Every new internet-connected feature they add seems to also increase attack surface, so this is a weird dilemma. Still better to keep things up to date in the short term. In the long term, I’ve made the choice to switch to an OS that respects user preferences.

Edit: I’ve also heard that the Windows 11 IoT enterprise edition doesnt come with all this bloat but still gets regular security updates

If it’s for waking up at a scheduled time, why not go with a dedicated alarm clock that only needs a wall plug and maybe a backup battery?

No. Lockdown is not the same as BFU. Lockdown just turns off biometric unlocking.

The latter is true. Phone needs to be in BFU to work against cellbrite, I figure. Lockdown only turns off biometrics and makes the phone unlockable with a pin or password instead, iirc.

When you reboot the phone, it is in the BFU state where everything is still encrypted until the user unlocks the phone, as I understand it. https://blogs.dsu.edu/digforce/2023/08/23/bfu-and-afu-lock-states/

From the GOS forums, it looks like as long as you keep your phone up-to-date, block USB data in the locked state, and the phone is in the before-first-unlock state, cellbrite still can’t break into it

Pretty small if you have to ask. Privacy isn’t all or nothing. Depends on your threat model too. If you want an iPhone go buy one.

Yeah, they’re unchanged alright

Especially those developed/maintained within US jurisdiction

This privacy-centric US phone carrier may or may not be a honeypot, but seems too good to be true. https://www.cape.co/

Looks interesting, but it’s the first time I’ve heard of them and I’m wary about the CEOs ties to palantir and the fact that its a US-based company. I’ll wait for others to do some deeper research into the company first.

YouTube generally does that when I’m viewing embedded videos on a VPN. Works fine if you’re logged in and viewing videos on YouTube itself.

If I go to the steam page for a singleplayer game and see a bunch of paid DLC content, I usually skip it. Look at Stellaris, for example

Techbros don’t understand or care about consent

With how much SEO spam/slop that comes up in search engines, it would probably just be easier to whitelist trusted websites

Join the OpenRT discord server. The link can be found on their gitbook website. I believe they have some channels for Linux on the Surface 2

Edit: nvm, not sure about the surface 8, but maybe ppl there can still help

Just don’t use a VPN when creating an account, since reddit will likely flag the account as a bot/spammer.

You can and should use a VPN normally after you’ve created the account. Might be smart to wait a week or so after making the account to start using it on your personal devices though, just to seem less suspicious. Also, make sure you have MAC address randomization and no stored cookies if using the account on the same devices that you used with your banned account.

Go to a library, create an account on the public computer there with whatever email works. Creating accounts on VPNs with non-mainstream email addresses draws suspicion.

Even if you log back in to opt out, you can probably assume whatever data you gave them is already being used for AI. Best to abandon Meta and let it implode by itself.

Until things get sorted out in the US, its not safe for immigrants