You can use Tor: https://orbot.app/

Cheapest way to not be in this situation is to run an exit node on your home network and route your traffic through when you’re travelling (dead simple with Tailscale).

Also try Mullvad’s circumvention methods.

Why?

While that is true, EU is leading the world in some privacy invasions. Be it age verification or various initiatives to try and break E2EE. Those kind of efforts do not yet exist at even countries we would all agree are oppressive.

EU’s Dark Power Blue (#003399) color.

Is this because you like the color or you think using an EU color is appropriate here? Cause if its the latter, EU is a privacy nightmare so hard disagree.

The announcement literal purpose is to tell you the author does not know if its legit or not and that you should decide for yourself.

The amount of fucks the UK public gives is so surprisingly low.

lol I’ll just mute this convo

You can’t talk about E2EE on a closed source client.

Isn’t protonpass E2EE?

Depends on what you mean by stock android. Google’s phones do not come with stock android.

If you break the law or violate these Terms when using Duck.ai and we get sued, you may have to take responsibility.

You agree to indemnify and hold harmless DuckDuckGo, its affiliates, employees, and any other agents from and against any claims, losses, and expenses (including attorneys’ fees) arising from or relating to your use of Duck.ai, including your subsequent use of any Outputs, your breach of these Terms, or violation of applicable law.

I don’t understand how this is possible if this is a private, account free service.

Overall, I don’t get what ddg gets out of this very expensive to offer service. Which means I don’t teust its a way to privately use LLMs.

Immich has memories

Just calling it “Dark Web” gives away you have no idea what you’re talking about.

Anybody is visible in the moment he goes online, irrelevant if he uses …, TOR

No

TLDR; risks far outweigh the benefits. See bottom of response for recommendations.

Should you use it?

It works by setting up a proxy that intercepts HTTP requests from all applications

During the first run, Zen will prompt you to install a root certificate

Zen will be able to decrypt and analyze your entire traffic. And then it’ll encrypt what it allows before letting it leave/enter the device. This means even if you trust Zen, that one certificate is the only thing standing between your traffic staying encrypted. It gets compromised, you’re compromised.

Do not trust an app with your entire traffic, ever. Even if its not malicious there are going to be bugs, vulnerabilities, leaks, etc.

Moreover, something being open source does not mean its audited by people who know what they’re doing - neither for hidden malicious code or mistakes. I did not see any formal audits being mentioned in the readme.

https://grapheneos.org/faq#ad-blocking-apps

What can you use instead?

You should instead use ublock in the browser and system wide DNS blocking on your device. You can use an adblocking public DNS server (e.g. Mullvad) or setup pihole locally. You do not have to self host pihole, you can just set it up on your computer and use on that device only which would be the same thing as using Zen on that device.

Note that using a public, blocking DNS will block less domains because they have to make sure it does not break anything for anyone but it will make you less fingerprintable. OTOH, using a custom blocklist you can get the most out of blocking but you’re probably the only person blocking that specific subset of domains which will make you more fingerprintable. Take your poison.

What about content filtering on desktop/mobile apps DNS blocking cannot solve

DNS blocking merely stops the application from accessing certain domains. It won’t be able to block malicious content served from the same domain as the content you actually need (e.g. YouTube serves both ads and videos from the same domain so you can’t block their ads without blocking the video itself).

You should not install applications you don’t trust on your device and use them on the browser as much as you can or use and alternative FOSS frontend (e.g. Reddit, Discord, YouTube etc.)

But some applications might be circumventing system DNS

Yes, there’s nothing stopping an application from doing its own DNS resolution or using hardcoded static IPs. You should not run applications trying to be actively malicious in this way. Neither Zen, nor anything else will be able to protect you from untrusted code doing suspicious things on your machine.

Scratchcards are sold at ecommerce sites which makes them significantly more accessible. If you really want to be “anonymous” (with very big quotes) you can buy gift cards for those sites with cash then order to a collection point. Otherwise, sure, it’s not as good as paying with cash but all there’s a trail for is that you bought Mullvad credits that cannot be tied to any account.

You would be able to do this for a short while but unless you can make an agent that’s indistinguishable from you or you already have very bot-like traffic, they’d catch up pretty quickly. They aren’t going to just let a trillion dollar industry die out because some bots are generating traffic.

I’d much prefer paying cash to get a scratch card from a retailer like Mullvad does.

It doesn’t break that often.

You’re paying for redundancies in different regions, migrations, backups, upgrades, maintenance, generally not having to worry about losing your data. The storage costs nothing.