy

and cybersecurity space.

First we'll explore some trending posts on the Privacy Guides Forum and finally we will

answer viewer questions.

So if you have a question for us, please leave a comment in the forum thread or on the YouTube

chat.

Yeah, so we're working on a smartphone security series.

We just finished the recording on that and it is now being edited.

So hopefully that'll be out soon.

We are also working on a threat modeling series and Lesson 1 should actually be released

to members here pretty soon.

I think within the next couple of days, I believe.

And unfortunately, my notes here say,

chat control video progress update,

which Jordan is handling all of that one,

so I don't really have updates.

- I think we might be good here.

I don't know what the issue is

with my actual normal microphone,

but it doesn't seem to be picking up anything.

So really sorry about that, everybody.

So I guess to get back onto track here,

the chat control video is kind of in the works. I've been putting together like the basic script

of things and trying to make sure that the interview is integrated into the video.

And basically that has been kind of an interesting thing to do because we recently,

as you might have heard, we did a interview with Patrick Breyer last week and we also want to

a video that comes out later in December.

And it's kind of becoming a little bit of a changing story.

So definitely expect some updates in that respect.

Basically the threat modeling lesson one

is gonna be released hopefully after the stream.

And if you're a member, you'll get access to that.

If you're a member on the forum, you'll see it.

And if you're a member on YouTube, you'll also see it.

So definitely look out for that.

And I guess I'll kick it back over to Nate

to cover some of the site updates this week,

which are very exciting.

- Cool, yeah.

Yes, very exciting indeed.

We have some big news today.

Today specifically,

we have just launched a brand new merch store.

So if you head over to shop.privacyguides.org,

you will be able to see that.

And we've already got so, so many things on there.

We've got, let's see, shirts, posters, stickers, mugs, glasses, super cool stuff.

We are running a Black Friday sale that coincides with the launch, $10 off of all orders, $75

or more.

So really cool stuff.

And I know this has been a big concern for people is there was no AI used in this just

for the record.

Like everything was done by M by hand, very hardworking.

So yeah.

And Jordan, I believe, are you able to show some of the designs on screen or?

Yeah, I'm showing them right now.

So it's, yeah.

Sweet.

Yeah, my YouTube feed just caught up.

So cool.

Yeah, you guys probably saw that already by the time this catches up with the delay.

But yeah.

And let's see, there's...

There's some small changes are starting to roll out to the site, specifically shorts.

I've, as I mentioned earlier, I've gone ahead and filmed the smartphone course and that should be coming out soon.

I've also put out one short already on YouTube and TikTok and stuff, calling for suggestions on short topics, ironically.

So we'll check the comments on that. I've been keeping an eye on them. And if you guys have any, any real quick questions that you think could be answered in like a few minutes, definitely suggest those.

and we'll go ahead and make videos about those.

I made a short about the store,

which if you guys go to the store,

then you'll see all of that already,

but just kind of a short announcing the store

and telling people what's in there.

And we're gonna have a few more rolling out over the week.

So I hit some kind of button, there we go.

Yeah, we're gonna have a few more shorts rolling out

over the week highlighting specific products in the store.

And I'm also working on a short about age verification

inspired by a recent news story.

So those are some things that should be coming pretty soon to keep an eye out for.

I think that's all I have in terms of site stuff. Jordan, do you have anything that I missed or?

Not really, but just to say, I think some of the designs on the store look really great.

So if you haven't checked that out, make sure to check out shop.privacyguides.org.

and there is currently a Black Friday Cyber Monday deal for $10 off orders $75 or more.

So if you're interested in picking up some swag and like Nate said, it's all like, you know,

handmade and a lot of thought and time has gone into making this. So if you really want to support

us and, you know, have some cool, cool stuff to wear as well, then definitely check that out.

Yeah, there's one there's one M made called the Defender of Privacy that's really popular. It's

a really cool look in and another one that I'm probably going to grab a few things of is Article

12 from the UN Declaration of Human Rights which is where the UN says that privacy is a human right.

We have a few designs with that printed right on various pieces of merch. So some pretty cool stuff.

Yeah, that grape hoodie. I think I'm going to be picking that up.

- The Defender one?

- Yeah, looks really good.

- Or the, yeah, yeah, it's a cool design.

I should probably grab some hoodies,

it's getting cold here.

(laughing)

- Yeah, but that's kind of what we've got

for side updates this week.

I guess we can kind of move on to the news this week.

So with that being said, let's dive into the news.

And the first topic here is kind of this,

the highlight story this week,

And it's GraphinoUS now includes the QPR1 update,

which includes desktop mode and experimental support

for the Pixel 10 series.

So if you haven't heard,

the QPR1 update was delayed by a couple of months

because Google took a long time

to release the source code officially.

And now GraphinoUS has made an official stable release

of Android 16 QPR1.

And the feature that is included that a lot of people

are very interested about was the desktop mode feature.

And I can talk a little bit about that

'cause I did use it, but Nate,

do you have any thoughts on this?

- Yeah, I mean, I have a few thoughts.

This is, like you said, this release

from what I can tell is largely cosmetic stuff.

Like there's a whole material,

I think they call it material U is the,

what's the word I'm looking for, user interface.

And it's just, it's a real, it's a whole redesign.

It's from the ground up.

It looks very different.

It was actually funny.

I had a few friends that use Graphene OS

and they were like, oh, I don't know if I got the update.

And I'm like, no, you would know.

Like from what I've heard, you can see the difference.

But yeah, it's, and like you said,

this was delayed because Google, for those who don't know,

the Google a few months ago changed up

how they're doing things.

And I think we're going to talk about this a little bit later too,

but they no longer are releasing the AOSP source code publicly at the same time as everything else.

And that's kind of slowing things down a lot.

Custom ROMs are having to kind of reverse engineer everything and kind of figure it out.

And that's really slowing down these releases.

But yeah, the only thing I have to add is I read up online, and I'm not sure how true this is,

but I read online that on stock Android, this desktop mode that we're going to talk

about only applies to the eight series and up.

So like the pixel eight, the pixel nine,

but I'm not sure if that's true, especially with Graphino S

because they make so many major changes to the device.

They may have back ported it to older devices as well.

So yeah, so if you use a stock pixel,

you may not see this if you're on an older pixel potentially.

- Yeah, so I guess to dive a little bit into like

how the feature exactly works with desktop mode.

I did do some testing this week

just to see how that works exactly.

And unfortunately it's not at a state where you could reliably use this right.

It's definitely kind of a little bit glitchy I would say, and it's still quite a few bugs that are happening with it.

And it is operating pretty similar to how you would expect with a desktop operating system.

But unfortunately, there's still quite a bit of work to be done, I think, because a couple

of the issues that people brought up on the forum that I saw, which I also encountered,

was artifacts, glitchiness.

There's no way to have your pixel device to have the screen turned off while also connected

to a monitor.

So basically you always have to have the screen on which is slightly irritating.

So if you lock the device it actually just turns the display off which is a little bit annoying

especially when you compare that to like a desktop computer and the other thing is it's only supported

by a pixel 8 and above. So a lot of people are you know perfectly fine with the pixel 6, pixel 7,

pixel 5 whatever which version they're whatever version they're I think the pixel 5 isn't supported

anymore but the Pixel 6 I guess. So it's kind of a tricky situation when it comes to which

devices are supported and I think that's due to a hardware issue because the USB-C port doesn't

support display out so if you don't have a Pixel 8 and above then you don't actually get access to

that feature unfortunately and I think it's not the biggest deal breaker at least at this point

in time because the way that it works is a little bit clunky I would say and I did actually

have some screenshots here of what it looks like which I'm not sure if I can open up.

Looks like I can't unfortunately.

But I think if you want to give it a shot definitely try it on your device.

It's still settings behind the developer settings in your phone so if you're wanting to try

out, you have to enable developer options and scroll all the way down to the bottom and enable it

and restart your device. So I don't think it's at a point where we can say that it's actually like

stable. So definitely think about that when you are, when you're thinking about this,

if you decide to use it as a desktop device. It's also interesting to see that the Pixel 10 series

is now going to be supported. So if you do have a Pixel 10 device, it could be worth at least doing

some alpha beta testing if you're interested in testing that out.

