I liked using it but 15€/year for navigation is too much for me. I'm going to stick to osmand now. At least osmand is open source. It has roughly the same features. It's just not that beautiful. I paid for osmand btw. What's your alternative?

Edit: And I like paying for osmand because it is open source.

I tried wyze and find it silly how video clips are limited to 5 seconds unless you give them money every month. I want something where the footage is saved on a local sdcard/hdd without any cloud reliance.

Even better if I don't have to be locked into using the manufacturer's app, but I'm flexible on that.

I have a store bought consumer router connected to my ISP's router which is in bridge mode, and it's one of the few remaining proprietary mystery boxes in my network that I don't know how to audit. I recently made a post about whether I should switch to PFsense, and this was one of my motivations (though I forgot to mention it in that post).

Is there an effective way to check whether my router is part of a Mirai botnet or some other malware that scanned the internet and found some vulnerability in my router? As far as I know, once infected, things like updating the firmware or pressing the reset button aren't guaranteed to remove it because it can just take control of those processes and persist. In my specific configuration, can malware from the internet even see my main router or just the ISP router it's connected to?

In my threat model, I'm most concerned about my local traffic to and from my server being exfiltrated by some cybercrime group as a lot of it is HTTP or HTTP proxy data. Not so much general internet bound traffic which is usually HTTPS or VPN. Obviously I don't want to be "participating" in botnet attacks or other cybercrime infrastructure either.

https://www.livemint.com/news/india/if-you-don-t-want-jyotiraditya-scindia-says-sanchar-saathi-app-is-optional-amid-strong-opposition-protests-11764659707854.html

So a bit ago I got an add for "canned rambutan". I had looked up Rambutan a few days prior after hearing it mentioned 10 hours into the video game Baby Steps. I wasn't using a VPN at the time and I didn't have fingerprinting protections active but I only mentioned it to a few sources (according to my browser history) all of which generally are implied to be private.

Which of these do you think is the reason the ad networks know?

• Wikipedia
• Startpage Search
• Duckduckgo Search
• My ISP
• Firefox
• My Firefox Extensions
• Kubuntu
• CachyOS
• The omnipotent algorithm connecting my mentions of Baby Steps with my progress through the game.
• Does this only make sense if my browser history is incomplete?
• Maybe I was using DNS over HTTPS via Cloudflare at the time of my search.

Any guesses as to where the weak link is?

cross-posted from: https://lemmy.zip/post/54163653

The Indian telecommunications authority, the Department of Telecommunications (DoT), has instructed eight messenger services to implement a permanent binding to inserted SIM cards. Affected are WhatsApp, Telegram, Signal, Snapchat, ShareChat, as well as the Indian services Arattai, JioChat, and Josh. According to the directive, the companies must ensure within 90 days that their services can only be used with a physically inserted SIM card.

I've read about creating separate users at the OS level, but I'm hoping for something a tad lighter. Are separate Firefox profiles and/or multi-account containers a thing in any of the various Firefox spinoffs for Android?

Testing in Fennec browser, in the little kebab menu, I see an option to sign in, but that's not what I want. I don't see anything related to profiles. When I browse to the page for the multi-account containers extension, it says not compatible w/ Android.

Does one of the other Firefox spinoffs for Android have either of these features (profiles or multi-account containers)?

Happy winter and merry festivities!

Last year I made a post outlining many gift ideas for privacy enthusiasts. I'm back this year with an updated list. Privacy enthusiasts, by nature, are sometimes difficult to buy gifts for. This list is here to make it easier for you to come up with ideas, even if you don't directly gift what's on the list. I've decided to make a rule this year: only physical items. You can't put a subscription under the tree.

3D printers

3D printers can turn plastic into any shape you want. While a lot of 3D printers include proprietary privacy-invasive software, there are open-source options such as RepRap. The privacy benefit of these comes in the form of homemade firearms. Traditional firearms include many elements to trace the ammunition back to the firearm, but homemade firearms (such as ones made using a 3D printer) exclude these. The reliability of the firearm depends on the quality of the 3D printer, but the designs are getting easier and easier to make.

Accessories

Especially for phones, there are a few of privacy accessories that are simple but effective.

