It is truly upsetting to see how few people use password managers. I have witnessed people who always use the same password (and even tell me what it is), people who try to login to accounts but constantly can't remember which credentials they used, people who store all of their passwords on a text file on their desktop, people who use a password manager but store the master password on Discord, entire tech sectors in companies locked to LastPass, and so much more. One person even told me they were upset that websites wouldn't tell you password requirements after you create your account, and so they screenshot the requirements every time so they could remember which characters to add to their reused password.

Use a password manager. Whatever solution you think you can come up with is most likely not secure. Computers store a lot of temporary files in places you might not even know how to check, so don't just stick it in a text file. Use a properly made password manager, such as Bitwarden or KeePassXC. They're not going to steal your passwords. Store your master password in a safe place or use a passphrase that you can remember. Even using your browser's password storage is better than nothing. Don't reuse passwords, use long randomly generated ones.

It's free, it's convenient, it takes a few minutes to set up, and its a massive boost in security. No needing to remember passwords. No needing to come up with new passwords. No manually typing passwords. I know I'm preaching to the choir, but if even one of you decides to use a password manager after this then it's an easy win.

Please, don't wait. If you aren't using a password manager right now, take a few minutes. You'll thank yourself later.

Introduction

I am a fan of Louis Rossmann. This will be very evident in the rest of the message. I saw how many companies tried to get away with anything and everything they possibly could, and I began to get very upset. I wanted to know what a perfect software would be like, one that was ethical, open, and had no way to pull the rug out from under its users. Many of the things Rossmann says were introduced into this philosophy, as well as some of my own views. I wanted to create a sort of guideline for how software should be.

Early draft

This took multiple months to complete, multiple drafts (lots of which were written by hand), lots of sections compressed and decompressed, and lots of research and time to think. With all of that said, I am absolutely terrible at writing. I would either be too detailed, not detailed enough, or other various problems. However, I am including an early draft because it seems to hold its own slightly differing vision. This is an early draft written by hand:

1. Transparency and availability All of the software's code should be completely open source. No part of the software should be proprietary, including dependencies, blobs, drivers, extensions, website, installers, servers, etc. Those all fall under the same conditions listed in this whole document. No dependencies should be included unless they are essential for the software's core functionality or explicitly requested by the user. All dependencies should be clearly documented, and their purpose should be easily understandable by the user. The entire source code should be accessible to everyone, without any restriction, censorship, or moderation. There should be no requirement to create an account, verify identity, pay any amount, or any other extra steps to be able to access the source code in its entirety.

2. Legibility Every part of the code should also be understandable. Obfuscation, encryption, or any other attempts to create code that is not understandable is not allowed. All code should be well written, clearly understandable, and well documented. Documentation should be clearly understandable and falls under the same conditions as the code itself in terms of how it can be accessed. Furthermore, all documentation should be able to be easily accessible entirely offline. All code and its extensions should be free to study, edit, and distribute without restriction.

3. Availability, equality, and ease of use The entire software should be available to everyone for installation. There should be no restriction or censorship on who, when, or where (geographically and digitally) the software can be installed. There should also be no discrimination on who is able to use the software. Same installations of the software should be identical for all users. The software should be easy to install and uninstall, and all traces of the software should be removed after installation.

4. Free of cost The entire software should be completely free of cost. There should be no free trials, no subscriptions, no paid portions, etc. There should also be no paid alternative to the software with added functionality (such as a "premium" tier) The full version of the software should be completely free to download, install, and use to its full functionality.

5. Update availability and backwards compatibility All software updates should be optional. No updates should be required, no matter how important. Users should not be bothered about updates besides a single notifier when an update is available. There should be clear options to select which portions of the software get updated, if any, how the software is updated, and clear descriptions of which portions are receiving updates. There should be no restriction of censorship about who receives updates. All updates should be identical for all users. An offline update capability should be implemented, for users to download an update separately and update the software in an offline environment. All older versions of the software should be available to rollback to, or to install fresh.

6. Extension ease of use Extensions and plugins should be available to create and install for the software. These extensions fall under the same conditions listed in this entire document. Extensions should be easy to create and implement into the software. There should be no moderation, restriction, regulation, or censorship on which extensions can be installed and used.

7. Offline capabilities The entire software should be able to function to its full capabilities in an entirely offline environment. No part of it should ever rely on external sources such as cloud servers, website pings, etc. There should be no limitation on the functionality of the software in an offline environment.

8. Data control and interoperability All user data stored by the software should be easy and free to be able to import, export, modify, delete, and transfer at all times. This functionality should be clearly implemented, with no added steps. Data should also be completely interoperable with other similar softwares.

9. Account freedom and security The software should never ask or force the creation of an account, identity verification, or any other form of authentication. All portions of the software should be completely accessible without any further verification. However, if a user decides to credential protect certain portions of the software for security reasons, credentials should be stored entirely locally and securely.

10. Universal compatibility and freedom The software should strive to be compatible with as many systems and devices as possible. There should be no restrictions on which operating systems or devices the software can be installed on besides what is not possible to do. For all installations, clear debug messages should be present for errors in the software, as well as an easy system to manage these error messages.

