This is a good suggestion. Docker is more mature and has more resources, so it’s better to learn the ins and outs of containers. After getting comfortable with it, you can move to Podman and have a much better time tackling its peculiarities regarding permissions and rootless.

I used Docker for years and only recently decided to give Podman a try, porting my Lemmy instance to it.

I think security is a fair point, given caddy’s younger age compared to nginx, but I wouldn’t say it tried to do too much.

Why do you say that?

I’ve used both plenty and only once I thought Caddy was harder: caching. It requires you to install a plugin that also doesn’t have the easiest of configs. I think there’s a new and simpler one nowadays, but haven’t tried it yet.

I now use Caddy by default for everything new I make/host.

Have you looked at all the different layers? A while back they added more of those, with different types of quests that don’t appear normally.

StreetComplete is godsend. Editing OSM in JOSM, iD, etc, is not trivial and involves reading a lot of documentation and forum posts (if you care to do things right), which of course isn’t anywhere near practical for small devices when you’re on the go, surveying.

This app changed my whole routine. The interface is really solid and helps the community target important tasks, rewarding it with little prizes. Althewhile, the gamification is kept at a very healthy level, to avoid attracting leaderboard seekers and whatnot, which would certainly lower the quality of contributions.

I think the contribution day grid (akin to GitHub’s thing) as well as the dynamic category explorer, the badges and the OSM-related projects it reveals to you bit by bit really being everything together. It’s an incredible tool!

For the experienced (and this is not said lightly), there is the expert version, which adds more advanced editing features for those looking for a bit more control in regular SC.

The web font would also be cached, and it wouldn’t be that big of a resource in the first place. I think being able to copy a comment’s content is more important, but whatever.

I no longer remember details, but it was something to do with HeliBoard’s dictionary and the system one. Have you checked they both have the right languages?

While it’s not on the main F-Droid repo, they distribute it in their own repository: https://app.futo.org/fdroid/repo

True, an RCE is always a serious thing. Just saying it’s not exactly catastrophic like others have been more so.

Yeah, exactly. Very impracticable.

musl isn’t vulnerable, as per https://fosstodon.org/@musl/112711796005712271

Yeah that’s vodozemac, which is a Matrix crypto SDK written in Rust, and is part of the broader Rust SDK they are developing (which handles nesrly everything necessary for client development, even some opinionated UI stuff).

I believe they will explore using the new matrix-rust-sdk in Element Web further down the line, but it isn’t a priority afaik. I’d love them to continue development of Hydrogen tho :p

Great comment, cheers!

I see, that’s a good point indeed, it can be a good learning step. From a privacy standpoint, however, it’s not that effective.

That is interesting to hear, why do you think so?

While others have mentioned the great GrapheneOS, I will throw two other options:

• CalyxOS — privacy oriented Android OS. While Graphene focus on security pretty much above all else, Calyx focus on privacy (and usability) more. Both essentially only target Pixel phones and are great choices.
• LineageOS + MicroG — AOSP fork, continuation of the old CyanogenMod, with an open implementatinon of Google Services. This is perhaps the most “normal” OS, seeing as Lineage’s core is user freedom and not exactly privacy; however, with MicroG, you get a pretty private system with very few to none of the side effects of deviating a lot from standard Android.

Graphene is a great project, but I think it may be a bit too much for someone that is just entering the privacy world, hence why I’m suggesting these two options as alternatives that are less strict and “cumbersome” to use, so to speak, while not really sacrificing privacy.

In the end, as all things privacy, it depends a lot on your threat model, your tech proficiency and willingness to make “sacrifices” and adapt.

Yes, it is a hard step, but it is perhaps the most relevant one, hence why it’s important to get started with it, unless some external factor prevents the change. If you still have other Google apps (including Google Services), then uninstalling Gmail really does very little to nothing.

I meant alternative apps to Google’s in general, not to GMail specifically. Ditching GMail is an important step, as you block a relevant source of personal information, but using alternative apps, like MajorHavoc recommended, is another great step. NewPipe is one of such apps (I disagree Tubular is a better pick, but that’s something for another post).

K-9 and FairMail aren’t a good alternative to GMail. Not alone, that is. GMail is both an e-mail provider and a client, but I’d argue the first point is the most relevant. If you use a FOSS e-mail client with your Google account, nothing is really changing, they will still read all your mail. You have to change providers as well, which isn’t trivial for most people.
E-mail is an insecure means of communication, so you shouldn’t even use it for sensitive things, depending on your threat model, as usual. I personally use Migadu as my provider, for all the customisability and “vanilla” e-mail infrastructure they have, but Proton and Tuta are good alternatives as well, if you don’t mind or don’t care about the non-standard extensions.

These are some good suggestions! The most crucial one is perhaps a ditching Gmail, but using alternative apps, such as newpipe and stuff, also go a long way. Unfortunately, the system is fighting against you and you’ll have to really use a freer operating system to properly get away from Google. Still, these are good steps to take.