• Faraday bags
• Lens covers (which some phone cases include)
• Microphone blockers (which is more effective as a recording jammer)
• Monitor filters (better known as privacy screen protectors)

Anonymous dress

Anonymous dress is clothing that conceals your identity in public. Obtaining these items of clothing is a chore, so it's always easiest when it is gifted by somebody else. Black, unthemed clothing does the best job of protecting privacy. The holy grail of anonymous dress is:

• A balaclava to hide your face.
• A baseball cap to further hide your face, although a sun hat does a better job.
• A hooded down jacket to hide body shape and skin color. There are significantly long down jackets that extend below the knees that can somewhat conceal your gait too. Last year I included jackets that spoof AI recognition or blind infrared cameras, but those are very difficult to find and can be very identifying.
• Elevator shoes to conceal your height.
• Sunglasses to hide your eyes. Reflectacles do the best job of this.
• Touchscreen gloves to prevent fingerprints and still be able to use touchscreens. Normal gloves work when paired with a capacitive stylus.
• An umbrella to hide your clothing from surveillance cameras.

Ciphers

Not all encryption is digital. Traditionally, complex codes and ciphers were created to conceal messages. Hardware devices like the enigma machine were used to further aide the process. Modern versions of those devices, as well as related items such as invisible ink are still around and can be a fun project.

Computers

Laptops, desktops, and servers are all useful devices for accessing digital services privately. While there is no best choice, some lists can help shine some light on which hardware is considered secure:

• PrivSec.dev Laptop Hardware Security
• Qubes OS Hardware Compatibility List

Concealment devices

Concealment devices are things that look like ordinary objects, but in some way or another, have a hidden compartment used for storage. These are excellent ways to hide sensitive items such as cash, backup security tokens, and more. These are excellent gifts if you're giving one-on-one rather than at a party.

Cryptocurrency wallets

Cryptocurrency wallets are devices used to securely store (the keys for) cryptocurrency such as the private cryptocurrency Monero. The two best options are:

• Ledger
• Trezor

Dumb tech

Dumb tech is the opposite of smart tech. It doesn't connect to every device in your house. It doesn't broadcast that data to a corporation. It doesn't get exposed in a data breach. It doesn't get hacked. It doesn't go down when the internet goes offline. Things like dumb TVs or dumb cars are becoming harder to find but more and more valuable for privacy.

Mail

Mail is almost always sensitive. For that reason, it's useful to protect the contents by using security envelopes. For delivering packages privately, it's also useful to have a label printer capable of printing shipping labels.

Money

Banks and payment service providers are almost always incredibly privacy invasive and offer poor security. While some of these issues can be mitigated with services like Privacy, it doesn't fix the underlying issue. Anonymous payments not only protect your privacy, but protect your money too, and having the ability to make payments like these is what allows privacy to further grow. Anonymous payment methods include:

• Cash
• Gift cards (when purchased with cash and adequate anonymous dress)
• Monero (which is physical when paired with a cryptocurrency wallet)
• Stored-value card (when purchased with cash and adequate anonymous dress)

Optical discs

Optical discs are a physical way to store movies, shows, music, games, and more. The idea is that, instead of paying a subscription and streaming content, you can pay a one-time fee and get the full quality media offline. This is also excellent for ripping to create a digital archive to stream from your own servers for free.

Paper

Your most sensitive information is put at risk the moment it becomes digitized, so pen and paper isn't so bad for some uses:

• Earlier this year, Amazon removed the option to download and transfer ebooks. It's becoming increasingly harder to "own" an ebook, especially without using privacy-invasive software. For that reason, books are much better for privacy.
• Calendar apps are convenient for reminders, but they often sync to cloud services or include telemetry. Physical calendars are a good way to have peace of mind knowing that your personal events are away from prying eyes and can be erased without a trace.
• Notebooks are also useful for the same reasons as books. There are also numerous benefits to writing things down instead of typing them.

Paper shredders

Paper shredders destroy sensitive documents to prevent obtaining sensitive information by digging through landfills. However, shredded documents can be recovered using automated software. The paper shredder industry hasn't discovered fire yet, it seems.

Power cables

Most cables carry both power and data. However, that can be exploited by cleverly designing fake power stations that discreetly steal data when plugged into devices. Some cables only deliver power, without delivering data. These are incredibly useful for protecting vulnerable devices in public settings.

Printers

Printers suck. So much so that not even Framework wanted to make one. Nevertheless, a new printer called Open Printer is in the works. Until it's finished, the best option is to gift a printer that allows printing over a wired connection.