11. Perpetual access The software should be available to install and use in full perpetually. There should be no time limit to be able to access the full functionality of the software. Trial versions of the software are not allowed. Users should have perpetual and unrestricted access to the complete software.

12. Optional legal agreements Users should never be asked or forced into any legal agreements, contracts, terms of service, terms of use, privacy policies, etc. If it is absolutely necessary that any of those are included, there should be a clear and easy way to opt out completely from all parts of the agreement. Users should be fully opted out by default from any agreements, and users should be clearly aware of what they are opting into. The agreement should be written in a manner that can be easily understood, and in a manner that is clearly visible to the user. Users should be able to change their preferences afterwards, in an easy and clear way.

13. Permissions The software's permissions should be easily changeable. Permissions include access to devices such as microphone and webcam, access to certain folders and files, access to modify and delete files, etc. These permissions should be clearly listed, and no unnecessary permissions should be enabled by default.

Disclaimer

Because I am terrible at writing, most of this was painstakingly generated using LLaMA 3.1 70B & 405B. Believe it or not, this was actually a lot of work. Not only did I have to give detailed enough explanations for it to give an output that aligned with my vision, but formatting and sorting each section took an insane amount of work. Not to mention hallucinations, outputs that did not fit the prompt, rate limiting, and multiple other issues. Finally, after months of planning, preparation, tweaking, and editing, I am happy with what has been created.

How to help

Even though I am happy with what has been created, it is by no means perfect and needs a massive amount of human intervention to improve it. Be nitpicky! I want to make this something the community is happy with, and something that is free of flaws and loopholes. I am very open to feedback here, since this is not the final version.

The Philosophy

Category: Open-Source and Licensing

1. Open-Source Ecosystem: The entire software ecosystem, encompassing the core codebase, as well as all supplementary components, modifications, and derivatives, should be transparently and freely accessible to anyone. This means that all extensions, add-ons, plugins, and integrations, regardless of their origin or purpose, should be developed and shared under open-source licenses. Similarly, any forks or variations of the original software should also be openly available, allowing the community to benefit from diverse perspectives and innovations. By embracing openness and collaboration, the software can evolve more rapidly, securely, and equitably, with the collective efforts of a global community driving its growth and improvement.

2. Free and Open-Source License: The software should be made available under a free and open-source license, allowing users to freely study, modify, and distribute the software. This means that the software should be released under a license that grants users the freedom to use, modify, and distribute the software, without any restrictions or limitations. The software should be made available in a format that is easily accessible and modifiable, such as source code, and should be accompanied by clear and concise documentation that explains how to use, modify, and distribute the software. The license should also allow users to create and distribute derivative works, such as modified versions of the software, and should not impose any restrictions on the use of the software for any purpose, including commercial use. By making the software available under a free and open-source license, the developers can promote collaboration, innovation, and community involvement, and can help to ensure that the software remains free and open for the benefit of all users. Additionally, the software should also be made available in a way that is accessible to people with disabilities, and should be designed to be usable by people with a wide range of abilities and needs.

Category: Code Quality and Development

1. Readability and Code Quality: The code should be crafted with the utmost care for readability, making it effortless for humans to comprehend its intent, logic, and behavior. This means that the code should be written in a clear, concise, and consistent manner, using a syntax that is easy on the eyes. Variables, functions, classes, and other programmatic elements should be assigned descriptive and meaningful names that accurately convey their purpose and role, avoiding ambiguity and confusion. Additionally, the code should be liberally annotated with high-quality comments that provide context, explain complex concepts, and highlight key decisions, making it easier for developers to understand, maintain, and extend the codebase over time. By prioritizing readability, the code becomes a valuable resource for knowledge sharing, collaboration, and collective growth.

2. Comprehensive Documentation: The code should be accompanied by comprehensive, accurate, and up-to-date documentation that provides a complete understanding of its functionality, behavior, and underlying architecture. This documentation should include detailed explanations of each component, module, and interface, as well as usage examples, tutorials, and guides that facilitate easy adoption and integration. Furthermore, the documentation should be written in a clear, concise, and accessible manner, using language that is free from technical jargon and assumptions about prior knowledge. By providing thorough documentation, the code becomes a self-contained resource that empowers developers to quickly grasp its inner workings, troubleshoot issues, and make informed decisions about customization, extension, and maintenance. This, in turn, fosters a culture of transparency, collaboration, and continuous improvement, where the codebase serves as a shared knowledge base for the entire community.

3. Modular and Extensible Architecture: The software should be designed with a modular and extensible architecture, allowing users to customize and enhance its functionality through the use of extensions or plugins. This means that the software should provide a robust and well-documented API, as well as a plugin framework, that enables developers to create custom extensions that can interact with and modify the software's core functionality. The software should also provide a user-friendly interface for managing and installing extensions, making it easy for users to discover, download, and install new extensions. Furthermore, the software should be designed to allow extensions to be developed for all portions of the software, including the user interface, data processing, and core functionality. This will enable users to tailor the software to their specific needs and workflows, and will also enable developers to create specialized extensions that can be shared with the broader user community. By providing a robust extension framework, the software can become a platform for innovation and customization, allowing users to create a tailored experience that meets their unique needs and requirements.

