LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-10-2019, 07:32 AM   #61
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,499

Rep: Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806

Quote:
Originally Posted by carlito386 View Post
Incidentally, if you want to install Opera web-browser onto Debian - you need to add the Opera repo onto your
Code:
/etc/apt/sources.list
Debian says you then have to trust the Opera repo.
So this is a clear example of Debian going outside of its ecosystem to offer users 'choice'.
This may become a worrying trend.
It's always been the case that if you install a proprietary binary package, you have to trust that repo, obviously Debian has no way of verifying it.
 
1 members found this post helpful.
Old 06-11-2019, 03:10 PM   #62
carlito386
Member
 
Registered: May 2019
Distribution: Debian
Posts: 75

Rep: Reputation: Disabled
Quote:
Originally Posted by carlito386 View Post
The idea of browser fingerprinting (Wikipedia) shows a user can be identified by various info held on their web-browser.
Web-browser fingerprinting could be used by a bank for example to make sure it's you making a transaction from your PC at home - and not someone else.
But it can also show your browsing history.

To avoid this we can turn off javascript (i.e. use NoScript) and use anti-tracking add-ons (e.g. uBlock Origin, Ghostery).

The above Wikipedia link says:
'Firefox provides a feature to protect against browser fingerprinting... but as of July 2018 it is still experimental and disabled by default.'

This 'resist fingerprinting' feature can be enabled by following this Mozilla page.
For good opsec - I think it is perhaps more advisable to use the FF 'resist fingerprinting' feature once FF green lights it.
Currently the feature is at its 'experimental' stage.
Which means we are taking a risk if we use it.
 
Old 06-11-2019, 03:18 PM   #63
RickDeckard
Member
 
Registered: Jan 2014
Location: Acworth, Georgia, USA
Distribution: Arch Hardened, Ubuntu 18.04, Fedora 30
Posts: 160

Rep: Reputation: Disabled
Anything that's been in the experimental stage longer than a year, I'd think long and hard before using.
 
Old 07-24-2019, 11:48 PM   #64
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by Slackware_fan_Fred View Post
Opera has you covered for privacy with it's free built in VPN.
Opera's browser VPN has abysmal network performance. We can't recommend it even though it's completely free.
 
Old 07-24-2019, 11:51 PM   #65
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by ondoho View Post
+1 for uMatrix (see my blog)!
What about Privacy Badger?

The latest release of Privacy Badger gives it the power to detect and block a new class of evasive, pervasive third-party trackers, including Google Analytics. Most blocking tools, like uBlock Origin, Ghostery, and Firefox’s native blocking mode (using Disconect’s block lists), use human-curated lists to decide whether to block or allow third-party resources. But Privacy Badger is different.
 
Old 07-24-2019, 11:54 PM   #66
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by cynwulf View Post
I use a combination of firefox and chromium
What do you think of Brave browser?
 
Old 07-25-2019, 08:24 AM   #67
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,499

Rep: Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806
Quote:
Originally Posted by LU344928 View Post
Opera's browser VPN has abysmal network performance. We can't recommend it even though it's completely free.
Hmm, that link says

Quote:
borrow your bandwidth, inject ads into displayed websites or sell user browsing histories. (Opera does at least the last of those, as detailed in the service's privacy statement.)
Seems like that undermines the point of using VPN in the first place. On the other hand, that linked privacy statement says

Quote:
Browser VPN. When you use our built-in VPN service, we do not log any information related to your browsing activity and originating network address.
 
Old 08-01-2019, 08:14 AM   #68
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Apparently Brave's dev used to be one of the heads at Firefox. Sounds good to me. And Brave is based on Chromium.

Brave vs. Chrome: Which Browser is Better?

Privacy
Brave blocks ads by default (unlike Chrome, which requires a 3rd-party extension such as AdBlock).
Brave blocks 3rd-party tracking by default.
On Chrome, mega-advertisers like Google and Facebook use 3rd-party cookies to track your browsing on nearly every website.
By blocking 3rd-party cookies, Brave limits the amount of data Facebook, Google, and other ad networks can collect about your browsing habits.
Brave stores all your browsing data locally on your computer, which means you can delete it at any time.
Brave supports Tor browsing, making it the first all-purpose browser to do so.

https://www.browserguides.org/brave-v-chrome
 
Old 08-02-2019, 09:18 AM   #69
Cyclinux
LQ Newbie
 
Registered: Aug 2019
Posts: 3

Rep: Reputation: Disabled
Quote:
Originally Posted by Slackware_fan_Fred View Post
Opera has you covered for privacy with it's free built in VPN.
I used to use Opera as my main browser until I heard the Browser was sold to
a Chinese tech company, now I use it only to stream sports. Now that I'm reading a little bit more
that a whistle blower exposed them for a having a 'backdoor' in their software I will use it a lot less now.
'Qihoo 360 backdoor'. Dissenter Browser, Brave, and Iridium Browser is what I use now.

For VPN Extension cyberghost works pretty well 256-bit AES encryption

Last edited by Cyclinux; 08-02-2019 at 09:32 AM.
 
