This is precisely why open-source Android ROMs such as e.foundation and lineageos.org are so important for the health of the #Android ecosystem. https://privacyinternational.org/news-analysis/3330/senior-google-engineer-reveals-privacy-bombshell-androids-preinstalled-apps
@kravietz yeah I'll never touch android. I love open source but android is an absolute mess and privacy nightmare.
@Wetrix In spite of the privacy-friendly charm that Apple is selling, I think they're doing very much the same as Google. Google doesn't pay $$$ to include its search engine in Apple products just like that.
Yeah, the whole cloud sync topic is really unsolvable if we just limit choices to Google and Apple.
I'm using /e/ cloud on my phone but I hesitate to load anything sensitive there... because it's someone else's cloud and a dedicated attacker *will* eventuall hack or subpoena them.
The only solution really is to run your own Nextcloud instance and then you're mostly in control of your data.
@nikolal @Wetrix Nothing is encrypted by default in Nextcloud.
If you enable server-side encryption it's kind of extra layer, but keys are stored there so it prevents rather small range of attacks.
End-to-end encryption is in alpha now.
So I just run an instance with regular TLS for transport security and on out of encrypted ZFS storage in case someone steals the server :)
ZFS is fantastic. From my point of view it's like lvm2, mdadm and LUKS, only everything in one interface, much more consistent and everything is hot-plug out of the box. You can create combinations of disks of any complexity, add or remove volumes at any time, and it just works. You can even dump the whole ZFS volume and gzip it into backup out of command line. Plenty of features, I've started using it like a year ago and still learning.
@nikolal @Wetrix
Once you start using ZFS you'll never go back to lvm2 etc :)