4. Transparent Development Process: The development process for the software should be transparent and clear, with documentation for each step of the process. This means that the development team should maintain a publicly accessible repository of documentation, including design documents, meeting notes, and technical specifications, that provides a clear understanding of the development process and the decisions that are being made. The documentation should be up-to-date and accurate, reflecting the current state of the software and any changes that are being made. Additionally, the development team should provide regular updates on the development process, including blog posts, social media updates, and email newsletters, that keep users informed about what is happening and what to expect. Any outages or disruptions to the software should be clearly communicated to users, with explanations of what happened, how it is being fixed, and when the software is expected to be back online. The development team should also provide a clear and transparent process for reporting and tracking issues, with a publicly accessible bug tracker and a clear process for submitting and resolving issues. By providing transparent and clear documentation and communication, the development team can build trust with users and demonstrate a commitment to openness and accountability.

Category: Deployment and Updates

1. Uniform Deployment and Updates: All users should receive the same version of the software, with identical features, functionality, and updates, regardless of their location, device, or usage patterns. This means that the software should be deployed and updated uniformly, without any hidden variations, experiments, or segmentations that could create unequal experiences or introduce unnecessary complexity. No user should be unwittingly enrolled in A/B testing, beta programs, or other forms of differential treatment that could compromise their experience or create uncertainty about the software's behavior. By maintaining a single, unified codebase and deployment process, the software can ensure consistency, reliability, and fairness for all users, while also simplifying testing, debugging, and support processes. This approach also helps to build trust and transparency with the user community, who can rely on a predictable and uniform experience across the board.

2. Access to Previous Versions: The software should maintain a comprehensive archive of all previous versions, making it possible for users to access, download, and install any earlier version of the software that meets their specific needs or preferences. This means that users should have the freedom to choose the version that works best for them, whether it's due to compatibility issues, feature requirements, or simply a preference for a previous user interface. Furthermore, the downgrade process should be straightforward and reversible, allowing users to seamlessly transition between versions without losing data, settings, or functionality. By providing unfettered access to previous versions, the software acknowledges that users have different needs and workflows, and empowers them to make informed decisions about their own software experience. This approach also demonstrates a commitment to user autonomy, flexibility, and choice, while also facilitating testing, debugging, and troubleshooting efforts by providing a clear and accessible version history.

3. Optional Updates: Updates to the software should be optional, with users having complete control over what updates are applied and when. This means that the software should provide a clear and transparent update process, with detailed information about what changes are being made, why they are necessary, and what benefits they will bring. Users should be able to select which updates to apply, and which to ignore, with the ability to easily opt-out of any update that they do not want. Furthermore, the software should provide a clear and easy-to-use interface for managing updates, with options for selecting specific updates to apply, viewing update history, and rolling back to previous versions if needed. The ability to easily undo any and all updates should be a key feature of the software, allowing users to quickly and easily revert to a previous version if an update causes issues or is not desired. This approach recognizes that users have different needs and preferences when it comes to updates, and provides them with the flexibility and control to manage their software experience in a way that works best for them. By making updates optional and providing clear selection and undo options, the software can help to build trust with users and ensure that they feel in control of their software experience.

Category: Portability and Compatibility

1. Portability and Compatibility: The software should be designed to be maximally portable and compatible, with the goal of running seamlessly on a wide range of systems, hardware configurations, and architectures. This means that the software should be developed with a focus on platform independence, using technologies and techniques that enable it to adapt to diverse environments and ecosystems. Whether it's running on a desktop computer, laptop, mobile device, server, or embedded system, the software should strive to be compatible with various operating systems, processor architectures, and hardware platforms. By embracing this philosophy, the software can reach a broader audience, increase its utility and value, and provide a more inclusive and equitable experience for users across different technological contexts. This approach also promotes flexibility, resilience, and future-proofing, as the software can more easily adapt to changing technological landscapes and evolving user needs.

2. Interoperability: The software should be designed to be completely interoperable with other programs and systems, allowing users to seamlessly integrate it into their existing workflows and ecosystems. This means that the software should support open standards and formats, enabling users to easily import and export data, and exchange information with other applications and services. The software should also provide APIs, SDKs, and other integration tools, making it easy for developers to build custom integrations and extensions. Furthermore, the software should be compatible with a wide range of operating systems, devices, and platforms, ensuring that users can access and use it regardless of their technical environment. The software should also support multiple data formats, protocols, and interfaces, allowing users to easily integrate it with other systems and applications. By prioritizing interoperability, the software can provide users with a flexible and adaptable solution that can be easily integrated into their existing workflows, and can help to break down silos and promote a more connected and collaborative environment. Additionally, the software should also be able to work with other software and systems that are not yet known or developed, by using open and extensible architecture and protocols.

