this post was submitted on 01 Apr 2024
139 points (98.6% liked)

Privacy

31854 readers
152 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I am trying to re-adjust how much effort I want to put into privacy concerns. Too much stuff I'm using isn't working properly or using a lot of my mental resources that I need elsewhere.

For (a bad) example: I recently performed a half-switch from my self-hosted Nextcloud instance to ProtonDrive, in the hope that it would spare me the stress to maintain my private Nextcloud. Unfortunately, it doesn't, as basic functionality like cross-device-sync is not possible (there isn't even a client app for Linux, as of yet).

This brings me to the question: have you found any services/apps/stuff that significantly eases your life while still being privacy friendly? I know, this is a broad question, but I think this is for the best as this thread then maybe even has use for other users.

you are viewing a single comment's thread
view the rest of the comments
[–] LWD@lemm.ee 10 points 7 months ago (2 children)

Mobile Fennec (or pick your poison for any Firefox fork) has made browsing overall much better. Between ad blocking, Enhanced Tracking Protection and a paywall-bypassing extension, browsing is overall less tedious than a comparable Chromelike.

[–] lens17@feddit.de 3 points 7 months ago (1 children)

Which paywall-bypassing addon would you recommend?

[–] LWD@lemm.ee 8 points 7 months ago
[–] FutileRecipe@lemmy.world 0 points 7 months ago (2 children)

Mobile Fennec (or pick your poison for any Firefox fork)...

I can't get behind Android Firefox/Gecko-based due to their lack of security:

Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn't have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn't happening for their Android browser yet.

Ref: https://grapheneos.org/usage#web-browsing

[–] LWD@lemm.ee 4 points 7 months ago (1 children)

Personally, I'm okay with shouldering the security risk considering the internet-wide toxicity of Chrome and forks.

Lynx would be more secure than either.

[–] FutileRecipe@lemmy.world 1 points 7 months ago

okay with shouldering the security risk

To me, that depends on what you use the phone for. I sometimes use mine for banking as well as logging into various sites, so I want to reasonably minimize the security risk I am taking. If I wasn't, then sure.

[–] laughterlaughter@lemmy.world 1 points 7 months ago (1 children)

I've used Firefox mobile for a while now and I've had zero issues. The attack surface may be "much more," but that doesn't mean that it's completely open to hackers.

Plus let's be real: Gecko-based browsers are, what, 1% of the browser market? Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that's for sure.

[–] FutileRecipe@lemmy.world 1 points 7 months ago* (last edited 7 months ago) (1 children)

Gecko-based browsers are, what, 1% of the browser market?

Last I checked, Firefox was close to 3%, but you right, still not a large number.

Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that's for sure.

It doesn't have to attract the most attackers, especially if it is notoriously weak. You shouldn't choose software that is easier to exploit simply because it's more obscure. Do you also choose weaker encryption algorithms because no one uses them? I sure hope not.

And your comment would probably ring a little more true, except we just had the xz debacle, and guess how much Linux has of a market share? Probably close to Firefox's, both in the single digits.

[–] laughterlaughter@lemmy.world 1 points 7 months ago* (last edited 7 months ago)

No, I use Firefox because it's an excellent browser. It doesn't fit GrapheneOS's security requirements, but then, I'm not too concerned, because it's quite secure regardless. Even to the point in which it's more annoying than Chrome for certain things (like HTST.) You're trying to paint Firefox as "easy to exploit" when that's not true. Easier doesn't mean easy. The Kremlin might be easier to sneak into than the Pentagon. But that doesn't mean it's easy. Hell, Tor uses it to build its Tor browser. They could very well use Chromium for that.

guess how much Linux has of a market share?

You're probably referring to desktop Linux. Linux is used in billions of devices all over the world, and it reigns in the server space. So, no. Not "in the single digits" usage.