But yeah. Yeah. I was just going to say I also saw that that thread on the oh here it is now I

see it in the show notes there's a thread on our privacy guides forum where somebody else relays

their experience trying it out and it sounds like the same thing you said like external keyboard

and mouse can't move freely between the phone and second screen. They said the phone is stuck in

and vertical even with auto rotate enabled.

There were a few times like the keyboard

just kind of stopped working

or like switched over to the other screen for some reason.

Some little things with the monitor

or excuse me, volume little things there.

So, and just to be clear, I think as I understand it,

this is more of like an AOSP issue.

Like this isn't really like graphene

didn't do anything wrong.

They just implemented what was already there.

So I think Google still just has a lot of work to do

on this according to my understanding.

- I did try it out on stock Android as well

and there's no difference.

There's no differences,

even on the latest beta version.

So it doesn't seem like they've done any more work really

since the QPR1 update, unfortunately.

But yeah, how do you feel about jumping on

to the next story here?

Yeah, talking about the support for the Pixel 10 series.

So this is pretty short here,

but basically Graphene has officially released

their support for the Google Pixel 10.

Again, this has been slowed down.

So well, just to cover all my bases,

the 10, the 10 Pro, the 10 Pro XL, and the 10 Pro Fold,

which is pretty cool.

So again, just with the QPR-1,

this was slowed down because of the whole AOSP no longer.

It used to be the AOSP, which for those who don't know,

Android Open Source Project.

Basically, the bare bones of Android

has historically been open source,

and then Google and other manufacturers

will kind of add on to that with their proprietary stuff.

And historically, AOSP was very open source

the entire time.

And so it was easy for developers like Graphene

and other developers to see the code as it was being built,

and they were able to kind of like get ready for it

changes. And now Google has changed the way they do things where they only release it periodically,

I believe, if I remember correctly. And that's, like I said earlier, that's what's slowing down

development is they have to kind of reverse engineer everything from scratch. So Google is

trying to get everyone towards this new system called Cuddlefish, which I don't think it's new,

but they're trying to guide everybody towards Cuddlefish, which is kind of like an Android

virtual machine, which is great for the software stuff you need to do in Android if you're

a custom raw maker.

But there's also a lot of hardware, there's a lot of, what's the word I'm looking for,

like blobs and there's just a lot of hardware stuff that is not included in Cuddlefish.

And again, that slows them down trying to figure out how all that stuff works.

So Graphene has finally been able to get the Pixel 10 up and running.

It is available now.

So if you have a Pixel 10 that you can definitely go put

graphing on it now, it's worth noting,

oh, excuse me, I apologize.

I'm seeing in the article here, it says that this support

is considered experimental.

So this is actually in the early stages.

You can install it, but there may be some small bugs.

And one thing that I wanted to point out here is this

potentially, I don't want to worry anybody,

but potentially this could be the last pixel

that graphing supports.

I believe you guys talked a few weeks ago

How graphing has been in talks with a manufacturer to make their own in-house phones that come

preloaded with graphing.

And part of that is again, all this stuff with ASP that I was talking about, they're

really kind of, they're kind of at a disadvantage here.

And so if they can work with a manufacturer who will be more open, who will work with

them upfront, who will streamline the process, then they just don't want to deal with Pixel

anymore, which also has the advantage.

I've seen a lot of people who don't want to use a custom OS because they don't want

to give Google their money and buy a Pixel.

And I completely understand that logic.

So that would kind of solve a significant number of issues.

It's still way too early to know for sure

if that's going to happen, depending on how long these phones

take to get out.

They may still go ahead and support the 11

just to help ease the transition.

But it's also possible this might be the last pixel.

We'll just have to wait and see.

Yeah, it'll definitely be interesting to see, especially

now that we've got Pixel 10 support.

I wonder if there will be a point where Pixel 11 or Pixel 12,

they've completely dropped support for it, but it would be kind of uncharacteristic, I guess.

And it's especially interesting to see now that we've got more options possibly coming

in a couple of years with Graphi NoS's like custom phone that they're working on.

It'll be very interesting.

Yeah, we don't know much about that at this time, but we're definitely keeping an eye on it

because that would be some really interesting stuff to learn more about.

Definitely.

- So I did have one quick thought actually

for question for you Jordan, as well as our audience

is going back to the desktop mode thing,

there are security advantages to Android

over traditional desktop.

It's, I once heard somebody describe it as,

"We took all of the mistakes we made with regular computers

and learned how to do it right with phones."

So what do you think?

If it was more stable, would you prefer to use

like a phone that can double as a desktop

do you prefer like the old-school desktop? Honestly, I think I would actually use like if I didn't

have to like use like professional applications, I would 100% just use a phone. Because like I think

the main issue is like with a phone, sometimes there's certain things that you want to do on it

that like it's kind of irritating to use such a small screen and like you know tap your greasy

fingers all over the screen. I think it's probably not the greatest way to interface with a website.

So if you had the ability to connect it to a display, and especially if you had like,

better like single, like the way that I've got my monitor set up right now is through a single

USB-C cable, and then the keyboard and mouse are connected to the monitor. So it's like basically as

you plug in one cable and you're ready to go. So I think if we saw this become a little bit more

mature possibly, it could be interesting to see how it changes the desktop and mobile landscape.

And I guess that kind of segues us into the next story here. Why exactly is Google trying to make

desktop mode on their like pixel devices. And there's currently been some rumors going around

about this project called Aluminium OS and its Google's attempt at making Android a desktop

operating system. So here's like the other story that we is sort of somewhat connected to this

Android desktop story that's been going on again. Here's like it's very early in the story's

lifecycle here. So just reporting on some of the small things here. Google wants to replace

Chrome OS with Aluminium OS. It's new Android based operating system for PCs.

The Android operating system is incredibly versatile beyond smartphones. It officially

powers tablets, watches, TVs, cars, and XR headsets. However, it has virtually no presence on

traditional PCs, where Google instead relies on Chrome OS. Despite Google's efforts to challenge

the dominance of Windows and Mac OS, Chrome OS remains a distant third. To close this gap,

the company is unifying Chrome OS and Android into a single desktop platform, code named Aluminium OS.

And that was quoting from the Android Authority article by Michelle Raman. So it's

another kind of pushed forward on on Google's move away from Chrome OS and to basically bridge

the gap between desktop and mobile devices. So how do you feel about this, Nate?

That is a good question. I don't know. I think I personally have not used Chrome OS a whole

lot mostly because I found it very restrictive. For those who haven't used it, it's,

I mean, it's great if you're all in Google's ecosystem and all you need to do is surf the

web and check your email and that kind of stuff. But there's not a lot of room for installing

applications and programs and stuff. And actually one of my first experiences with Chrome OS was

my brother had bought a Chromebook for cheap on a sale and he read online that it was possible to

put video games on it. So he asked me if I could do it. And after some and only certain CPUs can do

it and he didn't have that one. So, um, yeah, they're very heavily locked down, which is

what makes them so good for security. But, uh, I think, I, I guess what I'm wondering

is if they merge these two together and it basically becomes an Android OS on desktop,

uh, would that open the door for more Android apps to run on this desktop? In which case,

I think it would become a lot more flexible because I think there are a lot more things

that are available on Android that may not necessarily be on Chrome OS.

But yeah, I mean, there's some stuff in the notes here about it.

It would be cool to have a, because again, Android is a little bit more open source

or a lot more open source compared to things like Mac and Windows.

So it'd be a relatively open source alternative to Mac in the sense of their security stuff with

like verified boot and sandboxing by default, which, you know, we are big Linux fans around here,

but we do admit there are some security concerns about Linux in its default state,

and with a few exceptions. So it would be good to have a really secure desktop,

and maybe if it remains open source in some form, then maybe we could

see some modifications to that in the future, kind of like how we already do with Kalex and

Graphene. So yeah, that's a, I guess I'm really interested to see what it's going to look like,

because this is really, really early on so far

and we don't know a lot just yet.

