

I’ll keep an eye on this. Maybe even sub for minimalist usage. Currently use Proton Unlimited and probably at around ~200GB usage for storage and active use the VPN and email. But something fediverse is more interesting to me. I doubt it can suitably replace Proton for me now but it’s at least cheap. Nice to see cloud document/office stuff. Proton still doesn’t have a Linux sync application so that’s a weakness. Less sensitive stuff I’ll use Firefox sync for passwords but that Chrome web browser integration I think is a major feature for the Google ecosystem
I know a lot of people are opposed completely to crypto but for privacy services I would prefer paying with crypto. I prefer numerous options but I generally think Monero should be the minimum. Maybe trocador.app to support more. I will probably sub with a credit card to check it out and support though
I’ve reviewed code, in particular I’ve looked over merge requests on occasion but mostly out of academic interest than being very concerned over security. Just want to see how people accomplish a task. Learning.
I’ve monitored network traffic just because sometimes I just want to do that rather than paranoia. Practice and learning.
I’ve run code through a local sonarqube instance and whatever other scanning software I feel like trying along with building applications from source but again it’s not from paranoia but for personal interest that’s mostly just making sure I’m in practice of being able to do so.
I’m not a security professional so I don’t have the background and experience to really notice things that can be problematic like people I know who have a career directly cyber-net-etc-security related rather than my tangential
So really I don’t audit code. At least not huge codebases. When it’s just a few 100 line files of python to accomplish something, I’ll read them. There’s usually a requirements.txt in there though pulling in pip packages and I know I haven’t audited up the dependencies. At work there’s standards handled by people where it’s their job to determine whether the code you’ve written and dependencies pass the minimum to be deployable to computers on the network and that too is mostly handled by security scanning software both open source and closed commercial software