New Privacy Guides article 
by me (kinda):
This article is an
interview with Micah Lee!
We are absolutely delighted at Privacy Guides that @micahflee has accepted to speak with us this week.
Thank you so much for your time Micah, this is a fantastic interview.
Check it out here! 
https://www.privacyguides.org/articles/2025/03/28/interview-with-micah-lee/
If you don't know who Micah Lee is yet, here's why you should: Micah is an information security engineer, a software engineer, a journalist, and an author who has built an impressive career developing software for the public good, and working with some of the most respected digital rights organizations in the United States.
https://www.privacyguides.org/articles/2025/03/28/interview-with-micah-lee/
This week in #FDroid (TWIF) is live:
- #K9Mail developer quits Mozilla, thanks @cketti for all the good work
- #surveillance laws want #backdoor access in #France again
- #FOSSGIS 2025 in March, get the app
- #onionshare crash fix soon
- #RiMusic might be in danger
- #SimpleX has group growing pains
- #Termux GUI is finally available
- #Threema Libre reacts
- #VLC with Remote Access
- #XScreenSaver has nice privacy policy
Click for +218 lines of news: https://f-droid.org/2025/02/27/twif.html
@mig5 I thought #OnionShare was maintaibed by @micahflee ?
There are also some treats for advanced users who want to run #OnionShare in headless mode: we documented how to run the CLI as a systemd unit file:
https://docs.onionshare.org/2.6.3/en/advanced.html#running-the-cli-as-a-systemd-unit-file
and we documented all the configuration settings, including for persistent onions:
https://docs.onionshare.org/2.6.3/en/advanced.html#configuration-file-parameters
I gave some tips here on how to pre-generate an onion address, so you can do it all without ever needing the UI: https://github.com/onionshare/onionshare/issues/816#issuecomment-2664631149
I just released #OnionShare 2.6.3 !
https://github.com/onionshare/onionshare/releases/tag/v2.6.3
https://onionshare.org/dist/2.6.3
You can verify the packages with my GPG key 00AE817C24A10C2540461A9C1D7CDE0234DB458D (https://docs.onionshare.org/2.6.3/en/install.html#signing-key).
This release is mostly bug fixes and dependency updates, with some new translations (Gaeilge, Slovenčina and Tamil).
You can also now configure a Saved (Persistent) tab to automatically start as soon as OnionShare has started and Tor has connected.
Enjoy!
@thegibson I can recommend #OnionShare & #WebCall for direct P2P file transfers!
Not only that, but @signalapp being.located in #Trumpist #USA means they gotta have to follow said laws and that means if flexed upon using #FOSTA & #SESTA or god forbid made-up claims to commit #TransGenocide and prosecute #Trans minors and/or their parents and/or medical professionals, THIS WILL BLOW UP IN THEIR FACES like a grenade used as ball gag and fuse pulled!
For comparison: @monocles doesn't demand #PII like a #PhoneNumber or anything at all and if you don't trust them either (which is fair - never trust anyone, neither Signal nor #monocles nor me!) you can not only choose from various providers but literally #SelfHost your own (even as an #OnionService on @torproject / #Tor) and thus have full control of all the comms.
@cwebber yes, and we already have options for that:
#JitsiMeet, #WebCall and other #WebRTC-based comms.
#OnionShare, #Wormhole, #oshi, #BitTorrent & #IPFS for #Filesharing.
#Nextcloud et. al. for collaboration.
...
@wmd @miqokin also the same Issues are by my own experience are better solved via @torproject / #Tor, @guardianproject 's #Orbot & @micahflee 's #OnionShare just to name a few.
@delta @leaf @n0iroh the closest "#serverless / #P2P" I've seen is #OnionShare [made by @micahflee]...
Tho I think the true #future will be #decentralized, #federated and similar to eMail...
One thing that @torproject is missing is a way to check availability and reachability of #Bridges with a simple tool.
Manually adding/removing one #bridge after the other in #TorBrowser and see if those connect is a relatively inefficient process and merely pinging them isn't viable either, espechally on #meek, #obfs4 and #snowflake type bridges.
I'm not even asking for like a fancy tool that is as clean as @micahflee 's #OnionShare but merely a #CLI thing (if necessary I'd build some #bash script) to automatically attempt to connect to said bridge and either spit out an ok or error.
And yes, this tool is kinda crucial as I want to quickly sift through a load of bridges that work on restricted ports (22, 80, 443) and thus can bypass the #GreatFirewall and #Roskomnadzor filtering...
If anyone at #TorProject needs more details, I'll gladly exchange them in a secure manner.
@xoron I don't want to discourage you at all - in fact I think your goal is not just noble but also worth aspiring to.
But whatever you do, please "DO NOT DIY ENCRYPTION!"
Prioritize features early on and make a decision what you want and if/how these can be accomplished. If necessary, have different modes / functions one has to context-switch (i.e. videocalling can't work in an airgapped network unless your callers are in the same (W)LAN).
User-test early on. Espechally with "#TechIlliterates", if you can.
Write #documentation early on since that'll remove headaches. And I don't just mean #CommentYourCode but go deep and explain in detail why you chose something. This will help not just you.
Make yourself a list what you like and dislike from those.
Don't be afraid if your #App can't tick all the boxes at first release. Rather feel free to slowly ibtegrate them.
Needless to say I do sincerely wish you good luck and only the best in terms of success.
@halva @lynn @signalapp @deilann
The problem is one needs to literally acquire a phone number and have access to it, and the demand of a phone number itself is bad. This makes it unnecessarily complex and expensive compared to using @monocles / #monoclesChat.
(Cuz if I've to pay to communicate, I might just choose a provider that isn't a #VC #MoneyBurningParty but a long-term sustainable solution based off #OpenStandards!)
Still, #Signal doesn't allow #SelfCustody of all the keys & #SelfHosting, which makes it vulnerable as a #proprietary #centralized, #SingleVendor & #SingleProvider solution.
And with #CloudAct on one hand and #Trump wanting to "Speedrun Hitler", I'd not rely on Signal.
I have setup comms for critical operations (incl. helping people flee Russia!) and I'd rather choose #OnionShare over #Signal if #Metadata is a real concern.
You use @micahflee 's OnionShare to circumvent firewalls.
I use OnionShare because it's the easiest way to transmit large files without uploading them to a filehoster like oshi.
@mattblaze Remember:
The only winning move is to commit "#AssetDenial" and commit to untappable communications with proper #E2EE via @torproject / #Tor.
@BestGirlGrace I mean it's easy to get started with the former by opening up @micahflee 's nifty tool called #OnionShare...
https://onionshare.org
It's pretty awesome and easy to use...
@lmorchard @vkc nodds in agreement I'm flabberghasted by rising #MediaIlliteracy & #TechIlliteraxy despite things being easier to do than ever before.
Nowadays even a cheap smartphie can host an #OnionService and stuff like #OnionShare even makes way easier...
Please understand as a maintainer of a project intended for many legitimately legal uses, I cannot help you with things like violating copyright.
Otherwise I'd be thrilled to get early feedback on #distrans but it's still quite early stage. I have sent a few large files around with it though. A 4G Kali ISO made it through intact.
It's currently only single-file and point-to-point, but resuming interrupted downloads and trackers are coming soon if I can find some happy fun #rust #hacking time.
I'm also considering a simple GUI that lets you send a file, #onionshare style...
