Mageia forum

[jiml8]

https://www.theregister.com/2022/06/08/ ... _manifest/

I run chromium here, but when we get to this point I will be interested in blocking any further updates of the browser. If privacy badger and uMatrix don't work, I simply won't use it. I will have to look up how to remove chromium from the list that gets upgraded.

I also run Firefox, but I saw a reference in this article to "firefox going away..." I'm not sure what that is about.

[sturmvogel]

I will be interested in blocking any further updates of the browser.

Really clever safety-wise...NOT

Sometimes i wonder if people who don't update their systems/browsers/programs (because as example Mageia 6 has a theme which is not available in newer versions ) do even have basic understanding of the world-wide-web and basic IT-security...

I remember the time when Mozilla dropped their legacy extension system. Many ppl complained because "uh, oh, my beloved extension is not available anymore". But they didn't realize that after some time the same functions where available with the new extension system (sometimes with a new name because the former developers didn't want to port it to the new system. They insisted to cry alot instead of coping with the new situation). If you look at the Firefox add-on page you will see that the same amount if not more extension/add-ons are available than before...

So...you can be sure that adblockers will be available for Chromium/Chrome also. Maybe with another name..but still.

[jiml8]

I will be interested in blocking any further updates of the browser.

Really clever safety-wise...NOT

One of the essential components of safety is the maintenance of privacy. I'm confident that my overall security protocols will prevent intrusions into the browser from being successful...so long, that is, as I have full control over what scripting can run...and I am also confident that I will detect any intrusions before they do much damage.

When the software vendor explicitly takes steps intended to make it impossible for me to maintain control over my privacy, then that cannot be allowed; the compromise to my safety is not permissible.

It is much Much MUCH safer for me to block updates than it is for me to allow them under these circumstances. For anyone who maintains an appropriate basic security protocol on their systems, this will be true also.

Sometimes i wonder if people who don't update their systems/browsers/programs (because as example Mageia 6 has a theme which is not available in newer versions ) do even have basic understanding of the world-wide-web and basic IT-security...

I remember the time when Mozilla dropped their legacy extension system. Many ppl complained because "uh, oh, my beloved extension is not available anymore". But they didn't realize that after some time the same functions where available with the new extension system (sometimes with a new name because the former developers didn't want to port it to the new system. They insisted to cry alot instead of coping with the new situation). If you look at the Firefox add-on page you will see that the same amount if not more extension/add-ons are available than before...

So...you can be sure that adblockers will be available for Chromium/Chrome also. Maybe with another name..but still.

So long as the capability remains AND the browser can be prevented from sending a unique identifier, I will be satisfied and will continue to update. Given Google's dominant position in the browser market and in the advertising market, it is not at all obvious that Google will continue to permit this - and this article suggests strongly that they won't.

Also, as it happens, when Mozilla made that change, I blocked updates of Firefox until the new functionality was worked out and the necessary plugins again worked. I will note that Mozilla does not have the incentives to violate privacy that Google has, and Mozilla has never been the threat to privacy that Google is.

Also, if you want to go there, I will bet you that my privacy and security protocols are far more extensive than yours are. I am not tracked on the internet, at all, except in those rare circumstances where I permit it. And I intend for it to stay that way.

[jiml8]

sturmvogel wrote:

jiml8 wrote:
I will be interested in blocking any further updates of the browser.

Really clever safety-wise...NOT

Actually, I don't know why this didn't occur to me before, but you are in the EU, right? Where the GDPR provides you with a rather significant level of privacy protection?

Well, I am in the US. There are essentially no privacy laws in the US; it is open season on internet users and the amount of data collection, aggregation, and misuse is enormous.

So you and I have different environments to respond to; yours is to some degree curated, mine is totally wild with major hostile actors all around me.

[bluepanther69]

My two cents on the adds topic:
- Firefox won't go away, ever, because Chrome can't be a monopoly (it's derivatives are still chrome). As a side note, Firefox is funded by Google, so there's a pint of faith in what firefox says it does to protect the privacy of its users. Firefox forks (waterfox or others) might focus more on taking care of your privacy, but then again, they're not backed by any high reputation brand, so.. faith.

- Vivaldi and Brave, and I believe Opera browser too (all chromium) have built in ad-blocker. Not as effective as uBlock origin, but you'll get something.

- A third option, use pi-hole to block ads and known malware sites (unfortunately not as good as uBlock and won't hide YouTube adds). You don't have to make the whole raspberryPi configuration, you can install it in a virtual machine, configure the network of the VM as bridged, and then your host's internet DNS to use the pi-hole's DNS.


Then again, everything depends on the security and privacy level you want to keep. I'd say don't waste time with over-complicated techniques.
- Use a paid VPN or one of your own.
- Don't use online mail, use Mozilla Thunderbird, which also protects you against the beacon attack.
- If you are worried about profiling, then use multiple browsers for different situations. One for Google stuff that requires log in. One for Google stuff that does not require log in. One for no-Google stuff.
- Use multiple Operative Systems for different situations also. For the "student" you keep all stuff in one, for the "shopper" you in another, for the "good citizen" you in another with 0 F's given about tracking, for the "gamer" you in another, and so on.
- And keep contacting your local/national politicians to warn them about the privacy issues and push them to make new legislations to protect you.

