Thats good to know. Thanks for sharing

Do you know if these folks actively develop it or do they just apply patches to the Firefox codebase ?

Like do they just pre configure a bunch of about config settings and the pre installed search or do they harden the binaries at compile time ?

I’ve not kept up with this but I’m curious if there is any real advantage of this over Firefox after it has been configured. If not I would stick with Firefox as it will get security updates quicker by people who know the source code intimately.

Anyway not shitting on anyone’s choices here just curious.

Both my browser and network level dns blocker blocked the test attacker site from loading but in general there are 2 approaches to this: minimize your fingerprint data points or change them to blend in with the crowd.

I think for the most part selectivly blocking js and cookies will do a lot for you. You can also block the canvas and limit fonts too. I’d also recommend a vpn as they can associate it with your ip too.

Random hackers, companies, dragnet surveillance.

The companies are probably the biggest exposure as we are forced to interact with them for utilities, flights etc . They get hacked all of the time and dont bother to secure their data.

Also as a side note I hate how lots of places just assume you want to download their shitty spyware ridden apps or hand over your phone number or an email.

Personally I would split them so they are not all in the same place. So for email use something like proton or tuta, vpn could be mullvad and a local password manager such as keepass xc synced with syncthing.

There is also i2p mail

Welcome to the party pal

I’m not sure but it is a good question and a good project if none already exists.

Looking at work history from employees of these companies on linkedin we might discover more.

I export my totp from freeotp+. I have it added to keepassxc and sync that with syncthing to multiple devices.

If I lose the phone I can just import the exports to a fresh app on another phone.

Another option is use waydroid and backup the VM

Ive thought about using it for bank apps so I dont have hassle if I lose the phone or it gets robbed. Has anyone tried this ?

You are right, as you note this requires a set of skills that many don’t possess.

I have been looking for ways I can help going forward too where time permits. I was just thinking having a list of possible targets would be helpful as we could crowdsource the effort on gitlab or something.

I know the folks in the lists are up to their necks going through this and they will communicate to us in good time when the investigations have concluded.

I think going forward we need to look at packages with a single or few maintainers as target candidates. Especially if they are as widespread as this one was.

In addition I think security needs to be a higher priority too, no more patching fuzzers to allow that one program to compile. Fix the program.

I’d also love to see systems hardened by default.

Your distro should havê a security mailing list you van subscribe to

Yes

Fake details and don’t use the app should do the job.

I like it but I would prefer it to be more restrictive out of the box. Such as have apps declare a list of urls the are permitted to contact , a browser could have * .

I’d like a more granular filesystem list too more akin to apparmors were each file path needed is explicitly defined, in some cases you would need a wildcard or a directory but for most apps this could be done.

I’m not a fan of any corporation, so they can get fucked too I won’t buy sony hardware but if they port a game to steam I want I’ll get in on sale.

I support valve with purchases on steam as it supports linux. There was also the fact that sony took the linux install option away from the ps2 (or was it ps3) .

For me its Ubisoft, EA and Nintendo.

I use btop in tmux on my server but on the desktop I run htop in a dropdown terminal when I need to keep am eye on things

As to the why it depends on the use case but on my server I can monitor all disks and networks utilization by interface in addition to processor and memory usage with btop.

Htop is easier to parse due to the colors but I’ll still use top if on a remove server to check something in work.

Personally I would only use discs for an extra possible backup just in case.