Promotional merchandise

There is no shortage of promotional merchandise for privacy. Some of my favorites include:

• Electronic Frontier Foundation
• Naomi Brockwell TV
• Privacy Guides

I also recently found products like this that serve a functional benefit of telling people you don't want to be recorded without explicitly talking to them.

Rayhunter

Rayhunter is a device created by the Electronic Frontier Foundation to detect Stingray attacks. It can be installed on supported devices, which are great gifts for high threat model people.

Safes

Safes are a secure box to store sensitive items. I shouldn't need to explain why this is a good idea.

Security seals

Security seals are a special type of sticker that makes it very clear if the seal has ever been broken. This is useful to place on the case of computers or other containers that shouldn't be opened often.

Security tokens

Security tokens are hardware devices used to authenticate accounts at a hardware level. When setup correctly, they are one of the most secure way to login. The most popular open source options are:

• Nitrokey
• OnlyKey
• SoloKeys

Smartphones

GrapheneOS is the most private and secure operating system available. They recently announced that they are partnering with an OEM to manufacture devices designed for GrapheneOS. However, until that device is made available, Google Pixels are still the only device GrapheneOS can be installed on.

USB flash drives

USB flash drives are the unsung heroes for so many areas of privacy. Whether it be installing operating systems such as Qubes OS and Tails, or creating offline Seedvault backups for GrapheneOS, USB flash drives have a multitude of uses. Just remember: it's better to have many, smaller USB flash drives than one, large USB flash drive.

Wi-Fi hotspots

Wi-Fi hotspots are (for privacy use-cases) hardware devices that allow connecting devices to the cellular network in a much more private way. The best one that supports an excellent privacy organization is the Calyx Internet Membership.

Wired headphones

Wired headphones not only provide higher quality audio output, but they also avoid the history of security issues with Bluetooth and the surveillance capitalism that comes with Bluetooth Low Energy beacons. Which type of wired headphones you gift depends on a lot of factors, but one that pairs nicely with Google Pixels are the Pixel USB-C earbuds sold by Google themselves.

Wireless routers

Wireless routers often leak everything sent through them. For that reason, custom software such as OpenWrt was designed to replace the privacy invasive software preinstalled on routers. OpenWrt also created their own router called the OpenWrt One. Earlier this year, they announced that they would be creating a new router called the OpenWrt Two. It hasn't come out yet, but maybe it will be on the list next year.

Conclusion

There is no shortage of privacy tech. The same technology that empowers privacy is the thin veil slowing down the world from its dystopian target. Giving the gift of privacy means giving the gift of a better future for those of us fighting on the front lines.

Lack-of-AI notice

I’ve been burned before, so I always try to mention that none of my content is AI generated. It isn’t even AI assisted. Just because something is comprehensive and well-structured does not make it AI generated. Every word I write is my own. Thank you for your understanding.

I use Linux on all my personal computers and privacy respecting ROMs on phones, and Pi-Hole, but a part I haven't really taken a look at is my network at home.

I currently have my ISP's smart router in bridge mode connected to a brand name Wi-Fi 6 router with a wireless "mesh" range extender. I really like the range extender because it has an Ethernet port so it's basically a "free" Ethernet plug for that room connected to a high power Wi-Fi transceiver that's faster than a lot of on board Wi-Fi antennas.

But I feel like it's probably not the best thing privacy and security wise? I already don't use the app and luckily it still has a web interface for management, but I don't know how secure the firmware is or if it has any corporate "analytics" or not. I'm thinking a PFsense or similar router software on Linux box to connect to the bridge port of my ISP's router since I was told the "Ethernet" cable connecting from it to the fiber modem won't work with a store bought router, I assume it has some kind of DRM?

I already have an old PC in mind to convert to a router. I assume I could just use the onboard Ethernet port to talk to the router and add my own USB NIC to connect to the main switch?

I don't know what to do for Wi-Fi though, could I buy two dedicated access points and put them on different floors, and have them both connected to the wired network? How hard would it be to have those be the same Wi-Fi network and have devices actually switch between them depending on location?

Also, most of my NICs and switches are from the thrift store or eBay for higher end used server parts. Is that bad? As in how worried should I be about the firmware running in those being tampered with by whoever owned it last?