- Do you think also it's a bit of a dangerous direction, right?

Because we've seen with Google seems to be tightening its grip

on like, you know, third-party side loading of apps

and all that sort of stuff.

I think that could be quite a concern,

especially if people are using this as their primary device,

not allowing people to install whatever software

they actually want on their own device.

But again, yeah, there is like a lot of security benefits

of having a unified operating system like that, I guess.

- Yeah, and I think that's definitely a genuine concern

with, I mean, not to downplay it or anything,

but you know, with like Mac and Windows,

that's one reason a lot of people prefer Linux

is that you're always at the mercy of those companies.

And Linux, if they ever do anything unpopular,

somebody just kind of forks it and makes a new version,

which that's why we have like 10 million different versions

of Linux, but it's, yeah.

I mean, that's definitely a concern

is that Google would still be controlling this.

So I don't think it's gonna replace Linux anytime soon.

And I'm not necessarily saying it should for the record,

but if anything, I would like to see Linux try to see

if we could borrow some of those security improvements

and just adapt them to the Linux distribution.

- Yeah, it would certainly be interesting.

- That would be the...

- Yeah, it would certainly be interesting

if like Aluminium OS ends up being

like an open source project, I guess,

or if it'll be like a sort of,

'Cause you know how Chrome OS is sort of like a little bit,

like there are like, I believe some forks of it

that do somewhat similar to what it, how it works,

but a lot of features are missing, for example,

or like a lot of functionality is missing.

It could be interesting to see if like, you know,

Aluminium OS ends up being a basis for, you know,

a Calix OS or a Graphene OS,

'cause that would definitely be a huge benefit

for security on those devices.

But I guess we're probably looking at like an ARM based

like laptop or something, it kind of brings into question, are they going to be specialized

devices for this? Is this going to be like something you can just install on any device?

It's suddenly got a lot of questions surrounding it.

Yeah, yeah, that was definitely something they mentioned in the article as well. So we know

so little right now. We don't know are they going to merge this with Chrome OS? Will existing Chrome

books be supported for a little while? What's the long-term future look like? So yeah, this is

Keep an eye on.

So, all right.

I guess, unless we have something more to add to that story,

we are gonna go ahead and talk about X,

AKA Twitter, which pushed out an update

that has been pretty controversial.

So the headline here says,

"X now shows your accounts, country or region."

So basically long story short,

X pushed out an update this past week

it reveals by default what country or region an account is from.

And I believe originally it, when it was pushed out,

it was showing where the account was actually created.

And now they've updated that.

And instead it just shows like the most recent location.

So yeah, this is called about this account.

And you can access it by tapping on the signup date

on a profile, which reveals the account,

the location and account is based in,

among other information.

government affiliated accounts are exempt from this feature,

which I guess kind of makes sense.

If you're, you know, the government of San Francisco,

I feel pretty confident where you're from,

especially if you've been verified.

The other interesting thing,

so this appears to work from a number of different factors,

but the main thing seems to be your IP address,

and X seems to have a list of VPN and proxy IP addresses.

So it will display a warning if you're using a VPN.

It won't necessarily say you're using a VPN,

but it will say this location data may not be accurate.

So yeah, this is a really complicated story.

There's a lot of implications here,

especially around political stuff like fake news

and how that kind of stuff is being handled.

But I think we're primarily focusing

on the privacy stuff here, which is,

some people said this was doxing and,

I guess it really depends.

So Jonah actually wrote the recap article of this,

the news brief on our website.

And I think he really said it best.

He said, in larger, more democratic countries,

like the US and Canada and stuff like that,

simply saying that you are from Canada or Australia

is probably not a huge risk.

But in smaller countries, like especially in Europe,

where you can get from one side of the other

in a couple hours, it may be a little bit more revealing,

where there's not as much variation of where you could be.

And some people have noted that this could put people

at risk if they're in repressive countries.

I mean, obviously I'm never a fan of revealing

somebody's information without their consent.

That's the whole point of privacy.

But I feel like if you're an activist

in a repressive country,

the government probably knows that you're in the country

or knows that you're not.

So I'm not sure how big of a threat that is.

But I mean, again, I don't think it's a good idea

to reveal stuff without letting people know.

So yeah, it's a really complicated thing in my opinion.

I don't know how I feel about it.

- Yeah, I've looked into this a little bit more

and I saw some interesting articles here.

Looks like we didn't include this in the newsletter,

but I just wanted to talk about it a little bit

because I thought there was this ABC article that I read

that I thought was quite interesting.

There was, I guess, some more complicated repercussions

because of this update. For example, like there was a couple of journalists, for example,

that were their accounts were tagged as being in countries that they weren't affiliated

with. For example, there was a journalist based in Gaza, who whose account was stated

to be based in Poland, which was then used to basically spread misinformation about the

authenticity of that activist and journalist. So I think it we should think about that too.

unmasking someone's IP address location can be in a lot of cases very inaccurate.

And especially for activists and journalists, they're probably using some sort of censorship

circumvention technology to actually access these websites.

So the account based in location might not actually match that of the actual location

of this person, right?

And in this case, there was one person who said they were based in Gaza and it was saying

were based in Poland on their account. So basically that was used to weaponize and discredit their

journalism, which I think is not great, especially because they didn't consent to their location

being revealed. And there was also a couple of other accounts which people are concerned about,

such as like, I think there was like the National Cyber Security Coordinator was in Australia, was

marked as being located in the United States, and there was a whole bunch of other accounts which

were said to be based in other countries and I think this brings up kind of a problem right is

a lot of people are using VPNs. VPNs are very popular tool to basically stop your internet

service provider from recording your activity and this account section is not very accurate

especially because so many people are using this sort of tool so to me it just seems like

not a very good idea because it just ends up making more misinformation and not really

helping to identify people properly. And I think if we read from what the show notes say here,

it was said that this was meant for verifying the authenticity of users, but it doesn't really

seem like it's done that. It seems like it's more being used to spread misinformation and

basically show the incorrect information about people. And I think the main issue that we should

take from this is like this is a privacy breach still. Like no one actually accepted this, no one

said I'm happy for this to be displayed on my account. So in my view that's technically a

privacy abuse. But I don't know maybe I have more of an extreme aversion to this sort of thing.

No, I think that's fair. I mean, in a technical sense, I think you're absolutely right.

I think one of the, I mean, there's a million ways to define privacy, but I think one of the

most popular ways is that it's having control over what you reveal and who you reveal it to.

And Twitter kind of took that away from a lot of people with this move, regardless of whether

or not I put anybody at risk. So that's certainly true. And I also, while you were talking, you were

talking about the cybersecurity administrator in Australia, that occurred to me is this could

could also potentially be, I think a lot of world leaders do tend to publish their itineraries

when they travel, you know, like, oh, I'm going to do this big tour in Asia or whatever and

meet all these heads of state. But that never occurred to me before that that could be, like

it's either way that could cause a lot of issue. If somebody made like a last minute,

like secret trip somewhere, then that that could be revealed through this or vice versa.

If they're not somewhere, if they're using a VPN or something, and now it says they're

somewhere they're not and that could cause a scandal of, "Oh, why are you there?" And

it's like, "Well, I'm not there." But yeah, it's, um, yeah, I don't know. It's, and I

think the, ostensibly, I keep hearing the story covered in the context of like fake news,

you know, and finding out, like we even mentioned in our article that a lot of websites or a

lot of accounts, that's what I was looking for, a lot of Twitter accounts that, uh, you

you know, are, I'm trying to figure out how to put this nicely.

A lot of Twitter accounts that were having opinions

on certain political issues,

now this thing is saying that a lot of those accounts

aren't even in that country.

So like, it's, I guess what I'm getting at is like,

it's really, it's a sticky thing

where you do want that kind of transparency.

You want to know who's influencing public opinions

in that way, but at the same time,

like this goes into the classic,

like at what point does somebody deserve privacy?

like public figures still deserve privacy,

but we want governments to have transparency.

And once you start getting down to this level,

there's kind of, I don't know, yeah.

