For me
Nothing digital shows me ads, but going to a crappy supermarket is crazy. Most organic stores dont have any ads, its really disturbing to be in others. (But the fact that they are not able to feed humanity is a complex issue)
Its strange that you need to search something first to access it. And the Claude model is really outdated. The new claude model is better than ChatGPT4 but the old one isnt.
You are asking 2 different questions…
Backup via seedvault or using “sd contacts” and whatever you use.
Best OS is GrapheneOS>DivestOS>anything Lineage based
This. I guess you can save the permanent prompt to “output an error if the certainty of a result is below 50%” or something
I use that prompt to remove annoying talking, give me a single command and not “open nano here, copy this”.
I also couldnt find their website at all, how do you access that chat?
Turbo misinformation
Damn they have ClaudeAI! Its way better than GPT
I am confused that this Kernel is EOL when a nonstable Distro like Fedora still uses it.
I dont get it. Fedora is still on 6.7.11 and it already causes tons of issues.
So this is why LTS kernels are a thing?
I dont know if his fears are true and that is not for me to judge.
But he is very active, like still the most active person. It seems that he will always use his own account, but when reporting issues its always him to react.
I cannot imagine what a job that is
I also think the DivestOS project is pretty cool, as I use Mull daily and maintain my own custom addon collection from the time when Firefox didnt allow all installs. (I really have to clean that list up though, it has too many things).
Will look into it.
My knowledge is too that even “ungoogled Chromium” may not send data (so it doesnt have active antifeatures) but it is still not fingerprint protected.
Brave meanwhile is veeery bloated with weird stuff, which totally tells me that their focus cannot be that much on the privacy and security hardening.
Regarding Arkenfox, I maintain a small and pretty messy project to make it usable for daily usage changing only small bits.
I dont know percentages, but I remember most of it being one of these
So it is not mainly a security project but mainly privacy hardening to my knowledge. I agree with it mostly though, it is a great project.
Chromium has some flags and policies which are very limited though. The secureblue project has integrated all of them, and its still way worse than Arkenfox for privacy. There are JIT Exceptions though, not sure if this is available on Firefox, it was very hidden also for Chromium.
I also agree that manifest v3 is central Google control dystopia.
I have to say though
While DivestOS includes a Gecko based browser for privacy reasons, Chromium based browsers have many security advantages.
This makes little sense. If a Browser is not as secure as possible, it is not as private as possible. At least if you scale it. “The browser is like pretty secure, not the best available but okay, unless you are not targeted or something”. What statement is that? We dont know if we are targeted.
So I appreciate if people say “this may not be the best for privacy, but we use the most secure base and try to make it privacy friendly” just like I respect people making hardened Firefox more secure.
Anti-fingerprinting on Android is very difficult because of GPU models, display size etc. According to GrapheneOS, Vanadium sends as little data as possible. And I believe them that. Not sure about other vectors of privacy, the lack of NoScript (granular JS control per origin) and UBO makes it unusable for me, along with strange UI for adding search engines or whitelisting cookies while whiping the others.
Thanks for the link. I will read through the Tor mailing list and the other parts.
you wrote GPT style filler paragraphs about Firefox insecurity, misinformation that is up for a day now.
Why would you say something like that? But I will check everything again.
This was about Android, and Firefox had no process isolation to my last knowledge. Looking to find a source against this currently.
This is not Reddit, where closed source stuff and Big Tech stuff gets promoted or recommended
Okay? This is about privacy and security, Chromium is fully open source. Yes it is big tech and that may be a problem in many many cases. But this has no effect on its security.
I dont get that forum. They dont actually recommend Brave, only some “lower level” people do. Some people that parrot what the others say are often mods and take care of blocking everything. A post I made about that issue was also hidden, I can still see it and likely the mods.
Especially bad if in the same thread misinformation posts are kept. But deleting them is also not fair, as they are partly right.
claims Firefox security is bad, claims Google things are good and so o
I understand that you have no time to write about that in detail, but they do. Apart from the Torbrowser thread I read nowhere about the key differences in sandboxing and site isolation.
I also read nothing yet about how “leaky” Chromium is in terms of security. For sure Torbrowser doesnt accept it as it permanently contacts Google. But this is about security. I dont use Chromium anymore after finding out how much it pings Google using googerteller.
