Chromium is just horrible to use.
Hard agree, except for PWAs; those at least work on Chromium-based browsers.
But honestly, it's just very unfortunate that the closest we have to an ungoogled, secure, private and anonymous web browser is particularly platform-locked; I'm indeed referring to Vanadium.
On the desktop side of things, it's just a mess; at least in my opinion*. I guess our best bet would be like running Tor Browser or Mullvad Browser in a disposable qube on Qubes OS 🤣. Furthermore, it would have to be connected through their respective network of choice; be it Tor network (and/)or VPN. And, ideally, without additional configuration changes to blend in as much as possible. Which comes down to foregoing your favorite extensions and even not maximizing the app window.
*sigh*, such a drag...
Librewolf has a nice build pipeline, I created a PR to just support replacing the malloc, that would be the easiest and best solution.
That's very neat! Hopefully it comes through!
Then fedora firefox and librewolf would allow that, only flathub firefox missing really. Replacing the malloc is a very unsupported case for flatpak though, as the apps should be OS-unspecific.
But even with the ability to replace malloc, isn't Firefox still vastly inferior compared to Chromium if security is desired? Or are they actually operating in close proximity of each other in terms of security features?
Fair, although didn’t GNOME Boxes have some sandboxing issues?
Could be; I simply don't know. Do you recall the exact issue?
I even dedicated a specific pen for it!
Is it something fancy?
On a related note, take a look at this
TIL. It's definitely neat. Thank you for that!
Once I get an Android phone, I will try out Briar (because I am obsessed with the idea). I personally reached out to SimpleX regarding the spreadsheet, and the response I received back outlined that SimpleX pads the encrypted messages both during transit and in cold storage, which they said a lot of other messengers don’t do. A comment on the original post for the spreadsheet mentions that the spreadsheet doesn’t outline which services route through Tor (which Briar does, of course). The spreadsheet is very thorough, and SimpleX is still a relatively young project, so I don’t have much I can say. I’ve tried using it on iOS, and my friend and I both agree it’s terrible to use sometimes due to lag and choppiness. I currently testflight the app, but still no change. Either way, if you want, you can use SimpleX’s built-in support chat if you want to reach out to the team yourself. They are very friendly and don’t talk like a CEO, but there can be delayed response.
Thanks for the elaborate answer!
One related note, KeePass on Tails is outdated for some reason. Have any idea why?
If I would have to guess, it's probably because its respective package found in the repos of Debian is outdated. As Tails is based on Debian, it makes sense for them to continue to rely on Debian's packages as is and only backport security updates. Unfortunately, most of the established distros that are known for taking security, privacy and anonymity very seriously (i.e. Kicksecure, Tails and Whonix) are based on Debian; known for being stable, hence older packages. The exception, Qubes OS, has Fedora 37 (which has gone EOL since last december) in dom0. Though, in Qubes OS' defense, dom0 is (by default) not directly exposed to the network. And in general is just really fortified; I can't imagine anyone but state level threat actors to get through that as long as one upholds best practices. Furthermore, the qubes are as modern as you'd want them to be. So, within those, the desired up to date packages can be acquired. Regardless, unsurprisingly, Qubes OS' approach is (simply) strictly superior over the others.
I have never once had a cellular provider, which to me has been the biggest privacy boost since burning Windows at the stake.
Very interesting! Is it what's elaborated upon in this video? If not, would you mind elaborating?
Feel free to help me figure that stuff out.
Other commitments are too much right now. But thanks for the offer!
Librewolf has a nice build pipeline, there is a
Feels like you fell asleep while you were writing this and didn't bother to finish it later on hahaha (or simply forgot).
This looks awesome, but it only works for Fedora based distros, right?
Currently, it's indeed only for Fedora based distros. But there already have been efforts to make it work with Vanilla OS. And I assume that similar endeavors might occur if other image-based distros are provided. I wonder if such efforts are in the works for blendOS (an atomic distro based on Arch).
I want to make my own Arch ISO, all I found are very complicated stuff.
I don't know what your exact use case or intended usage of it will be. But, perhaps, penguins-eggs is what you're looking for.
Does Librewolf (RPM) work?
Have not tested it. I rely on the flatpak.
I only know that Chromium browsers use userns or setuid namespaces to isolate tabs. This is not allowed by the flatpak seccomp filter (applied for all apps) which is why bubblejail is a thing. But bubblejail is veeeeery alpha, portals, theming, running random binaries etc all broken or difficult.
Isn't bubblejail mostly a frontend to bubblewrap? Therefore, is it perhaps possible that, if well-understood, reliance on bubblewrap instead should translate to a less buggy (but indeed harder) experience?
Flatpak Chromium browsers use zypak instead, which will have a weaker seccomp filter than the tab sandbox in Chromium (because flatpak apps do more than browser tabs and there is only a single filter for them all).
I've often heard that the flatpak Chromium browsers are (somehow) less secure, but never heard why that's the case. Thank you for offering a very concise explanation on the matter!
My dream would be to build Firefox, Thunderbird and Torbrowser on COPR (or Github so the Fedora people dont kill me) with hardened configs.
WOW, that would be awesome! You've already found yourself a 'client'/'customer' :P . And I'm sure that a lot of others would be interested as well.
Longer than on vanilla fedora, or longer than before on secureblue?
Yes. To be clear, it's both longer than on vanilla Fedora Atomic and also longer than before on secureblue.
as did a lot of other people
Reminds me of this project, I wanted to wait until it stabilized..., but it never got that far 😅. But I hope its maintainer will join team secureblue, if they haven't yet*.
