I’m the Never Ending Pie Throwing Robot, aka NEPTR.
Linux enthusiast, programmer, and privacy advocate. I’m nearly done with an IT Security degree.
TL;DR I am a nerd.
You can use both through the browser, which is the safest way of doing things because the browser sandboxes the web apps, isolating them from your system. If you prefer an app for Messenger, look on Flathub, though I advise against it. The two apps I found for Messenger are Franz and Ferdium (a fork of Franz with more features).
To mitigate the privacy risks:
Nothing much you can do sadly.
While I do find GOS drama a bit annoying, they aren’t wrong about the lacking security of many AOSP forks. iode and /e/OS have a history late patches for security vulnerabilities in both the OS (https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history) and for the forked apps they bundle with it. Each Android monthly and Chromium patches usually contains dozens High Risk CVEs, so taking a month or 2 is unacceptable. Neither are good for privacy or security.
See a comparison between some Android ROMs here, especially noting the update speed section: https://eylenburg.github.io/android_comparison.htm
“Cross-platform GUI written in Rust using ADB to debloat non-rooted Android devices. Improve your privacy, the security and battery life of your device.”
https://github.com/Universal-Debloater-Alliance/universal-android-debloater-next-generation
Forking isnt a solution, unless you are committed to patching all future security vulnerabilities and adding feature updates on you own. Cryptography is complicated, designing a secure messenger is very complicated. Forking isnt a magic bullet.
Firefox is even more insecure as a Flatpak than Chromium. At least with Chromium using zypak it can use some Flatpak sandboxing (which is still inferior to base)
Project was abandoned like multiple years ago now. Cromite is a fork by one of the contributors and is better than Bromite ever was.
Doesnt come with proper fingerprinting protections or flag hardening. I am not saying ungoogled Chromium is bad, just not a proper replacement for hardened chromium browsers like Cromite or Brave. Ungoogled Chromium is a drop in replacement for Chrome, so it does nearly everything possible to stick with defaults (sans any google connections)
While I agree it would be nice, Flatpak weakens the Chromium sandbox by stopping proper per site isolation. Chromium in Flatpak relies on the zypak server in place of proper strict isolation.
GOS recommends against putting any app that you want notifications from inside the private space. That said, I did the same thing.
You could enable advanced mode I uBlock and then disable “3rd party” in the uBlock popup. Then allow list the few sites you want to see content from.
It is source available, not open source.
Understandable. The name is a play on the Bromite, which is the dead project Cromite forked from.
Android private spaces dont share the same network namespace, meaning a VPN in the main profile wouldn’t effect anything inside the private space.
It seems alright. Your performance problems might be intentional from YouTube because it detects adblocking idk.
I completed up to rule 13 but couldn’t do 14 because I couldn’t load the image of the country.
Here is my attempt, with the CAPTCHA at the end: Hqh$mayVVIIshellyPb🌖55-y5w28
Hell yeah!
That will be even more susceptible to malware because Linux is easier to hack than iOS or Android. Linux has a weak threat model against malicious software.
Yeah np. Good luck.