I understand your feeling, but we can't do much given that every site we connect to tries to gather data from us, and everything is web based.

Privacy is the 'canary in coalmine' of Human Rights. When Privacy goes under attack, remaining rights are in danger (quoting RTPPrivacyTechTips).

[doktor5000]

As a side note, Firefox is funded by Google, so there's a pint of faith in what firefox says it does to protect the privacy of its users.

Firefox is not funded by Google. They simply pay Mozilla to set Google as the default search engine: https://www.reddit.com/r/firefox/commen ... &context=3
In any case, this doesn't affect most linux distributions, because they usually change the default settings to their liking.

[jiml8]

My two cents on the adds topic:

You have some decent suggestions here. Would it surprise you to know that I do all of these things, and more? (actually, quite a bit more).

For instance, I do run a complete pihole instance on an RPI that all devices on my network access to get their DNS, and I actively block DoH and DoT connections at my gateways so that any software that tries to get around my DNS is forced to use it.

I maintain two full-time VPN gateways hosted on small single board computers; one on my main LAN (where my browsing occurs) and one on my IOT VLAN (where all IOT devices are sequestered and isolated). The IOT VLAN has no access to the internet at all except through the VPN gateway; all IOT devices have no choice but to go through a VPN. The IOT devices use the pihole which has a carefully firewalled presence on the IOT VLAN; only port 53 is exposed.

The pihole access the internet via the VPN gateway on the main LAN.

I employ a zero trust architecture throughout my network, and a private vlan between my workstation and my NAS since there is a great deal of communication between the two and in the event of a breach I want that communication protected.

I employ a multi-tier browsing architecture, tied to different virtual machines. My main system (Level 3) browses through TOR and Privoxy and is routed through the VPN gateway. The browsers are chromium or firefox, both with multiple privacy plugins (noscript, privacy badger, others). The next level down (Level 2) in browsing is in a VM (I am using it now), is firefox only, with multiple privacy plugins, and goes through the VPN gateway. This VM contains none of my personal information and no email...just the firefox browser.

The next level down (Level 1) is a VM that contains firefox with modest privacy protection and a nearly stock chromium, directed through the VPN gateway. The lowest level (Level 0) is a modestly protected firefox and full-stock chromium, routed out my main gateway and used for banks and brokerages where I have to allow geolocation.

I do not browse except in my main Level 3 system (TOR, privoxy, VPN). All lower-level systems are used only for particular sites, with the level of protection dependent upon the needs of the particular site and the degree of trust I am willing to extend to that site. For instance, I do ecommerce mostly at Level 1, but some at Level 0. Notably, I access Facebook and Linkedin via Level 3.

I understand your feeling, but we can't do much given that every site we connect to tries to gather data from us, and everything is web based.

You can do quite a lot. I have described some of it here. I didn't even talk about my phone, which is also fully secure - and that was not trivial to accomplish, I assure you.

The problem, of course, is that I design network infrastructure for a living. So I have the necessary knowledge. The vast majority of people do not have that knowledge, and that is a very serious and still growing problem.

The USA is becoming malignant in many ways, and there are essentially no privacy laws. The digital environment is going from chaotic wild-west to perhaps actively dangerous. For instance, in current events, there is this:
https://www.zdnet.com/article/period-tr ... lete-them/
Now, I personally have no need to track a period but I know a lot of people who might have that need. I think the point is pretty clear.

So, I am not tracked around the internet except when I very explicitly choose to allow it. For now. But I wonder if AI will ultimately render all my safeguards moot. But, I won't worry about that until next week...

[epp]

Chromium is independent of Google. Whatever Google does or wants to do, should only pertain to Google Chrome, not Chromium.

If a certain extension will eventually fail to work in Chrome, the user can always switch to Firefox if the same (as an Add-On) is available.

I have uBlock Origin installed with Chromium and it's still working perfectly.

[zxr250cc]

Hi all,

In regard to phones and attached accounts I created an account for my android phones/tablets that I never use except to go there once in a while and delete the spam it has in it. No other activity of any sort. I have linked three devices to it so they can data mine that all they want. I even gave it an odd name for the fun of it.

If you use a phone only as a phone, no surfing or other online activity and shut off or disable every possible thing in the phone except basically the phone then the battery will last for days. Three or four days, easy. I have a Moto with A 10 in it and a Nokia with A 12 in it and both use very little battery to stay alive. Since I have multiple laptops I do any and all surfing that way with Linux and the laptop system set to be as secure as it can be but still function. I use Fire Fox, not Chrome.

I have used the phones as a hotspot sometimes and wonder about the data mining of the laptop when that is done.

YMMV

Cheers