- Yeah. - I'm probably rambling, but.

- It is definitely like, I do agree.

There has to be some level of transparency, I guess.

But also, yeah, it's kind of a, it's a balancing act.

And I think especially in like the US, for example,

there's a lot more people who are interested

the transparency aspect, but it's less of a thing outside of the United States, I would say.

Maybe that's just like a different culture, I suppose. But I think we should definitely mention

here, you can like hide your location a little bit. It still displays your location, so you still

don't get to decide if it's there or not. So you can go to your settings and go to about your

and then you can select to use country instead of region/continent.

You can use region/continent instead of country.

That looks like what it, how it would work.

So if you were in the UK, it would say Europe,

and if you're in like North America,

it would just say North America instead of like Canada or wherever.

So that's definitely a little bit better, I suppose.

But still, I don't think it should be published like, you know, publicly.

And like you were saying with like, you know, official government people having their location

like released. Same thing for like, you know, domestic violence survivors, like all sorts of

people who are like in a situation where their location being revealed is like, kind of a huge

issue. I know it's only the country, but still like, that would allow somebody who's, you know,

a very motivated actor to actually get more information about you and it's not something

you can actually control which I think it should be an option to control but then I guess that's

just the difference of opinion of the leadership of X I suppose but yeah I don't really have too

much more to add to this unless you've got something to add here. No yeah thank you for

mentioning the region, how to change your region, I completely forgot to bring that up.

It's definitely always good to have actionable stuff whenever we can.

That's really all I got. That's something to be aware of out there. If you are not happy about

your location being shown, go ahead and change that. Try to reduce the amount of data that you're

sharing. Definitely. And I guess moving on to the next story here, we've got a huge update,

I guess, from Google, which allowed for QuickShare to be compatible with AirDrop without Apple's help.

So basically, they were able to, if you don't know, QuickShare is basically Android or at least

Google Android's version of AirDrop basically and it was originally only available on Android

devices but now it's actually cross compatible with iOS. So what that means is if you have a

Pixel 10 series device, so Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL and Pixel 10 Pro Fold,

you can now actually AirDrop to an iPhone and it's not only one direction either,

it's both directions. You can send files from an iPhone to a pixel and pixel to an iPhone,

which is very, very cool. And Google says that Apple was not involved in the update. And Google

said that it built the feature independently to address interoperability issues. And they also

said that they reverse engineered airdrops technology to make it work. And they also said

that they went through a thorough third party security

audit to make sure that the privacy and security of the feature

would also meet their standards.

So I think this is quite interesting, right?

Because there's been, in the last couple of years,

we've seen the European Digital Market Act,

where basically there's been quite a lot of pressure

from Europe to basically open up a lot of these closed systems,

which, let's all be honest, it's arbitrarily there

to keep you locked into iPhone usage, right?

It's not there because, you know,

there's some technical like limitation between the devices.

It's only there because Apple wants it to be

or Google wants it to be.

So this is like, I guess,

I hope that we'll see more interoperability between devices

because this is sort of anti-consumer behavior

from Apple and from Google.

So it's interesting to see Google pushing so hard for this.

Yeah, I don't really have any strong opinions on this story.

I'm always a fan of interoperability.

So I think that's really cool that Google did this.

Like you said, Apple 99% of the time

when they're like opening the app store, for example,

and allowing side loading, they're like,

no, we can't do that because security,

and it's like, okay, security is like 0.1%

of the reason you care about this.

It's really, they just wanna keep people in their ecosystem,

I think so, I totally agree with you there.

There was really no reason they couldn't have opened this up earlier and made this a thing

other than to try and nudge people towards buying an iPhone next time they upgrade.

So I really hope Apple doesn't try to block this.

The article did point out when they talked about Apple retaliating,

they might kind of update AirDrop and make it stop working with this.

And I really hope they don't do that.

Although truthfully, I wouldn't be surprised if they do.

But yeah, that's really my main and only thought is I always am a fan of interoperability.

So I hope this will continue to be around.

Yeah, I honestly hope it does because we've seen more and more things that are working

across devices now. We've seen RCS messaging, we've seen unknown tracker alerts, which I

don't know if you remember, but there was a whole issue with basically Apple's air tags

where they would show an alert if they were being detected on your person only if you

had an iPhone. So basically, if you had an Android, you wouldn't know that you're being

tracked by an Apple Air tag. So basically Apple and Google work together on a standard to make that

so that you would know if there's an unknown tracker attached to your person.

So I hope that like Apple doesn't actually pull this feature back because like I think a lot of

reasons why people stay within the Apple ecosystem or whichever ecosystem they're part of is because

of these closed features where like oh I can't get that file to my other device easily and I think

it's specifically kind of an issue with especially with Android and Apple devices. For instance,

like if you try plugging an Android device into a MacBook, nothing happens. It doesn't even show up

as a file device on it. So it's like, it's very irritating that that Apple is kind of clearly

trying to make it like really hard for people to switch to these devices. And at least now that

that we've got QuickShare available, like, you know, if you've got a file you want to

get to your Mac, you can just use AirDrop. So I think it's definitely quite a huge step

here. And I think another thing that we should think about here is nearby Share or like QuickShare

is currently, I think, only available like through Google Play Services. So that kind

of stinks. So if you're using like GraphianOS with Google Play Services, I'm not entirely

sure if that works. I've never tried it. It could be interesting to see if anyone's tried that actually.

So that's kind of another limitation. But I know there is another option that I've seen

like recommended quite a bit. I'm not sure if we recommend it specifically here at PrivacyGuides, but

this is an app that someone told me about. It's called LocalSend. And I've been using that quite

a lot to like share between all sorts of like multi-platform devices. So even if you don't have

a pixel 10. Definitely check out local send if you're in a situation like that which for some

reason Apple doesn't allow you to connect an Android device to a Mac. I don't know why

you need a third party app for that apparently. But yeah I agree with what you said about you know

the Apple just being stubborn. They're just trying to make it irritating and as drawn out as possible

but it's interesting to see that they've kind of challenged things here.

I know it's off topic, but I was checking to see if we do recommend local send and

it looks like there was a discussion about it on the privacy guides forum as recently as July,

but it doesn't look like, it doesn't look like there was an official decision, but I don't think

I think we've added it.

So interesting.

I would have to read through that a little closer

at a later time.

But all right, that'll take us into our final story, which

is about Signal rolling out secure backups for iOS.

And this is now in beta.

So for those who remember, I think it was a few months ago,

maybe a few weeks ago.

Sense of Time is all messed up.

But Signal rolled out end-to-end encrypted backups

for Android users.

And they said that they wanted to go ahead

and bring this to iOS and desktop in the near future,

and now iOS is here.

So for those who missed the one about Android,

this is entirely end-to-end encrypted, zero knowledge.

Signal can never see your backups.

It is free for 45 days after,

if you want to back up more than 45 days worth of content,

they do offer a paid tier,

which is an interesting development.

And disappearing messages, that's remember,

disappearing messages are not included in the backup at all.

So if you're worried about like,

oh, I'm sending disappearing messages,

I don't want those stored in the cloud,

they're never there in the first place.

Backups are done daily, I believe.

So yeah, and that's kind of the main story

is now this is coming to iOS.

Again, this feature is in beta,

but you can go ahead and update your client,

you can go ahead and find it in the settings.

There is actually a page in signals documentation now

called backup and restore messages.

So let's see here.

And it does tell you how to do it on Android iOS.

Oh, and I guess it must be out on desktop

'cause I see a link here for it.

Well, this is transferring devices.

Yeah, okay, so this is for desktop,

it's still just transferring,

but it does tell you how to back up on Android and iOS.

It tells you the limitations,

They're not supported.

If you do not have your device or lost your phone, you wiped your clear,

your phone, you uninstalled your phone, things like that.

So, um, yeah, let me see if I missed anything here.

Um, yeah, no, that's kind of all I see.

Um, personally, I think this is cool.

This is always opt in.

Like if you don't want this, you don't have to sign up for it.

You have to go and enable it if you do want it.