He invests hours in that project, look at the “secureblue Chromium vs Vanadium” table its crazy.
For reference; WOW, we definitely can't deny their commitment. I feel indebted. Perhaps I should support them 😅. Do you happen to know if there are any other channels besides Github to support them (and the project)?
My number one enemy (like most) is Google. I have been completely Google free for 1-2 years now (with the exception of YouTube on iOS, as the alternatives ultimately require a Mac to install, which I don’t have), but I haven’t used Google as a search engine in over 4 years. Besides trying to give as little information as possible
...
I also try to give as little information to other companies (Microsoft, etc.) as I can. Now, certain authorities have the permission to request data from companies, not just privacy disrespecting ones. That means that part of my threat model entails certain defenses against such agencies, to make it hard enough to correlate that data with my person. I don’t go overboard, in case anyone is worried. I’ve seen the bondage between paranoia and privacy, and I’ve set myself clear boundaries I won’t cross. So, my main goal is to protect against companies trying to collect my data (bleh, how cliche), but it doesn’t hurt to put in place some decent practices in case the world turns for the worst. I am protecting against attacks from the government towards low hanging fruit, but when it comes to large corporations, I don’t play nice.
Thank you for the elaborate clarification! But, perhaps I have to clarify as well; with "be protected from attacks targeted towards low(er) hanging fruit”, I actually meant any mass-surveillance, data collection and plain attacks from governments, corporations and adversaries that don't qualify as a (more sophisticated) targeted attack.
SecureBlue (Soon!)
Great pick! 🤣
ProtonVPN on all devices 24/7 except when using Tor (for speed)
I don't know the complete specifics of your threat model, but if you haven't yet, then perhaps it's worth reviewing what Privacy Guides has to say on this. Note, I don't necessarily view them as the de facto authority, but more often than not, their views hold more truth than falsehood.
or large downloads/torrents
Vaild reason to (momentarily) not use Tor, but please consider to review Proton VPN on port forwarding in hopes of alleviating the issue of speed without foregoing the VPN connection.
(may look into Mullvad VPN)
Unfortunately, at least for torrents, you're no longer able to rely on Mullvad VPN.
Firefox for streaming some videos that require a specific DNS configuration (Soon looking into how to put an extreme sandbox on it)
Easiest (and also one of the best options) is probably the use of a VM 😅.
ProtonMail + Anonaddy, use disposable emails for accounts that “don’t matter”
FWIW, since SimpleLogin has been acquired by Proton, there is merit in forsaking Anonaddy for SimpleLogin if decreasing the amount of trusted parties is desired. However, this comes at the cost at moving more into the the direction of putting all your eggs in one basket. So, ultimately, it's your choice to make.
Very, very strong and unique passwords + 2FA/FIDO for everything applicable
I hope an offline password manager is involved to some capacity. FWIW, if you're not doing it yet, you can always uniquely 'salt' every password.
Signal as my main messenger (to help bridge the gap for my friends) until GrapheneOS, then SimpleX (Please take a look at https://privacyspreadsheet.com/messaging-apps !)
I like that SimpleX is less platform-dependent. But it has been hard to let go of Briar. Do you happen to know how they currently fare against each other in security/privacy features (beyond what's found on the linked spreadsheet)? FWIW, IT security expert Mike Kuketz' review of SimpleX wasn't quite raving. Which is in clear contrast to his review on Briar. Of course, substantial time has passed since, but his 'non-approval' is something what's bothering me.
Bitwarden as my password manager until GrapheneOS, then KeePass
Ah, we've found the password manager, KeePass (be it DX/XC) is indeed excellent.
override remove
d packages on these images can neither be added back nor resetted, an rpm-ostree bug/issue.
Isn't that supposed to work with BlueBuild (or any custom image tooling)?
so I use Chromium which sucks a lot.
You're strong! I've been weak and have (instead) resorted to Librewolf. Initially, I had chosen to stick to Chromium. But, at least for now, I have to use Thunderbird anyways. So, might as well continue the use of Librewolf in the mean time.
Also had my system not boot twice, because of shitty Lenovo firmware and then because of the iwlwifi firmware bug.
I've also experienced some issues recently with boot times taking a lot more time than previously. But I've since changed some kernel arguments and it has been better since.
At the beginning there was no flatpak support, then only with
bubblewrap-suid
which is controversial and podman is broken, luckily there are userns images now.
This is indeed big; I wouldn't have been able to make the switch without the userns images.
The hack to use hardened_malloc on Flatpaks is also very nonstandard and electron apps do completely random things it seems (dont use electron, but its everywhere! Nextcloud, mullvadVPN, Signal, Element, …)
Thank you for your continued contributions and efforts that go into ever-improving secureblue!
Yeah, I saw that you had shared the https://blue-build.org/ website a few days prior. But, to me at least, the "Introducing BlueBuild" blogpost seemed more like proper announcement/introduction compared to the default website. And has only been published since 2024-02-25, so only after your post 😉.
Thank you for the write-up! I liked it overall. Perhaps consider to have like a day in-between proofread sessions. This might have alleviated some passages for which I currently hold some minor nitpicks. It's clear that you've written it with care, but -at least in my case- I notice that my proofreading skills (somehow) are a lot sharper the next day (or something).
VSCodium wouldn’t see that I’ve installed the languages I did, nor find my font (Geist Mono Nerd Font).
Assuming you had VSCodium installed as a Flatpak, perhaps the pointers found in this excellent blogpost could help out with that. FWIW, I succeeded with a similar endeavor without installing the IDE in the Toolbx/Distrobox.
@Throwaway1234
@sh.itjust.works