Hello. I installed Linux Mint on a new desktop that I built about a week ago, and I'm starting to get used to it, so it's probably time to start using it for some actual life things.

A couple of these do involve talking with family members all in Facebook Messenger, as well as the necessity of using Google Workspace for some work-related functions.

I'm aware that using both of these is a compromise of privacy in and of itself, but I'm still interested in mitigating the damages best as I can.

What steps can I take to make the usage of these as private and non-invasive as possible? If it helps at all, the browser I'm using is Firefox and the operating system is Linux Mint.

Apparently Europe finally got Whatsapp to enable 3rd party chats making it easier to switch to more privacy friendly alternatives article However the only other app that currently works with it is "BirdyChat"??

Have anybody found any news about when serious alternatives will be integrated?

If I am already using a rooted but proprietary smartphone (Samsung Galaxy S23), downloading my apps from other sources than Google Play, how would Google be able to control what I do with it? If necessary, I could just stay on my current OS build as well. All in all, while politically and philosophically, Google's new policy is bad, I don't feel threatened by it with my current understand of the situation and technology...

Cross posted from: https://feddit.uk/post/40232992

european funds recovery initiative Search Search... Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR HOME Related News

Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR Last week we at EFRI wrote about the Digital Omnibus leak and warned that the European Commission was preparing a stealth attack on the GDPR

Since then, two things have happened:

The Commission has now officially published its Digital Omnibus proposal.

noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy.

What noyb has now put on the table

On 19 November 2025, noyb published a new piece with the blunt headline: “Digital Omnibus: EU Commission wants to wreck core GDPR principles”

Here’s a focused summary of the four core points from noyb’s announcement, in plain language:

New GDPR loophole via “pseudonyms” and IDs

The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR.

This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”).

Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions.

Different companies handling the same dataset could fall inside or outside the GDPR.

For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”.

Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept.

arzh-CNnlenfrdeitptrues european funds recovery initiative Search Search... Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR HOME Related News

Digital Omnibus: How Big Tech Lobbying Is Gutting the GDPR Last week we at EFRI wrote about the Digital Omnibus leak and warned that the European Commission was preparing a stealth attack on the GDPR

Since then, two things have happened:

The Commission has now officially published its Digital Omnibus proposal.

noyb (Max Schrems’ organisation) has released a detailed legal analysis and new campaigning material that confirms our worst fears: this is not harmless “simplification”, it is a deregulation package that cuts into the core of the GDPR and ePrivacy.

What noyb has now put on the table On 19 November 2025, noyb published a new piece with the blunt headline: “Digital Omnibus: EU Commission wants to wreck core GDPR principles”

Here’s a focused summary of the four core points from noyb’s announcement, in plain language:

New GDPR loophole via “pseudonyms” and IDs The Commission wants to narrow the definition of “personal data” so that much data under pseudonyms or random IDs (ad-tech, data brokers, etc.) might no longer fall under the GDPR.

This would mean a shift from an objective test (“can a person be identified, directly or indirectly?”) to a subjective test (“does this company currently want or claim to be able to identify someone?”).

Therefore, whether the GDPR applies would depend on what a company says about its own capabilities and intentions.

Different companies handling the same dataset could fall inside or outside the GDPR.

For users and authorities, it becomes almost impossible to know ex ante whether the GDPR applies – endless arguments over a company’s “true intentions”.

Schrems’ analogy: it’s like a gun law that only applies if the gun owner admits he can handle the gun and intends to shoot – obviously absurd as a regulatory concept.

Weakening ePrivacy protection for data on your device

Today, Article 5(3) ePrivacy protects against remote access to data on your devices (PCs, smartphones, etc.) – based on the Charter right to the confidentiality of communications.

The Commission now wants to add broad “white-listed” exceptions for access to terminal equipment, including “aggregated statistics” and “security purposes”.

Max Schrems finds the wording of the new rule to be extremely permissive and could effectively allow extensive remote scanning or “searches” of user devices,ces as long as they are framed as minimal “security” or “statistics” operations – undermining the current strong protection against device-level snooping.

Opening the door for AI training on EU personal data (Meta, Google, etc.)

Despite clear public resistance (only a tiny minority wants Meta to use their data for AI), the Commission wants to allow Big Tech to train AI on highly personal data, e.g. 15+ years of social-media history.