And, uh, if you don't want it, then you don't turn it on.

It's, it's really that simple.

Um, I personally, I think this is good because I know a lot of, uh,

mainstream users who use signal, like friends and family of mine who are not

necessarily super tech savvy.

And to be honest, they're not even really concerned about their privacy.

They're just using signal because I'm kind of a stickler about it.

And, uh, they would love to have like that message history that they can transfer

between devices.

And I think it's really cool that signal gives people that option now.

So those are kind of my thoughts on that.

I actually think you, you brought up a really interesting point, right?

So it's said in the article, right, that your disappearing messages won't actually be backed up.

So that's kind of interesting, right? I don't know if this is just me, but I enable that on every single chat that I have on my onSignal.

So I kind of wonder what exactly would get backed up? I guess not much.

Um, yeah, I guess in your case, not much at all. I'm the same way by default. I enable

disappearing messages, but I do have a few like, um, like my sister has asked me to turn it off.

My mom asked me to turn it off when she was around. Um, I think I might have one or two other chats,

but yeah, so those would get backed up. My, my backups would also be pretty small.

Yeah, I think that's like a slight, I don't know, issue, I would suppose, like, because

maybe they should add an option to maybe the chance to have that backed up. I'm not sure,

maybe there's security concerns with that aspect or something like that. I'm not entirely sure, but

I think one thing that wasn't mentioned in this article that I thought was very, very good about

this is if you've ever tried switching between platforms, for example, if you've had an iPhone

and you wanted to switch to Android. Previously, you had to start all over again. You had no

message history at all. You'd have to start as a brand new account. You'd have to get your

not a brand new account, but your safety number would change, and all your previous messages

wouldn't be transferred. But with this new backup feature on iOS, now if you switch from an iPhone

to Android actually gives you the option to restore from a cloud backup. So you can actually

keep your messages going across different platforms. So that was one really interesting

thing I saw because I was testing this out and to see how it worked. So now if you do switch from

iOS to Android or Android to iOS, you can still keep all your chats, well, I guess provided that

they're not disappearing messages. I think we need to do a bit more testing on that because I

didn't really want to do that on my main signal account.

But I think, yeah, it's it's another interesting thing that's

that signals doing personally.

I don't really I don't want this.

I'm not going to use this.

But I think for some people, I know there's people that like

are like very attached to their like WhatsApp chats and like they back

everything up and they don't want to lose anything.

So I think this is kind of, you know, appealing to those people.

Well, less than, you know, asked where we're basically putting four weeks

appearing messages on every single chat,

'cause we're privacy-orientated.

But I think it's good to see that Signal

is kind of matching the capabilities of WhatsApp

and other chat apps to offer this feature.

So definitely big props to Signal for rolling that out.

It's certainly been out for a little while,

because I did notice it even before Signal officially

announced it, but it's very--

- On iOS?

- Yeah, on iOS, yeah.

I've seen it in the settings for a while now.

- Oh, okay.

Oh, nice.

- Yeah, real quick, I'm actually,

I'm glad you mentioned WhatsApp

'cause one of our other staff members left this

in the show notes to mention the story of Paul Manafort

who was a political consultant for Trump.

And he got arrested because he was,

I believe he was tried for this,

but just in case I'll say allegedly,

He was allegedly trying to, what do they call it?

Witness tampering?

Like he was trying to contact witnesses

in this upcoming trial and convince them to say

or not say certain things.

And one of the pieces of evidence that the FBI found

in this case was his WhatsApp backups were going to iCloud

and he didn't have advanced data protection enabled

or maybe it didn't exist at the time

'cause the story's from 2018.

But WhatsApp does their backups in plain text apparently.

And because it was in the iCloud,

the police were able to get a search warrant and pull those messages from my cloud.

And the content was right there.

And, um, this is a little off topic, but also one of the people that he

messaged went to the police and showed the messages and was like, Hey,

I don't think he's allowed to like message me like this.

So, uh, that is kind of an important thing to remember, even with signal, um,

cause I do remember that being a story a while back is, uh, the FBI, I think

in a separate case, the FBI had, uh, gotten a hold of somebody's phone, I think

with like a warrant or something,

and they were able to pull the signal messages off the phone.

And there was a lot of, you know,

fun conspiracy theories going around that,

oh, they, they crack signal, they crack signal.

No, they had his unlocked phone,

and they just opened signal and looked at the messages.

And, you know, but it's the same thing here.

It's like, this is one thing that makes signal better

than WhatsApp, among many things in my opinion,

but is these encrypted backups

because now they're never in plain text.

So it's safe to put them in the cloud,

whether that's signals cloud or somebody else's cloud.

It's, I mean, as safe as it is to put anything in the cloud,

it's reasonably safe to do that

because now they're encrypted.

And even if they were to be subpoenaed or something,

you can't, you know, you can't just like open them up

and read them the way you could with WhatsApp.

So.

- Yes, it's end to end encrypted.

But if one of the ends is not secure,

then you're in a bit of an issue there.

I think it's also interesting to say like

the recovery, it comes with a recovery key.

So definitely be very careful what you do

with the recovery key because I'm sure there might be

some way to extract the backup information

if you have that recovery key.

So it does ask you to write it down during the setup

of the backup process.

So definitely be careful where you put that

because yeah, that might allow someone to like

get access to information.

But yeah, it's definitely great that like signals

Once again, leading on privacy and security of a WhatsApp.

It's great, yeah.

I'm really excited about this new feature.

- Yep.

I think that's all we had for stories, I believe.

I'll go ahead and lead us into the forum updates as well.

So our forums are very, very active

as I've been learning since I've been here.

There's always something new going on, some new discussion.

But we're going to highlight a few things here.

For one, we have some Black Friday updates,

if I can get my mouse to play nicely.

So we have had, I believe it's a pinned topic actually,

over on the Privacy Guides forum, which for those who don't know,

is discuss.privacyguides.net.

We've had a pinned thread about Black Friday discounts.

So we're just trying to make it easy for people

to find a list of those discounts if you're interested.

So of course we will mention again,

the shop, privacyguides, shop.privacyguides.org,

that launched today and we do have $10 off of orders

that are $75 or more.

So that is technically a Black Friday sale.

Yubikey is offering 30% off on their Yubikey 5 series.

Proton, Tuda, Koofer, Start Mail and Mailbox

are all email and cloud storage providers

offering discounts, iStorage and GLINET are hardware devices.

They're offering discounts.

Newshosting.com is a Usenet service

that is offering $25 off for the first year

and Windscribe is also running a discount.

So, checking through the comments here,

but I don't think anybody added any more

that haven't been merged into that main post.

- Yeah, it looks like that's everything

on the Black Friday side of things.

I guess we can kind of plug it again,

but we do have a Black Friday sale on our shop.

So if you wanna grab something, definitely check that out.

I guess the other forum update that we have here

is MOLVAD browser has launched a call for testers

on our forum.

So MOLVAD browser and their partner organization,

the Tor Project are looking for people

to try out a new feature.

And they're grateful if someone was willing to participate,

basically in a one hour study,

and they're gonna do it over Signal Messenger.

And basically the sessions will take place

over December 2nd to December 4th,

and they'll give a $50 token as a token of their thanks.

So you can check out that post on the forum.

I'm not gonna show it on screen,

just for like privacy's sake, but you can check that out.

You'll feel definitely fine if you check that out.

And yeah, so if you do that, then you should get a message

from Alicia to participate.

So yeah, I think I might have a little bit of insight

and knowledge on what this feature might be.

I'm not gonna say anything, but I think, yeah,

definitely check this out because I think there's

some very interesting work that Mollvatt is doing

and the tour project together on this browser project.

So definitely stay tuned to see what that looks like.

- Yeah, I love the Mollvared browser.

- Yeah, definitely one of my faves.

- All right.

Do you want to kick off the listener questions

or would you like me to do that?

- Yeah, you can kick off listening questions here, definitely.

- All right, so we're going to start

by taking questions from forum members,

again over at discuss.privacyguides.net.

I think, let's see here.

We're gonna go ahead and start with questions from JG,

who is one of our members.

