(Now imagine this edited into the post you just made for a more-apt comparison)
If you do work at MS, I cannot believe any person involved legit thought it was "just a tip and nobody will mind their posts being edited to include product recommendations". I don't know what other parts of your comment are honest if the core statement is false
Also based on your reply on a sibling thread, is this a legit question (you expect that there is a way but you're not sure how) or are you just waiting for someone to bite just so you can state your case about proving a negative?
Not sure which thread you're referring to, but yeah, it is a legit question. I genuinely wondered what made the OP state that it's proven that mullvad doesn't collect logs. While I don't think it's possible at all to prove that some software is running on a remote server, or that this software doesn't collect logs, some people try to find a way to do that, for example Signal claimed that one can verify code running on their servers by code attestation feature embedded in their Intel SGX enclaves, see https://signal.org/blog/private-contact-discovery/
Fair enough. I would just interpret this as an exaggeration / way of speaking. In the end you always have to trust someone, be it Mullvad's reputation, be it an auditor, be it a hardware vendor
Good comparison about the SGX contact discovery though, although Signal could afaik use one of the known SGX bugs to get our data anyway, or collude with Intel who has the private keys, so you trust third parties there as well
Can recommend Runbox for a lot of reasons, but one gotcha that bothered me in day-to-day use was that emails are delayed by a minimum of 30 seconds, with no real upper bound, just a probability curve with, say, the 90th percentile around 5 minutes. On rare occasions, that means OTPs or login links valid for 5 minutes have expired when you get them. Yes this was really on Runbox' side, yes I talked to support, yes they cared, yes they subsequently ghosted me when delivering the requested headers of emails delayed for more than 5 minutes which they considered a normal delay "because email wasn't supposed to be real-time" (be that as it may, that doesn't take away that you sit there 30 seconds... 60 seconds... 90 seconds, wondering if you should go do something else while you wait for the confirmation link and get back to your current task later)
Seriously though, nothing but recommended in every other regard. Alias management, anonymous domains you can use, configuring the sender in Thunderbird no problem, everything else was great. My colleagues didn't seem to mind this delay so much as me so it's something to be aware of but might work fine for you
Edit: I realised this is already like four years ago now, it could have gotten fixed in the meantime. It was an issue for several years before we switched away for some reason related to calendars (don't remember the details, I wasn't my choice)
When first migrating away from Hotmail as a teenager, I just registered for new accounts/contracts on my own domain and migrated only the stuff I was still actively using
At some point I downloaded the emails from Hotmail by adding the account to Thunderbird and copying the contents to a local folder. Probably imapsync or some other dedicated tool would be more reliable but it seems to have worked for me (don't forget to also copy the sent folder). I don't really look back at it anymore, after a few years nothing of interest lands there. It's still out there though. Data hoarder issues with definitively deleting the data from it
I'd keep the account name just in case someone finds that it can be re-registered and used to gain access via password reset somewhere
Somehow this reminds me of the time I downloaded, compiled, and ran a Bitcoin miner with the app called Linux Deploy on my then-new Galaxy Note (the thing called phablet that is now positively small). It ran terribly, but it did run!
Having a complete computer in my pocket was very new to me, coming from Nokia where I struggled (as a teenager) to get any software running besides some JS in a browser. I still don't know where they hid whatever you needed to make apps for this device. Android's power, for me, was being able to hack on it (in the HN sense of the word)
RHEL has Fedora upstream. There's a group of people who regularly contribute to those projects on their own time and the userland for Fedora is made up primarily of FOSS where people routinely try to consolidate popular features into main code branches. There's a truly free software project that is the main project that someone provides paid support for. Fedora drives the evolution of the system; RHEL just gives a way to make that evolution palatable to the suits.
Android has the AOSP but it's not the driver of Android as a platform. For the most part, the evolution is driven by a bunch of closed-source applications that Google and OEMs happen to run on Android. Those parties derive competitive advantage and brand identity from the proprietary code that runs on top of the Android OS, and don't make a habit of merging much of that into the project. There are the system-wide improvements that get updated, sure, but the ethos is not to keep the code moving up the chain into the project so that anyone can take it and do what they want with it for free.
It's a hard difference to describe but it's there.
If there were a reliable way of identifying people making multiple accounts, it wouldn't be anonymous now would it? This not a loophole but inherent to an anonymous system
The trouble is, the accounts aren't meant to be anonymous. Pseudonymous at best, depending also on the country (a lot of places require government ID before you can assign a phone number, or have a central government querying system for mapping IP addresses and timestamp to the name and address of the subscriber that used it at the time). It's not like they let you create infinite Google accounts without supplying an infinite amount of fresh phone numbers or IP addresses. You also agree to the general Google privacy policy, which allows them to do anything for any purpose last I checked (a few years ago) unless you're a business customer (but then you've got a payment method in use, and they don't accept cash in the mail), such as fingerprinting as part of reCaptcha
Not quite. You can do a lot of stuff that requires no permissions, or at least not ones that the user has to confirm (e.g. you get internet permission, sensor access, always run in the background etc. by default, but you do need to declare this in the manifest file iirc), which isn't possible on websites like that (a website will ask before it lets a site do limited things while you think the tab is closed)
Depending on your threat model, it might be mostly harmless
(Now imagine this edited into the post you just made for a more-apt comparison)
If you do work at MS, I cannot believe any person involved legit thought it was "just a tip and nobody will mind their posts being edited to include product recommendations". I don't know what other parts of your comment are honest if the core statement is false
reply