But just saying they have superficial opinions like that is not fair.
They have their alternative facts about security, which will not be allowed here.
If you have sources that prove me wrong please add them. I asked Firefox Devs about the security of Flatpak Firefox, also because it seems they dont do anything against their “Firefox is insecure” reputation. For sure, big corps like Microsoft and Google are pushing Chromium, but they simply also add a lot of informative sources for research.
It stems from the nonsense agenda GrapheneOS desires to propagate about Firefox.
Bullshit. Please cite where this should be the case .
and anyone can follow through mailing lists.
Tbh today was the first day reading a mailing list and its very strange. Their tracker, and the duplicate of that are both nearly empty and have no info, the only info is from that mailing list.
You will need to retract your statement
So it seems you are a mod, and if you think I need to do that I want to have at least another mod look at this.
I am critical of GrapheneOS, as clearly demonstrated, but your comment didnt disprove anything I said but you just ranted about how bad they are. I dont think this is very constructive.
Pinging the people in this thread (another advantage of commenting and not just liking). Plase see the changes in the above comments.
I am not parrotting their Propaganda, see my other, longer comment. I attached it to the top one now, and changed the catchy phrasing.
See this GrapheneOS Discuss thread where they deleted or have hidden my comment.
But as you seem to not have read the probably more detailed other comment, please do so.
I dont know what you want to tell me with the “mail thread about hating tom” as I have no idea what I just read.
I guess the beginning of the conversation and especially Tom Ritters mail here most useful.
What do you mean by this comment?
I am not sure but Firefox desktop (gecko) and mobile (fenix) are separate projects. I think they share a lot of code though.
So a browser renders webpages, CSS, Javascript and nowadays even Webassembly and WebGL stuff.
If you stick to HTML and CSS you are way more secure, Javascript is way more attack surface, and JIT+Webassembly where about 50% of Microsoft Edges security vulnerabilities.
So if you disable WebGL and JIT+Webassembly by default the attack surface is way lower. But there are websites, especially good stuff like Tuta doing in-browser encryption over advanced quantum resistant protocols, that require JIT. GrapheneOS Vanadium now has a toggle to enable JIT for some sites, Edge Desktop has too afaik (dont use it but its likely the most secure browser on Windows), Chrome-ium desktop allows a policy where you can list JIT exceptions.
Firefox desktop and mobile both likely allow blocking wasm and jit in about:config but no GUI toggle yet. Torbrowser in “very secure mode” also blocks JIT.
Coming to the engine, Chrome-ium focuses a lot on sandboxing, while using C and C++ for like everything.
Firefox has the rendering engine completely rewritten in Rust.
Assuming that most sandbox escapes come from memory issues, firefoxes sandbox doesnt have to be as secure if they simply dont have memory issues as they use Rust.
Firefox Desktop uses Seccomp filters for every process (restricting syscalls the processes can make) and separates processes using unprivileged user namespaces for every process (I think they call that fission). Firefox Flatpak can only use seccomp filters but the processes are not isolated from another, which is why you should probably use a system install (binary, .deb, .rpm, …).
You can sandbox system installed apps using bubblejail and allow access to the syscalls needed to create user namespaces. But it is pretty complicated and incomplete in my experience, even though I dont know why.
On Android firefox still uses the engine in Rust afaik, but Android has a very different model how to isolate apps. Also only Chrome-ium can isolate every process strongly on Android, yet. It is totally possible but Mozills doesnt seem to care.
At the same time to be honest I never had a security vulnerability in Firefox affect me, my entire life.
It is important to protect activists and people that “StAtE ActOrS” want to target, so those people should use the most secure browser possible.
The problem is simply that we have no privacy respecting variant on the desktop, that also has quick CI/CD updates. Ungoogled Chromium often lacks behind on Updates (and dont mention Thorium please).
This could be done by people that know how to build such a pipeline on Gitlab, Github etc. and apply all the ungoogle patches to the browser, hardening the build and creating .RPM packages every few days. There just is nobody currently doing that.
Adblock doesnt help privacy.
You need to use a hardened browser with as little unique identifiers as possible. Then you need to delete cookies and use different or unified IP addresses, obviously.