And I think I'll start with this one.

You asked a question a few days ago on the forum,

but I guess you didn't get any responses on it.

So you asked it again here on this one.

You said, "You're trying to translate PDF documents

to English and you say you're aware of Deeple, which for those who don't know, it's what

is it, Deeple.com/translate. It's like an alternative to Google Translate. You said

you were hoping to find another option that works well to translate PDFs and other docs

to English, but in a privacy respecting way and preferably doesn't cost too much. I don't

have a better answer because the only thing that comes to mind for me is maybe like an

LLM, which I know those are like come with a lot of privacy concerns of their own and

also a lot of accuracy concerns. I did actually have the idea a while back to just out of

curiosity to see how well they could do it translating like my own website. And I translated

one page and sent it to a native speaker of that language. And they were like, they were

like, it's like 90% of the way there, but it's missing a lot of like cultural context

and like some of the words are too literal in their translation. It's like, I wouldn't

publish this without having somebody proofread it. So yeah,

depending on what you're trying to use, that's probably not

deep. It's probably the best you're going to get from me as far

as I know. I don't know if you have any other

insight on translation stuff.

Yeah, I think it really depends what you're using it for.

I like if you're just using it to just get an idea about what

the PDF is for, then I would say it's probably fine. But yeah,

I don't I don't really have any suggestions. I know there's

Libre translate but that's probably, I don't believe that can do like PDFs. So that might not

be what you're looking for but yeah I would just be careful uploading that to Debelt because they

I'm not sure what their privacy policy is like and I'm not sure how long they hold on to that.

But in a lot of cases it might be your only option I'm not sure but yeah I would definitely

check out our like we have a section on our website for that so definitely check that out

and see if any of the tools that are working for you that could work for you. But yeah I don't

really have too much to add. Well look at that you're right there is a whole section on the website

for language tools. There's grammar and spelling there's translation tools yeah Libre translate it

looks is free and open source machine machine translation web interface and API server.

You can use it through a number of services, some that offer Tor or IdaP.

You can also self-host it. Wow, that's pretty cool.

Yeah, it kind of depends on your threat model, I guess. You'd probably want to self-host it,

but then that's kind of a little bit of a pain every time you want to translate something.

But yeah, there's public versions of it that are available. So definitely look into that.

There's definitely some decent options, but yeah.

Cool.

All right. I guess I'll let you pick the next question.

I guess we try to prioritize our members here. So JG, thanks so much for being a member.

So they've got a question about if one of the, so question slash request, considering you're

talking about a new feature, it would be, it would behoove to at least one of the presenters,

having tried the Graphino S desktop mode to then talk about what it is, pros, cons, etc.

The feature that hasn't been a preview of it anywhere about this niche feature, which is only

going to be popular among privacy enthusiasts. So I hope somebody tries it before talking about it

so I can better understand how it works.

So I did actually have some screenshots and videos of it,

which I can try and pull up.

All right, I'll try and pull it up,

but I'll just hand it back to Nate so I can do that.

But yeah, I'll just be back in a second,

and I'll see if I can get it open.

- Yeah, I was gonna say when you mentioned playing around

with the signal backups, I really appreciate you

being our unofficial guinea pig.

sometimes. Yeah, we were to step ahead of you on that one. Jordan did play around with that,

like they said. It's just, I know they have a, sounds like a complicated setup over there to

screen share and everything. So, and you know, sometimes we learn at the last minute, the things

don't like to work, but anyways, I'll move on to the question while Jordan's seeing if they can

and pull that up on screen.

You mentioned last week that a video or two

would be releasing early this week.

We gave that update at the beginning of the show.

We do have the smartphone courses now

in the editing phase and the threat modeling video

should be out shortly after this live stream.

And then you had a suggestion,

please have a new section each week to cover new app updates

such as releases, things to know about new products.

For example, Kagi releasing their Orion browser

in the fully stable 1.0, general reminders

to update all your apps.

I, ideologically, I personally am not opposed to that,

but it would get pretty big pretty fast

'cause there's some weeks where a lot of projects

release a lot of updates and I know,

I think we try to cover, I would assume we try to cover

any like major updates like signal announcing,

you know, their backups and stuff like that,

but I'm not sure we could realistically cover

every single update.

I think that might get to be a lot.

But yeah, you're not wrong.

It is never a bad idea to go through

and just check your devices, check your app stores,

check your programs and make sure they're updated.

- All right, so I managed to get the screen recording

to be displayed.

So you should be able to see it on screen now.

Just a little quick demo.

So I tried going to the PrivacyGuides website.

You can see I've got a mouse and keyboard connected.

It looks pretty much like a desktop computer, I would say.

It looks kind of like sort of Linux-y.

There's tiling and stuff as well.

So if you like drag the windows to each side of the window

of the display, it can like, you know, stick to the sides.

So it's definitely interesting that that,

they've got that sort of functionality now

and it actually performs relatively well.

So it sort of is very similar to using a desktop, I would say.

One of the issues that I had personally

was I've got a 4K display.

So basically if you have a higher resolution display,

it can look really pixelated because it only does 1080p.

So I think that is sort of a slight issue.

Here's me playing MindTest or Luanti

through the GraphinoUS desktop mode.

So you can even play games.

Like it actually ran at 60 FPS.

So with a keyboard and mouse.

So I think that was pretty cool actually.

But yeah, it's pretty cool stuff.

- That's awesome.

I'm just now seeing MindTest because of the delay, but wow.

on an Android, that's so cool.

I played around a little bit with that civilization game,

the, oh my God, what was it called, Un-siv.

But yeah, like you were saying earlier,

like that's kind of a hard game to play

with the touchscreen and the, yeah.

So that would be really cool to play around with that.

Thank you for sharing.

- Yeah, I just thought I would at least

have some screen recording so I can at least share.

But I will say that there's not like

huge amount of functionality yet. Like there's the app drawer that pops up. There's no like,

there's no way to see like notifications or like stop or start the recording or anything like that

on the second display. So it's pretty, it's pretty bare bones. There is like multitasking and stuff

you can see. I don't know if you can see on the, oh, you might not be able to see, but there's,

there's like a square and a circle and a back button you can access to like navigate around.

but most of it does have keyboard shortcuts as well.

But I was pretty surprised. I tried playing like a more demanding game on the secondary display.

And I noticed I realized that the Pixel 9 has really terrible gaming performance,

so I would definitely not recommend that. It was running at like 10F or something.

I was trying Destiny Rising, I think it's called.

Oh gosh. And yeah, it ran really terribly, but I didn't get any footage at that because it was like

making my phone heat up. So there are issues with like, you know, heat. I think it's like the Pixel 9

is notoriously known for having kind of terrible performance and getting really hot.

So actually just a pixel thing. I think every pixel just gets really hot.

But yeah, that's sort of all I wanted to show. I hope this kind of

answers some people's questions to what it looks like and it's a decent demo of what it can do.

A lot of the apps that are included on Graphi.no S just like work and resize them and everything.

So I would honestly just recommend giving it a shot if you haven't already, but it's not like you

need to upgrade to a pixel eight or nine to actually get any of these features because I'm not sure if

it's out of point where it's that usable. Yeah. Yeah, not to get off topic, but my wife plays a

lot of those more demanding video games and some of the people she plays with are on iPhones or

something and I'm like, "Your friends are crazy." Yeah, it's pretty crazy, like the level of

performance that we have on mobile devices now. It's like, you can play like 120 FPS,

like shooters on like an iPhone. So yeah.

All right. Okay. I guess we'll jump back to questions. Another question from the forum

comes from internet ghost with it being Thanksgiving week in the US. What is one

development in the privacy world that you are grateful for this year?

I didn't think about this question in advance.

I don't know. I mean, there has been a lot of bad news, unfortunately.

There's been the online safety act coming into effect,

Google dialing back the AOSP transparency.

I don't know. Okay, I'll be honest. Nothing specific comes to mind,

but I know there is good news because I remember one thing I always wanted to do

report that we just never got around to doing because we were both so busy is I

wanted to collect all the good news that happened throughout the year.