Schrems’ core argument:

People were told their data is for “connecting” or advertising – now it is fed into opaque AI models, enabling those systems to infer intimate details and manipulate users.

The main beneficiaries are US Big Tech firms building base models from Europeans’ personal data.

The Commission relies on an opt-out approach, but in practice:

Companies often don’t know which specific users’ data are in a training dataset.

Users don’t know which companies are training on their data.

Realistically, people would need to send thousands of opt-outs per year – impossible.

Schrems calls this opt-out a “fig leaf” to cover fundamentally unlawful processing.

On top of training, the proposal would also privilege the “operation” of AI systems as a legal basis – effectively a wildcard: processing that would be illegal under normal GDPR rules becomes legal if it’s done “for AI”. Resulting in an inversion of normal logic: riskier technology (AI) gets lower, not higher, legal standards.

Cutting user rights back to almost zero – driven by German demands

The starting point for this attack on user rights is a debate in Germany about people using GDPR access rights in employment disputes, for example to prove unpaid overtime. The German government chose to label such use as “abuse” and pushed in Brussels for sharp limits on these rights. The Commission has now taken over this line of argument and proposes to restrict the GDPR access right to situations where it is exercised for “data protection purposes” only.

In practice, this would mean that employees could be refused access to their own working-time records in labour disputes. Journalists and researchers could be blocked from using access rights to obtain internal documents and data that are crucial for investigative work. Consumers who want to challenge and correct wrong credit scores in order to obtain better loan conditions could be told that their request is “not a data-protection purpose” and therefore can be rejected.

This approach directly contradicts both CJEU case law and Article 8(2) of the Charter of Fundamental Rights. The Court has repeatedly confirmed that data-subject rights may be exercised for any purpose, including litigation and gathering evidence against a company. As Max Schrems points out, there is no evidence of widespread abuse of GDPR rights by citizens; what we actually see in practice is widespread non-compliance by companies. Cutting back user rights in this situation shifts the balance even further in favour of controllers and demonstrates how detached the Commission has become from the day-to-day reality of users trying to defend themselves.

EFRI’s take: when Big Tech lobbying becomes lawmaking

For EFRI, the message is clear: the Commission has decided that instead of forcing Big Tech and financial intermediaries to finally comply with the GDPR, it is easier to move the goalposts and rewrite the rules in their favour. The result is a quiet but very real redistribution of power – away from citizens, victims, workers and journalists, and towards those who already control the data and the infrastructure. If this package goes through in anything like its current form, it will confirm that well-organised corporate lobbying can systematically erode even the EU’s flagship fundamental-rights legislation. That makes it all the more important for consumer organisations, victim groups and digital-rights advocates to push back – loudly, publicly and with concrete case stories – before the interests of Big Tech are permanently written into EU law.

Cross posted from: https://feddit.uk/post/40205739

I'm posting this to hopefully stop the posts that keep appearing, suggesting that progress has been made to defeat chat control. That's not correct.

The article:

Contrary to headlines suggesting the EU has “backed away” from Chat Control, the negotiating mandate endorsed today by EU ambassadors in a close split vote paves the way for a permanent infrastructure of mass surveillance. Patrick Breyer, digital freedom fighter and expert on the file, warns journalists and the public not to be deceived by the label “voluntary.”

While the Council removed the obligation for scanning, the agreed text creates a toxic legal framework that incentivizes US tech giants to scan private communications indiscriminately, introduces mandatory age checks for all internet users, and threatens to exclude teenagers from digital life.

“The headlines are misleading: Chat Control is not dead, it is just being privatized,” warns Patrick Breyer. **“What the Council endorsed today is a Trojan Horse. By cementing ‘voluntary’ mass scanning, they are legitimizing the warrantless, error-prone mass surveillance of millions of Europeans by US corporations, while simultaneously killing online anonymity through the backdoor of age verification.” ** Continue reading here - https://www.patrick-breyer.de/en/reality-check-eu-council-chat-control-vote-is-not-a-retreat-but-a-green-light-for-indiscriminate-mass-surveillance-and-the-end-of-right-to-communicate-anonymously/

Contrary to headlines suggesting the EU has “backed away” from Chat Control, the negotiating mandate endorsed today by EU ambassadors in a close split vote paves the way for a permanent infrastructure of mass surveillance.

