HackerTrans
TopNewTrendsCommentsPastAskShowJobs

nobody42

28 karmajoined há 2 anos

comments

nobody42
·há 3 dias·discuss
It's usable (?) as a toy: numerous gui inconsistencies and lack of security isolation [0].

Can't say whether the of lack funding (move to Cockpit from Red Hat) is the reason, or maintainer is just an obstructionist (strictest feature policy).

[0] https://github.com/virt-manager/virt-manager/issues/358
nobody42
·há 5 dias·discuss
Is this some kind of FUD?

Shady sponsors (if there is any) doesn't matter when transparency is in place. Want to reveal malicious intent? Provide a PoC.

Only hardware that supports bootloader relocking are Pixel devices. There are no others to consider development effort - plain simple. No, you can't use an unlocked device as a daily driver. Up to a minute out of your hands (or triggered reboot from public power outlet, due to outdated Lineage firmware) - and your bootloader is rewritten with one that collect your FDE secret and sends it to a remote server.

Opaque hardware? Which hardware are better and more transparent than Titan and upcoming OpenTitan? Bruteforce protection which considers current ambient temperature - what more do you need?

I can't say anything about VPN affiliation, but everything else is complete bollocks.
nobody42
·há 6 dias·discuss
"There's no life where data broker isn't needed"
nobody42
·há 6 dias·discuss
Every time GrapheneOS "just works" should be mentioned, because some ecosystems are straight hostile to user-controlled systems.
nobody42
·há 7 dias·discuss
Its a renderer. It bakes live OSM data once very few weeks.
nobody42
·há 22 dias·discuss
Because exposed, non-private, abused by-default is a business model. The company is incentivised to not provide restricted access - otherwise you can't have a cut from apps revenue. It's defective by design.
nobody42
·há 22 dias·discuss
Outdated, but gives the general idea: https://github.com/nandan-desai-extras/PrivacyBreacher
nobody42
·há 2 meses·discuss
Memory safety is good, but does not protect from every threat. In this day and age infrastructure operators should familiarize themselves with proactive defenses, MAC: SElinux and AppArmor. It required much friction earlier, but there are more tools to ease the usage today.

https://presentations.nordisch.org/apparmor/

https://github.com/nobody43/apparmor-profiles/blob/master/ng...

https://github.com/nobody43/apparmor-suggest

Disclaimer: I'm the author of both repos.
nobody42
·há 8 meses·discuss
Attack surface of this thing gives me existential dread.
nobody42
·há 8 meses·discuss
> Freexian aims to keep the updates available for individual users and non-profit organizations.
nobody42
·há 8 meses·discuss
Best among existing. Anti-fingerprinting field is still in it's early stages.

I wouldn't say Tor Browser is the best because it requires custom configuration to be usable conveniently, which will make the connection non-uniform (and the user will stand out).

>Tor is pretty good for protection. Then there's always i2P as well…

Tor and i2P does nothing for (anti)fingerprinting - the program which render the web pages does.

>Saying one browser can protect the best is pretty hard to prove.

Not a proof but things to consider: https://privacytests.org/
nobody42
·há 8 meses·discuss
You could test with this: https://github.com/abrahamjuliot/creepjs Does it store the data? Unknown.

The best browser for protection is https://mullvad.net/en/browser because it makes the connection uniform, to better blend in.
nobody42
·há 8 meses·discuss
pmOS device compatibility matrix: https://wiki.postmarketos.org/wiki/Devices