And at the end of the year, I wanted to like release that as a compilation or

like maybe even just circle back and talk about it in a fresh episode.

But, um, yeah, it, uh, I think there is a lot more good news because I remember

I, I tried just doing that one year.

I was like, okay, it's a fresh year.

I'm going to write these stories down.

So at the end of the year, we have our list and within a couple of weeks, it was

already like, we're going to need to trim this down because there's so many,

Like this law didn't pass, this got repealed,

Microsoft changed their mind about this.

Like, so I think there is a lot of good news.

I think the good news comes in smaller bite-sized pieces.

So it gets overshadowed by the big bad stuff

a lot of the time, but I think there is a lot of it still.

- Yeah, I can't really think of anything super positive,

I guess.

Yeah, I feel like I would have had to think about this before.

So one development in privacy that you are grateful for this year.

I'm grateful for the Privacy Guides team that we've built.

I think we've got some amazing people on our team now, and I'm really excited to see what

we're doing next year.

And we've put together a lot of amazing stuff for everybody, and it's been really great

to see so much positive positivity about everything.

So yeah, kind of wholesome, I guess.

Very positive attitudes in the chat.

Yes.

I agree.

All right.

Do you want to go ahead and pick the next question?

Yeah, sure.

So actually we did miss this earlier, but there was a donation from Soditol with a one pound.

Thank you if you're one pound. I forgot to mention that, but thank you so much for that.

Any support is appreciated. You don't have to donate or anything. You can share this

around, you know, get the word out. I think it's important that everyone's being up to

date on everything that's going on. I don't see any questions per se, but there is a post

here from Joseph Nombrefoso. I'm sorry if I said your name incorrectly. I'm not very

good at pronouncing things. Basically they said, "Sorry to sour Thanksgiving weekend,

but I got some urgent news. We need to organize a call to action around the hearing that will

happen on December 2nd in the US Energy and Commerce Committee." So basically the Committee

on energy and commerce is the oldest standing legislative committee in the US House of Representatives

and is vested with the broadest jurisdiction of any congressional authorizing committee.

So they're saying that there's a... basically they're trying to push through some sort of

like chat control law. It's actually kind of unclear what is actually going on with this

because they just posted what should do, not really like about what's happening.

Have you heard about this, Nate?

I haven't. I'm reading the post right now. In general, the goal of this hearing is to start

looking into all of the Protect the Kids legislation that has been proposed. This includes

bills like the Kids Online Safety Act and the App Store Accountability Act, which I think is a

federal version of the state laws in Texas, Utah, and Louisiana that requires age verification for

for using an app store.

The full list of proposals can be found

in the link at the top.

And then, yeah, he goes into what to do.

Yeah, that is really unfortunate.

I guess, I mean, the only positive thing

I can say about this is it sounds like

they're trying to take all these disparate mismatched,

which it's funny, a lot of experts called this years ago.

Like there's such a patchwork of regulation out there regarding this kind of stuff.

It sounds like the Energy and Commerce Committee is trying to kind of standardize it all,

which on the one hand, this is a double-edged sword because what experts have been saying,

the ones that I've been hearing about, they were specifically referring to privacy stuff,

like the California Consumer Privacy Act. They said that if states keep passing these patchwork

eventually the federal government is going to step in and just make one federal law,

but it's probably going to have a really, really low bare minimum for privacy and it's

going to be pretty ineffective.

And we did actually see that a few years ago as the government tried to pass a law and

they tried to make it where like you're not allowed to go above and beyond this, which

is completely ridiculous.

And thankfully that didn't pass.

But so that's why I say this could be a double-edged sword because on the one hand, if they're

going to get together and they're going to be like, hey, we need to have this one law

that should cover everything.

It's probably going to be like the bare minimum.

But at the same time, if they're talking about like the online safety act and the App Store

Accountability Act, it's probably not going to be about privacy.

It's probably going to be about age verification or something like that,

which also means they're going to go with the laziest, least effective,

least secure way of doing it.

So, yeah, not, I can't say I'm not feeling,

I can't say I'm feeling particularly hopeful about this if it goes through. I definitely want to do more research on this.

Yeah, it seems like basically every country now is trying to do some sort of, it looks like this is more like a less, less so chat control like and more just like, you know, about age verification from what I'm understanding. Is that correct?

I think so because the two that he mentioned, the Kids Online Safety Act and the App Store

Accountability, both of those are about age verification. Yeah, and I think, yeah, we're

seeing a lot of countries doing this like the UK's got, I think they might have already implemented

or it's implementing soon. Australia's on the December 10th is supposed to go into effect.

And in a lot of cases, at least I don't really know about the UK, but I know in Australia,

there's been a there's been legal pressure from the high court to basically stop that from going

through. So I think it's certainly interesting that there's so much like push from our governments

around the world to do this now and yeah it's it's we're gonna see some pretty horrible consequences

I think if this does get uh if this does go through um and I think if the US does this then

it's going to set a precedent for the entire world, I think. Which hopefully not.

Yeah. And then just to add on to that, Joseph added a second one to pay attention to the Patent

Office. Let's see, the deadline for public comments to push back against patent trolls in the US is

on December 2nd, which is a few days from now actually. So he's got a link to a post from the

to. Right yeah I think definitely if you're a US citizen or like you're interested in opposing

this which it sounds like you probably should be definitely look into it a little bit more because

like we said we're not super familiar with this definitely look into it a bit more but

check out the forum thread here and Joseph has got some good information to kind of get your

representative, call them, tell them that you're opposed to this, make sure you put some pressure

on people because yeah like we've always said this is this pretty important stuff to actually

mobilize on. I'm seeing a question here in the in the YouTube chat it said

Where did it go?

If you were stuck in a in time, what year would you pick?

So what year would you pick?

So I watch way too many YouTube videos and I know for sure I would not pick 536

AD, which apparently historians have decided was the worst year to be alive.

Yeah, I know.

I watch I watch a lot of YouTube videos that talk about random facts.

And so like the minute I saw that question, I was like, hold on,

I know there's an answer not to pick and I have to go look that up.

Um, if we're being honest, I feel like I would pick

something relatively recent, uh, because, and this, this might be a

controversial take, but I feel like, I feel like objectively speaking up

until recently, we were living in some of the best times in human history.

And, and I don't mean to say it's perfect for the record.

There's definitely still a lot of things that are not okay in the world that need to be fixed.

But we were living in a period where like global conflict was at an all-time low.

The standard of living was at an all-time high across the board.

You know, like civil rights were at an all-time high across the board.

And so it's, and again, that's not to say the world was perfect, but and I feel

personal opinion that I don't want to get into because we're not a political show.

I feel like we're kind of going in the opposite direction now.

But so, yeah, I don't know.

I feel like I would pick somewhere between like,

I want to say something in the 90s before the Internet became super popular.

But I feel like that's just me looking back on things with rose colored glasses.

But I don't know, maybe sometime in like the.

The early 2010s, maybe.

I don't know.

That could also be rose colored glasses.

So yeah, I'm a pretty big fan of modern medicine.

And not dying exactly 35. I think that's yeah, I'd say probably in like plumbing and

Yeah, having having having a toilet that that's pretty pretty high up in my list of needs I would say

I reckon probably yeah, I'd say like maybe

Before COVID maybe like 2018. I don't know. I don't know. That's that's kind of a funny question

I guess I haven't really thought about it

Yeah, definitely a modern age, a modern time period. I don't think I would want to live like

back when

other stuff was going on.

I think that too when I watch a lot of like older movies that are set in a certain time period and it like

it looks really exciting, but then it's like yeah, but like you get a cut in your finger and it gets infected and you die and like

you know, you always had to worry about like some lion jumping out and eating you and

Yeah, they also had like really, really weird medical.

I did see somebody asked me in the YouTube chat if I was wearing.

Oh, sorry.

I think there was a lag.

Did I start talking over you?

It was a bit of a lag.

Yes.

So go ahead.

Oh, just somebody in the YouTube chat asked if I was wearing a privacy guides polo.