3. Universal Accessibility: The software should be designed to be universally accessible, available to everyone regardless of their location, nationality, age, sex, background, or any other characteristic. This means that the software should be free from any geographical, cultural, or linguistic barriers that could limit its accessibility. The software should be translated into multiple languages, and should be compatible with different operating systems, devices, and platforms to ensure that it can be used by people from diverse backgrounds and with varying levels of technical expertise. The software should also be designed to be accessible to people with disabilities, with features such as screen reader compatibility, high contrast mode, and keyboard-only navigation. Additionally, the software should be available to people of all ages, with a user interface that is intuitive and easy to use for both children and adults. The software should not discriminate against any individual or group based on their nationality, ethnicity, sex, or any other characteristic. By being universally accessible, the software can promote global understanding, collaboration, and equality, and can help to bridge the digital divide that exists between different communities and regions.

Category: Security and Privacy

1. Security: The software should be designed with security as a top priority, incorporating the latest security standards, best practices, and technologies to protect users' data and prevent potential vulnerabilities. This means that the software should be built using secure coding practices, such as secure coding guidelines, code reviews, and static analysis, to minimize the risk of common web application vulnerabilities. Additionally, the software should be regularly audited and tested for security vulnerabilities, using both manual and automated testing techniques, to identify and address potential weaknesses. To further enhance security, the software should also implement a bug bounty program, which incentivizes security researchers to identify and report vulnerabilities, allowing the development team to quickly address and fix them. The software should also stay up-to-date with the latest security patches and updates, ensuring that any known vulnerabilities are promptly addressed. Furthermore, the software should use secure communication protocols, such as HTTPS and TLS, to protect user data in transit, and implement secure data storage practices, such as encryption and access controls, to protect user data at rest. By prioritizing security and continuously monitoring and improving its security posture, the software can provide users with a safe and trustworthy experience.

2. User Privacy: The software should be designed with a strong commitment to user privacy, ensuring that it does not collect, transmit, or store any personal data or usage information without the user's explicit consent. This means that the software should not include any telemetry or tracking mechanisms, such as analytics, crash reporting, or usage monitoring, that could potentially compromise the user's anonymity or reveal their behavior. The software should also avoid any form of data harvesting, profiling, or behavioral analysis, and should not share any user data with third-party services or advertisers. Furthermore, the software should provide users with complete transparency and control over their data, allowing them to easily inspect, modify, and delete any data that is stored locally on their device. By respecting user privacy and avoiding telemetry, the software demonstrates a commitment to trust, transparency, and user autonomy, and helps to protect users from the risks of data exploitation and surveillance.

3. Privacy-Invasive Features: The software should be designed with a strong commitment to protecting user privacy, ensuring that any feature or functionality that could potentially compromise user privacy is carefully evaluated and implemented in a way that prioritizes user control and consent. This means that any feature that could be considered privacy-invasive, such as data sharing, tracking, or profiling, should be explicitly opted-out by default, requiring users to actively choose to enable it if they wish to do so. Furthermore, the software should provide clear and transparent explanations of how each feature works, what data it collects, and how it is used, allowing users to make informed decisions about their privacy. Any feature that is deemed to be potentially privacy-invasive should be clearly labeled as such, and users should be provided with easy-to-use controls to disable or configure it to their liking. By prioritizing user privacy and providing transparent and granular controls, the software empowers users to take control of their own data and make informed decisions about their online activities.

4. Anonymity: The software should be designed to be completely anonymous, ensuring that users can interact with it without revealing their identity or providing any personal information. This means that the software should not collect, store, or transmit any data that could be used to identify the user, such as IP addresses, device fingerprints, or browser cookies. The software should also not request or require any form of identification, such as usernames, passwords, or email addresses, and should not prompt users to provide any personal information, such as names, addresses, or phone numbers. Furthermore, the software should be designed to operate independently of any external services or systems that may collect or store user data, ensuring that users can use the software without being tracked or monitored. By prioritizing anonymity, the software can provide users with a safe and private experience, allowing them to use the software without fear of surveillance, data collection, or identity theft. Additionally, the software should also be designed to resist any attempts to de-anonymize users, such as through traffic analysis or other forms of surveillance, by using techniques such as encryption, secure communication protocols, and decentralized architectures.

5. Sandboxed Environment: The software should be designed to operate in a sandboxed environment, where it is completely isolated from the rest of the system and cannot access or modify any sensitive data or system resources. This means that the software should be executed in a virtualized environment, such as a container or a virtual machine, that provides a strict separation between the software and the underlying system. The sandboxed environment should be configured to restrict the software's access to system resources, such as the file system, network, and hardware devices, and should prevent the software from making any changes to the system or its configuration. The software should also be designed to operate within the sandboxed environment, with no dependencies on external libraries or services that could potentially compromise the security of the system. By operating in a sandboxed environment, the software can provide a high level of security and isolation, preventing any potential security vulnerabilities or exploits from affecting the rest of the system. Additionally, the sandboxed environment should also provide a clear and transparent way to monitor and audit the software's activity, allowing users to easily track and understand what the software is doing and how it is interacting with the system.

6. Granular Permissions: The software should be designed with a robust and granular permissions system, allowing users to control exactly what data and functionality the software has access to. This means that users should be able to grant or deny specific permissions, such as camera access, file access, or location services, on a case-by-case basis. Furthermore, the software should only request the permissions that are absolutely necessary for its core functionality, and should not request extraneous permissions that could be used to collect unnecessary data or compromise user privacy. By default, all permissions should be turned off, and users should be required to explicitly opt-in to each permission before the software can access the corresponding data or functionality. This approach recognizes that users have different needs and preferences when it comes to data sharing and access, and allows them to tailor the software's behavior to their individual circumstances. The permissions system should also be transparent and easy to understand, with clear explanations of what each permission allows the software to do, and why it is necessary. By providing users with granular control over permissions, the software can demonstrate its commitment to user autonomy and data protection, and can help to build trust with its users.