While the Council removed the obligation for scanning, the agreed text creates a toxic legal framework that incentivizes US tech giants to scan private communications indiscriminately, introduces mandatory age checks for all internet users, and threatens to exclude teenagers from digital life.

The article is non-paywalled, freely readable on the link --^

Or have to go through great lengths to escape.

In my country you can't buy any medicine without showing your ID... I mean, you technically can, but if you are registered they "give" like an 80% discount, so everyone thinks it's a great deal, not realizing that's the normal price, they are just pretending you can still go and buy a simple cold medicine without sharing your ID, phone, email, and street address with the drug store and whoever they decide to sell that information to, you just have to pay absurdly more. Yeah, you can lie about all the other information, but not really about your ID number. Probably soon, to get the "discount", you are going to have to verify your email or phone number as well.

With the UK apparently floating ideas of a VPN ban it's got me worried about the future of anonymity online. Now people have already pointed out that a VPN ban doesn't make sense because of all the legitimate uses of one and wouldn't even be enforceable anyway, but that got me thinking.

What if governments ordered websites (such as social media sites) to block traffic originating from a VPN node? Lots of sites already do this (or restrict your activity if they detect a VPN) to mitigate spam etc. and technically that wouldn't interfere with "legitimate" (in the eyes of the gov) VPN usage like logging onto corporate networks remotely

It's already a pain with so many sites either blocking you from access or making you jump through a million captchas using VPNs now. I'm worried it's about to get a whole lot worse

There's been some posts about Graphene leaving france and accusing the government of targeting them.

This isn't happening. What happened is that le parisien posted an article that presents what french law enforcement think of grapheneOS, which is obviously mostly crap, then present part of graphene's respone, which does in fact include their references to human rights organizations, large tech companies and others using GrapheneOS, unlike what grapheneOS claims. The main flaw with the article is the fact that the author takes what the french law enforcement says at face value, which is not a good move.

If you haven't been following this you may be wondering how this was extrapolated into the government targeting them. Well, it's because government owned news sites also reported on this. This is because le parisien's article got regurgitated by a bunch of other news sites looking for an easy article to get ad revenue from, normal news site behavior. The government news sites are fully editorially independent from the government, which the GrapheneOS lead should know, since that's how the canadian CBC works.

For chat control, that measure isn't supported by the majority of french meps, just the (massively unpopular) head of state and his minority government. No similar law has been passed nationally, in fact, a law that guarantees privacy rights is making it's way through the legislature (tuta article). If chat control passes, it affects several of the countries (germany and belgium, afaik) they moved to as well, anyways.

Graphene's announcement also disparages the other two big privacy roms, both based in france, which is odd and makes me personally think this may have more to do with the visible hatred the project lead has for those projects.

Please tell me what you think, and if I missed anything important, because it really seems like a big nothing-burger to me.

Since the Internet is going to shit, even in the Western world, I'm looking for ways to avoid the corporate and governmental grip that is coming our way.

Is I2P a viable solution? I figure if it can resist China and Iran's level of censorship/surveillance, we should be good in the West, at least for awhile.

Christmas is coming, we recently had a newborn, and we aren't sharing pictures of them on social media. But of course, we'd like to share photos with family, and a digital photo frame seems like an ideal way to do that.

I'm considering a solution with Immich, and found ImmichFrame. This doesn't recommend making it available to the internet, however, but running it on a Raspberry Pi with only the images we intend to share this way seems like a reasonable amount of risk.

Regarding Immich Frame, how does it handle when the server is unavailable, when say, my IP address changes? Ideally, I don't want this gift to become a series of tech support problems, there's good reason I haven't offered family access to anything else I self host.

Also, what frames do y'all recommend? Not looking to break the bank here, as I may be buying several. I assume something simple and Android would be best, maybe even something that can have its OS replaced with stock? I'd hate to get stuck with something locked down and unworkable, or that introduces its own broad privacy/security issues.

Lastly, please feel free to suggest other alternatives. Maybe there's a solution that sends images encrypted and decrypts them on device, and doesn't require me to self-host Immich, for example?

The drama and accusations the GrapheneOS developers are spewing and engaging in are giving me a bad taste in the mouth and make me doubt the OS’s reliability am I the only one?

Our latest blog post is aimed at people who 'get it' about online privacy, but who struggle to convince friends and family to take it seriously. We hope it helps!