I'm not, but I totally would if we had them.

I think you guys used to have a different merch store that had polos, but I think that one went away.

Is that a Privacy Guides poster in the background? Oh my goodness.

Are people just now noticing that?

You can get one for yourself at shop.privacyguides.org. Yeah.

Yes, with or without a frame.

That's good. I don't see any other questions. Just like, I guess kind of a final call here.

If anyone has anything they want us to talk about or answer, we can get to it.

Hey, came prepared. Yeah, somebody said, "I've never heard of this 53680 thing." I think there's

There's literally a YouTube video called like the worst year to be alive or something.

Let me go double check that while we're waiting on any last minute questions.

I don't know, but.

Oh, there's like several YouTube videos about it actually.

I don't remember who I'm thinking of.

Anyways.

All righty, people are saying 70s and 80s vibes were good.

I don't know.

Yeah, I don't know if I wasn't alive then.

I have no idea.

I mean, stranger things is fun.

I need to watch the new season.

It was a new season out already.

I thought it wasn't out.

So it's, it's coming out in three parts and the first part just came out.

I think like today or last night or something.

Ah, why do they always do that?

I don't know.

I'm not a big fan.

I wish they would just like put everything out at the same time instead of like drip feeding it.

They're probably going to do it every month, right?

One this month, one next month, and then like right in between New Year's and Christmas, I think.

So it's like two months.

I suppose they got to got to pump up those subscriber numbers.

to make sure everyone subscribed for three months instead of one.

I was gonna say that's probably why they're doing it is because they want people to actually stay

subscribed instead of just signing up for the free trial and canceling.

Yeah, honestly, that does sound accurate.

It's kind of Netflix has gone evil. Or maybe they're all evil all along.

I guess we can move on to the outro here.

Oh, we got, "Why does PrivacyGuides not recommend Linux Mint or Ubuntu?"

I guess there's some reasons why basically Ubuntu and Linux Mint are based on a non-rolling release.

So, rolling releases mean that they get basically like the most up-to-date packages.

There's no like static versions. So with like Debian or Ubuntu, they basically freeze the

package versions between versions. So like if you notice when like the latest Debian comes out,

everyone's like super excited because it's got like the latest packages and everything.

And then like if you use that about three years later, you're like, oh my goodness,

this is an ancient version of some software. And that kind of introduces some issues with

right? If you're not getting those security updates because they basically have to backport all the fixes to that package, right?

So you're probably going to miss out on some security updates on those packages.

So that's one reason why we don't recommend Ubuntu or Linux Mint because they're both, as far as I'm aware, based on Ubuntu,

or it might be Ubuntu, I'm sorry. I'm not sure how to say it.

But I've heard both. I don't know either

Yeah, I'm not sure either but also with Linux Mint. It doesn't use Wayland

I doesn't use a Wayland compositor by default which

basically Wayland offers like superior isolation between applications and

More sick especially a more secure desktop

Compositor compared to Xorg which Linux Mint uses by default because I believe they use

Cinnamon desktop by default or XFC as well.

So that's one of the reasons why Linux Mint

isn't recommended, but those are like,

I think the big, big two reasons, I think.

- Yeah, I'm a lot less technical

than people give me credit for,

but I do know that is in a broad stroke,

that's the main reason is like,

there's more secure options out there.

I think the redeeming quality of things like Mint and Ubuntu

is that they're extremely user friendly

and they're very easy to find help for,

especially if you wanna get to learn to use the terminal.

So I think that's something that's nice about them.

But at the same time, like, I don't know,

like even if you wanted to become a power user,

you can still find plenty of assistance

with things like Fedora or, you know, you can,

yeah, I mean, you can find what you need.

And even if you're not a power user,

If you get something like the Snap Store or the, what's the one for FlatHub?

Like you get FlatHub.

I mean, they're kind of plug and play, almost like using the Mac App Store, I think, or

even the Windows Store.

So I don't know.

I think Fedora has especially really come a long way in user friendliness that I'm personally

a fan of.

So.

Yeah, no, especially because Fedora has a KD's like officially like pod of Fedora now.

That's probably the best one-to-one replacement for Windows because I know some people, they

try Fedora workstation and they're really confused by GNOME because GNOME does things

in a very strange way that doesn't really compute for Windows people who've used to

a certain way of doing things.

So I think Fedora would probably be, FedoraKD Plasma is probably what you would want to

be looking for. And yeah, they said, "I like Geruda or Labuntu, KD Plasma." Yeah, I think

in general though, just to say, you don't have to use every single recommendation that

Privacy Guides recommends, they're just there because that's the ones that have been solidified

as the best possible, technically best option. If you weigh the benefits and you see that

Ubuntu is better in some aspects, like you have certain packages that are only supported by.deb,

then it kind of makes sense. You got to weigh it up yourself. I think it's best to maybe have a

read through why they're not listed, because there have been threads talking about Linux Mint and

why it's not recommended. So, you know, I think I personally never really used Linux Mint that much.

I've recommended it to people just because it was easy to use, but I think there's, you know, yeah,

Jonah just said, but yeah, all Linux is good. Linux, yeah, so basically any Linux distro is

going to be better than Windows or macOS, right? Like, let's at least put this into perspective,

right? I think people can get kind of bogged down by like, you know, the nerdiness stuff, like,

well, the technical details. I think as long as you're practicing good security habits, good privacy

I think you're going to be okay, but if you care about some of those extra security features like that Fedora has like SE Linux, Wayland, using all those modern technologies, I'd probably say check that out.

Check out our recommendations.

I see it.

All right.

Jonah says, "I was going to say 2000, but I was wondering if I would have to also be

the age I was in 2000."

Yeah.

I do think about that being a big sci-fi fan.

I think a lot about like, "Oh, what if I could go back in time or whatever?"

And then I think about that.

I'm like, "Man, it is pretty great like being an adult."

I mean, you know, bills suck obviously, but just having so much more freedom than I did

as a kid. I don't think I would trade that. So yeah, that's a valid question. Do I have to be the right age?

I know, I guess that's kind of part of the question. Yeah, I don't know what it was like in 2000.

I also wasn't born then, but I think if I would actually prefer to move forward in time, you know,

I'd like to go to like, you know, is that a thing? Can you choose to be in the future? I don't know,

maybe the future is going to be terrible and I don't know.

I do really like sci-fi that looks toward the future for that reason. I'm really curious how...

I actually had this conversation with somebody recently. I missed the golden age of sci-fi,

like the 1950s sci-fi, strictly because they were so optimistic about the future and how it was just

only going to bring so many good, wonderful things instead of nowadays it's like, "Oh,

we're all going to be living in shelters and AI is going to try to kill us all," which is probably

more accurate if we're being honest but still. Yeah I feel like we're doing pretty well right because

Blade Runner they thought we're gonna have flying cars and stuff but uh and we're all gonna be living

in like shanty towns but we're doing pretty good I think we're doing pretty well we're doing better

than that. Right at least the job interviews don't ask me why I'm not flipping over a turtle so

That's always nice.

Yeah, I don't know. I don't really know too much about 1950 sci-fi.

Oh, okay. We're getting a little bit off topic here.

I will happily discuss this with you afterwards.

All right. But yeah, I think we'll go ahead and call it there.

So yeah, thank you everybody for watching, for listening, for asking questions.

All the updates from this week in privacy will be shared here on the blog every week.

So if you subscribe with your favorite RSS reader, we will also be sending out a newsletter, I believe.

I think there's a link to that down in the show notes.

And for people who prefer audio, we're going to be putting up podcast styles and recordings of

these every week, live streamed from YouTube. So there should be links to subscribe to that as well.

And I think that'll do it. So thank you all for watching and we will be back here next week, same time.

One last thing before we go, we're a non-profit organization and if you want to support us

with donations that would be extremely appreciated. Just check out the website,

go to privacyguides.org, press the little heart in the top right corner. You can make a donation

using a credit card or you can also use cryptocurrency. But yeah, I'll just hand it back

over tonight to finish this out here. Thank you guys again for watching and we'll be back next week

with more news. Bye now.

[Music]