Category: User Experience

1. Simplicity and Ease of Use: The software should be designed with simplicity and ease of use in mind, making it accessible to users of all skill levels and backgrounds. This means that the software should be easy to install, with a straightforward and streamlined installation process that requires minimal user input. Once installed, the software should be intuitive to use, with a clear and logical interface that makes it easy for users to find and access the features and functions they need. The software should also be easy to uninstall, with a simple and complete removal process that leaves no residual files or settings behind. Updates should be seamless and automatic, with clear notifications and explanations of what changes have been made and why. Navigation within the software should be straightforward and intuitive, with no obscured or hidden menus or options. All features and functions should be clearly labeled and easily accessible, with no unnecessary complexity or clutter. The software should also provide clear and concise documentation and support resources, including user manuals, tutorials, and FAQs, to help users get the most out of the software and troubleshoot any issues that may arise. By prioritizing ease of use and simplicity, the software can reduce user frustration and anxiety, and make it easier for users to achieve their goals and accomplish their tasks.

2. User-Friendly Agreements: Any legal agreements or terms of service associated with the software should be designed to prioritize user autonomy and flexibility. This means that users should have the ability to opt out of specific or all parts of the agreement, and that opting out should be the default behavior. In other words, users should not be required to opt in to any terms or conditions, and should instead be able to choose which parts of the agreement they wish to accept or reject. This approach recognizes that users have different needs and preferences, and allows them to tailor their relationship with the software to their individual circumstances. By providing users with the ability to opt out of specific or all parts of the agreement, the software can demonstrate its commitment to transparency, fairness, and user empowerment. Furthermore, the software should also provide clear and concise language in its agreements, avoiding legalese and technical jargon that could confuse or intimidate users. The goal should be to create a legal framework that is fair, flexible, and user-friendly, and that prioritizes the needs and interests of users above all else.

3. Efficiency and Performance: The software should be designed to be efficient and optimized for performance, using only the necessary processing power and resources to accomplish its tasks. This means that the software should be written with a focus on minimizing computational overhead, reducing unnecessary computations, and optimizing data structures and algorithms for speed and efficiency. The software should not intentionally introduce lag or delay, nor should it use more processing power than necessary to discourage certain behaviors or to create a perceived sense of complexity. Instead, the software should strive to provide a seamless and responsive user experience, with fast and efficient performance that allows users to complete their tasks quickly and easily. The software should also be designed to adapt to different system configurations and hardware capabilities, ensuring that it runs efficiently on a wide range of devices and platforms. Furthermore, the software should be designed to minimize its impact on system resources, such as memory and CPU usage, and should not consume excessive amounts of power or battery life. By prioritizing efficiency and performance, the software can provide a better user experience, reduce frustration and annoyance, and help to minimize the environmental impact of computing.

Category: User Control and Autonomy

1. Perpetual Access: Users should have the freedom to access and utilize the software to its fullest potential, without any artificial restrictions, limitations, or time constraints. This means that the software should not be designed with expiration dates, subscription-based models, or other mechanisms that could potentially limit its use or functionality over time. Once a user has obtained the software, they should be able to continue using it, without interruption or degradation, for as long as they see fit. The software should not be subject to vendor lock-in, forced upgrades, or other forms of coercion that could compromise the user's autonomy or freedom to choose. By granting users perpetual access to the software, the developers acknowledge that the user has invested time, effort, and resources into learning and utilizing the software, and that they should be able to reap the benefits of that investment without fear of interruption or loss of functionality.

2. Offline Capability: The software should be designed to function fully and independently in an offline environment, without relying on a constant internet connection to operate. This means that all core features, functionality, and data storage should be self-contained within the software, allowing users to work, create, and interact with the software without any dependency on external networks or servers. Unless a specific feature or module explicitly requires an internet connection to function (e.g., online collaboration, cloud syncing, or data fetching), the software should be able to operate seamlessly in offline mode, without any degradation or loss of functionality. By prioritizing offline capability, the software ensures that users can work efficiently and effectively, even in areas with limited or no internet connectivity, and that their productivity and workflow are not disrupted by network outages or connectivity issues.

3. User Data Control: Users should have complete control over their data, with the ability to easily import, edit, delete, and export all of their data in a format of their choice. This means that the software should provide a straightforward and intuitive interface for managing data, with clear and concise options for importing data from other sources, editing existing data, deleting data that is no longer needed, and exporting data to other applications or formats. The software should also support a wide range of data formats, including CSV, JSON, XML, and others, to ensure that users can easily exchange data with other applications and services. Furthermore, the software should provide users with the ability to customize the data import and export process, with options for selecting specific data fields, filtering data, and transforming data into different formats. The software should also provide users with a clear and transparent view of their data, with options for viewing data in different formats, such as tables, charts, and graphs. By providing users with complete control over their data, the software can empower users to manage their data in a way that meets their needs, and help to build trust and confidence in the software.

4. User Content Ownership: Users should have complete ownership and control over any content created or generated by or using the software. This means that users should be able to export, share, and use their content in any way they see fit, without any restrictions or limitations imposed by the software or its developers. The software should not claim any ownership or rights to user-generated content, and should not use such content for any purpose without the user's explicit consent. Users should be able to export their content in a format that is compatible with other software and platforms, and should be able to use their content for any purpose, including commercial use. The software should also provide users with the ability to delete their content at any time, and should ensure that all user-generated content is stored securely and in accordance with the user's preferences. Furthermore, the software should be designed to ensure that users' content is not used for any purpose that is not explicitly authorized by the user, and should provide users with clear and transparent information about how their content is being used and shared. By giving users complete ownership and control over their content, the software can promote creativity, innovation, and freedom of expression, and can help to build trust and confidence in the software and its developers.

5. Complete Uninstallation: When the software is uninstalled, it should be completely and thoroughly removed from the user's system, leaving no residual files, folders, registry entries, or other remnants behind. This means that the uninstallation process should be designed to delete all files, settings, and data associated with the software, including any configuration files, cache files, and other temporary files that may have been created during use. The software should also remove any registry entries, system hooks, or other system modifications that were made during installation, restoring the system to its original state. Furthermore, the software should not leave behind any hidden or obscure files or folders that could potentially be used to track or monitor the user's activities. The uninstallation process should be transparent and straightforward, with clear notifications and progress updates to let the user know what is happening. Once the uninstallation is complete, the software should be completely gone, with no lingering presence or influence on the system. By ensuring a complete and thorough uninstallation, the software can demonstrate its respect for user autonomy and system integrity, and help to maintain a clean and organized system.

6. Decentralized Operation: The software should be designed to operate in a decentralized manner, where no single central server or authority controls the flow of data, updates, or functionality. Instead, the software should be able to function autonomously, leveraging peer-to-peer networks, distributed architectures, and decentralized protocols to enable users to interact, share, and collaborate without relying on a single point of failure. This means that the software should be capable of self-organization, self-healing, and self-updating, using mechanisms such as blockchain, distributed hash tables, or other decentralized technologies to ensure its continued operation and evolution. Furthermore, the software should provide a decentralized means of distribution, allowing users to download and share the software using peer-to-peer networks, such as BitTorrent, or other decentralized file-sharing protocols. By decentralizing both the software's operation and distribution, users can enjoy greater autonomy, resilience, and freedom, while also promoting a more open, inclusive, and community-driven development process.

Category: Community and Cost

1. Community-Driven: The software should be designed to be community-driven, with a decentralized governance model that allows for collective decision-making and shared ownership. This means that the software should not be controlled by a single entity, such as a corporation or individual, but rather should be maintained and developed by a community of users and contributors. The community should have a say in the direction and development of the software, with opportunities for feedback, suggestions, and participation in decision-making processes. The software should also have extensive community support, with a strong and active community of users, developers, and contributors who can provide help, guidance, and resources to one another. This can include online forums, social media groups, documentation, and other resources that facilitate communication and collaboration. By being community-driven, the software can ensure that it remains free from corporate or individual interests, and is instead guided by the needs and values of its users. This approach can also help to foster a sense of ownership and responsibility among community members, who can work together to maintain and improve the software over time.

2. Cost-Free: The software should be completely free of cost, with no fees, charges, or subscriptions required to use it. This means that the software should be available for download and use without any financial obligation, and that users should not be required to pay for any features, updates, or support. Furthermore, the software should not have any paid or premium alternatives, such as "pro" or "enterprise" versions, that offer additional features or functionality for a fee. Instead, the software should be a single, unified product that is available to all users at no cost. By being entirely free of cost, the software can be accessible to a wider range of users, including those who may not have the financial resources to pay for software. This can help to promote digital inclusion and equality, and can also help to ensure that the software is used for the benefit of all users, rather than just those who are willing or able to pay for it. Additionally, the software should also be free from any advertising, sponsored content, or other forms of monetization that could compromise the user experience or create conflicts of interest.

3. No Account Requirement: The software should never require users to create an account or provide any personal information to use its full functionality. This means that users should be able to download, install, and use the software without ever being prompted to sign up, log in, or provide any identifying information. The software should be designed to operate independently, without relying on any external services or systems that require user authentication. Furthermore, the software should not use any tracking or analytics mechanisms that could be used to identify or profile users, even if they choose not to create an account. By not requiring an account, the software can provide users with a truly private and anonymous experience, free from the risks of data collection, profiling, and targeted advertising. This approach also respects users' autonomy and freedom to use the software without being forced to surrender their personal data or create a digital identity. The software should be designed to work seamlessly without an account, providing users with the same level of functionality and performance as if they had created an account.

Explanations

You may be wondering about why I added certain things I did. Here are a few:

1. Readability and Code Quality: This is to prevent obfuscation or other things that prevent open source code from being easily readable and modifiable. It also means you can't release a compiled program and call it open source.

2. Modular and Extensible Architecture: Things like sideloading exist so that developers don't create a monopoly on proprietary-in-nature ways to change or extend software.

3. Uniform Deployment and Updates: Lots of companies (Google and Meta, to name a couple) will release slightly different versions of software to different people as a way to collect usage data for different designs and code adjustments. YouTube has also released a tool to do this with thumbnails. While I see the benefit, I personally do not agree with the idea that different users should be running different types of the same software.

4. Sandboxed Environment: Lots of software (such as games with anticheat) require you to run it in an unsandboxed environment and abuse those rights to gain privacy invasive access to the system

5. Efficiency and Performance: This section is due to one of my own personal experiences. Before I started my privacy journey, I had gotten a brand new flagship phone and installed Instagram on it. Instagram should have no problem running on the latest and greatest of devices. I noticed in a convoluted menu where you could set ad preferences, whenever I tried to change (manually, one by one, for each ad category) my ad preferences, my phone would get extremely hot and start slowing down until I exit the menu or closed the app. While I can't confirm, I can absolutely see motive for them to intentionally make the device commit digital suicide when you try to grasp any shred of privacy, and even if that isn't what happened, I don't like the possibility.

Thank you!

Thank you all for taking the time to read through my philosophy. It took a lot of time and effort to create, and I hope I can make it better for everyone!

A while ago I reached a point in my privacy journey where I simply felt bored. It's not a result of going too far in privacy, but simply my threat model has caused me to let go of a lot of things that used to entertain me (games, movie streaming, short form video, etc.) The entertainment landscape in privacy seems pretty bleak, since you no longer own the movies you watch, the games you play, and lots of proprietary software along the way. I entertain myself through FreeTube, physical copies of movies, and offline installations of games like Minecraft, but it's still a step down from how it used to be.

What do you do to keep yourselves entertained in a privacy conscious way?

I was researching WebMail providers, and noticed that most WebMail providers recommended in privacy communities are labelled as proprietary by AlternativeTo.

I made a list of WebMail providers, private or not, to see which ones were actually open source:

Proprietary

AOL Mail: Free

Cock.li: Free

CounterMail: Paid

Fastmail: Paid

GMX Mail: Free

Gmail: Free

HEY Email: Paid

Hushmail: Paid

iCloud Mail: Free

Mail.com: Free

Mailbox.org: Paid

Mailfence: Freemium

Outlook.com: Freemium

Posteo: Paid

Rediffmail: Paid

Riseup: Free

Runbox: Paid

Soverin: Paid

StartMail: Paid

Yahoo! Mail: Freemium

Yandex Mail: Freemium

Zoho Mail: Freemium

Open source

Criptext: Free

Disroot: Free

Forward Email: Freemium

Infomaniak kMail: Freemium

Kolab Now: Paid

Lavabit: Paid

~~Mailpile: Free~~

Proton Mail: Freemium

~~Roundcube: Free~~

Skiff/Notion: Freemium

Tuta: Freemium

Unless I'm missing something, it seems like people overlook this when deciding on WebMail providers. Is it a distinction between a proprietary backend server and a proprietary app, or is there a different way to decide if a WebMail provider is proprietary vs. open source? Lavabit was labelled proprietary by AlternativeTo, but open source by Wikipedia.

Note

If I have labelled an open source WebMail provider as proprietary by mistake, please provide evidence by linking to the source code, and I will happily change it.

Previous post

Raivo launched another update today with the following message:

Dear users,

We apologize for the issues caused by our recent update. Please be assured that we are working around the clock to find a solution for this situation. In this version, we have implemented a temporary fix that enables the import and export feature.

If you receive a prompt asking you to choose between offline backup or iCloud, please select iCloud and enter your MASTERKEY. This will allow you to recover all of your codes.

We are still working and conducting thorough testing to determine how we can resolve this issue. We appreciate your patience.

Best regards,

Unfortunately I did not sync my app to iCloud previously due to distrust with Apple, which I acknowledge is entirely my fault. This means I was not able to recover my codes.

I suggest using 2FAS instead of Raivo. I've used it for 9 months and had no issues whatsoever.

Edit: @pr0927@lemmy.world has also recommended ente

@emptyfish@beehaw.org, luck is in your favor.

I'm looking for a way to have a private method for Tap to Pay on GrapheneOS. Ideally I would like compatibility with privacy.com, and if possible have the option for Monero. I don't mind going through an exhaustive setup process. What are my options?

Edit: The point of this is not for convenience, I am trying to avoid using my standard credit/debit card to provide privacy against my bank by using privacy.com or Monero when cash is unavailable.

9 months ago, Raivo OTP for iOS was sold to Mobime. Raivo was hailed highly in terms of privacy, but was dethroned to 2FAS Auth after that incident. Today, Raivo launched an update, and after updating all of my entries were completely wiped. I didn't have a backup, but even if I did you now have to pay in order to import/export TOTP codes. No thank you.

If you haven't already, create a backup right now for all of your 2FA apps, even if you think it won't break.

I never want to get a smart TV, but I found this exact TV (Toshiba FireTV) on the side of the road and decided it would be a fun project to try enhancing its privacy as much as I can. It did not come with the remote or any other accessories besides the TV, so if there is any way to pair an iPhone/Pixel as a remote that would also be good. Is there any way to replace the software with something open source, and anything else I can try?

Thank you all!

This is half a decade old news, but I only found this out myself after it accidentally came up in conversation at the DMV. The worker would not have informed me if it hadn't come into conversation. Every DMV photo in the United States is being used for AI facial recognition, and nobody has talked about it for years. This is especially concerning given that citizens are recently being required to update their ID to a "Real ID," which means more people than ever before are giving away the rights to their own face.

The biggest problem with privacy issues is that people talk about it for a while, but more often than not nothing ever happens to fix the problem, it simply gets forgotten. For example, in the next few years Copilot will simply become a part of people's lives, and people will slowly stop talking about the privacy implications. What can we even do to fight the privacy practices of giants?

In an effort to increase my privacy, I decided to buy a Pixel phone second hand to use with GrapheneOS. Due to some miscommunications, the phone ended up being carrier locked with T-Mobile. GrapheneOS's own website advises against buying carrier locked phones in order to avoid the hassle of carrier unlocking it.

I assumed that even if the support staff was unaware about OEM unlocking, I would at least be able to fairly effortlessly get the device carrier unlocked because it was bought second hand. My first call was to the T-Mobile support center, and the representative wanted the phone number of the device in order to unlock it. The device had no phone number, so we instead tried the IMEI. I was told that the IMEI was invalid because it was not the correct number of characters, and was told that there was nothing they could do without physical access to the device. As expected, the representative had never heard of OEM unlocking.

My next stop was at a T-Mobile store, to seek help there. The staff member there was very helpful and, despite not knowing what OEM unlocking was, was very aware of how to handle the situation regardless. He made a call to T-Mobile support (which has a different process if you are a staff member) and explained the situation to them.

Here is where things get interesting: T-Mobile had the ability to carrier unlock the phone, and had enough information to prove the device was mine, but refused to carrier unlock it because it has to be done by the original account holder. They wouldn't give any information about how to contact the original account holder, which is reasonable.

The in-person representative told me that if I was able to find a phone number linked with the original account holder that they would be able to do more, but after trying for over an hour to find any contact information with the seller, I couldn't find anything.

The in-person representative decided to try calling support one more time, and even went out of his way to try lying to the support team on my behalf, just to see what could be done.

After hanging up the phone, he told me that T-Mobile gave me 2 options:

1. Return the device entirely and buy a different one
2. Pay for T-Mobile for an entire year AND pay a $100 service fee

That's like telling someone they have to pay a year of rent before they can even step foot in a house they already paid for, and then pay $100 to get the doors unlocked. I knew it would be a bit of a process to get it carrier unlocked, but I didn't realize it would take me four hours to be told I had to pay T-Mobile for a year to be able to access a device I paid for.

I even tried using T-Mobile's own app to unlock the device, but the app is not functional as many reviewers have also noted.

Thankfully the seller accepted free returns, so the story has a happy ending, but any consideration of buying a carrier locked phone before has since evaporated.

It is truly dystopian how we live in a world where companies are allowed to get away with stuff like that, and yet people still give away their money and freedom to these companies.

Having used iOS my entire life, the switch to GrapheneOS will be a big change. I have learned over the past year about Android, GrapheneOS, and apps to use. I managed to find most of the apps I was looking for, but there are some I struggled with. I had trouble finding privacy respecting, open source apps for the following categories (I've listed what apps I did find, but want to see if there are better alternatives.)

• Local AI: For AI I was able to find MLC LLM, but the iOS version is a bit broken so I'm unable to confirm if it's what I'm looking for. I want something capable of running Llama 3. This was by far the hardest category to find an app for.

• Backup: I found Neo Backup and Seedvault. I want to be able to backup files, photos, app data, etc.

• IDE: I was only able to find Neovim (which I'm not even sure is an IDE). I primarily code with Python (but also code in Java as well as others), and I want to be able to run quick scripts when I'm out and about.

• Torrent: While torrenting on a phone isn't necessary, it has certain scenarios when it's useful. If this is a major hole in privacy and security, I don't mind leaving this off my list. I found LibreTorrent as an option.

• Local file sharing: This is one I'm most curious about. I want a way to share files between my Linux computer and phone. LocalSend and Warpinator seem to be tied as far as popularity, maybe I can get some insight here. I want it to be strictly over the local network.

• Network monitoring: This is nice to have for a variety of reasons. I want something like Wireshark for Android. I couldn't find many great options, but I found Vernet.

• eBook reader: I'm sure the option I picked here is fine, but I wanted a second opinion about Libera Reader.

• Terminal: I've heard a lot of different opinions for terminal emulators for Android, so please put up a good case for whichever one I should go with. Neovim is apparently (technically?) a terminal emulator. I'm increasingly confused about what Neovim actually is. I also found Termux and I eventually found too many options to find a clear choice.

• Movies: Because many movie streaming services are privacy invasive, I'm looking for an ethical way to watch movies. I found Stremio which I have never heard of before. This isn't a topic that gets covered very often.

I am aware of AlternativeTo, and it's what I used to find some of these trickier apps, but nothing beats hearing first hand experiences. Thank you all for your help!