Old 08-02-2019, 10:00 AM   #70
teckk
Senior Member
 
Registered: Oct 2004
Distribution: FreeBSD Arch
Posts: 2,263

Rep: Reputation: 499Reputation: 499Reputation: 499Reputation: 499Reputation: 499
Quote:
Now that I'm reading a little bit more
that a whistle blower exposed them for a having a 'backdoor' in their software
You can monitor what your browser is doing and stop it from sending packets to places that you don't approve of. Or at least watch what it is doing.
Code:
tcpdump -qtni any
Watch that and/or log that to file. Use whois to see who those ip ranges belong to. If you don't like your browser talking to it, block that range in your firewall. In fact you can block entire domains if you want to. Like ones that constantly knock at your firewalls ports. That may or may not cause you issues.
http://www.ipdeny.com/ipblocks/

Then for all the obnoxious ads
Google
64.18.0.0/20
64.233.160.0/19
66.102.0.0/20
66.249.64.0/19
66.249.80.0/20
72.14.192.0/18
74.125.0.0/16
108.177.8.0/21
173.194.0.0/16
207.126.144.0/20
209.85.128.0/17
216.58.192.0/19
216.239.32.0/19

2001:4860:4000::/36
2404:6800:4000::/36
2607:f8b0:4000::/36
2800:3f0:4000::/36
2a00:1450:4000::/36
2c0f:fb50:4000::/36

Amazon
https://docs.aws.amazon.com/general/...ip-ranges.html
That may cause you problems because half of the web runs on AWS.

Microsoft
https://www.winhelponline.com/blog/m...address-range/
You can even stop forced upgrades if you block them. That may or may not cause you issues.

Facebook
https://www.lifewire.com/what-is-the...acebook-818152

Point is that you can take charge of your browsers habits somewhat.
 
Old 08-02-2019, 08:55 PM   #71
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by Cyclinux View Post
I used to use Opera as my main browser until I heard the Browser was sold to
a Chinese tech company, now I use it only to stream sports. Now that I'm reading a little bit more
that a whistle blower exposed them for a having a 'backdoor' in their software I will use it a lot less now.
'Qihoo 360 backdoor'. Dissenter Browser, Brave, and Iridium Browser is what I use now.

For VPN Extension cyberghost works pretty well 256-bit AES encryption
You might like to check out Otter which is based on the old Opera (12.x):

https://otter-browser.org/
 
Old 08-02-2019, 09:37 PM   #72
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,499

Rep: Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806Reputation: 1806
Quote:
Originally Posted by LU344928 View Post
You might like to check out Otter which is based on the old Opera (12.x):

https://otter-browser.org/
It looks it's not based on Opera (it would be pretty surprising if it was, since Opera's source is not available). Seems to be WebKit based.

Quote:
Otter Browser aims to recreate the best aspects of Opera 12 and to revive its spirit.
 
Old 08-04-2019, 11:03 PM   #73
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Quote:
Originally Posted by ntubski View Post
It looks it's not based on Opera (it would be pretty surprising if it was, since Opera's source is not available). Seems to be WebKit based.
Ok, I guess that was poor paraphrasing: 'Otter Browser aims to recreate the best aspects of the classic Opera (12.x) UI using Qt5.'
 
Old 08-04-2019, 11:05 PM   #74
LU344928
LQ Newbie
 
Registered: Jan 2019
Distribution: Fedora, MX Linux, PCLinuxOS
Posts: 24

Rep: Reputation: Disabled
Google’s Plans for Chrome Extensions Won’t Really Help Security

Manifest V3 is a blunt instrument that will do little to improve security while severely limiting future innovation.

To start with, the Manifest V3 proposal won't do much about evil extensions extracting people’s browsing histories and sending them off to questionable data aggregators.

Additionally, Manifest V3 won’t change anything about how “content scripts” work.

Google keeps claiming that the proposed changes are not meant to “[prevent] the development of ad blockers.” Perhaps not, but what they will do in their present form is effectively destroy powerful privacy and security tools such as uMatrix and NoScript.

That’s because a central part of Manifest V3 is the removal of a set of powerful capabilities that uMatrix, NoScript, and other extensions rely on to protect users.

Extensions won’t be able to modify most headers or make decisions about whether to block or redirect based on contextual data.

If Google decides that privacy extensions can only work in one specific way, it will be permanently tipping the scales in favor of ads and trackers.


https://www.eff.org/deeplinks/2019/0...-help-security
 
Old 08-05-2019, 01:45 AM   #75
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 12,307
Blog Entries: 9

Rep: Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310Reputation: 3310
^ What we really need to do is something against Internet monopolies.

Quote:
Originally Posted by LU344928 View Post
Quote:
Originally Posted by ondoho View Post
+1 for uMatrix (see my blog)!
What about Privacy Badger?

The latest release of Privacy Badger gives it the power to detect and block a new class of evasive, pervasive third-party trackers, including Google Analytics. Most blocking tools, like uBlock Origin, Ghostery, and Firefox’s native blocking mode (using Disconect’s block lists), use human-curated lists to decide whether to block or allow third-party resources. But Privacy Badger is different.
...but uMatrix is different: it gives all that power back to the user, so they can see what's happening and decide themselves what they want to let through.

All in all I'm getting increasingly leery of the EFF. Not sure at all if their recommendations & tools provided are supposed to be swallowed without critical examination. And critical examination has revealed flaws, time and again! But that's unpopular stuff and a little harder to find on the internet. In any case, there was a thread right here on LQ about how flawed their very own certbot (letsencrypt javascript software) is. My blog also has something to say about letsencrypt.
https://dt.iki.fi/https
http://dt.iki.fi/https
 
1 members found this post helpful.
  


Reply

Tags
brower, internet, privacy, web


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Iridium Browser: A Browser for the Privacy Conscious LXer Syndicated Linux News 0 02-23-2018 08:44 AM
LXer: Data Privacy Day 2017: Solutions for everyday privacy LXer Syndicated Linux News 0 01-29-2017 10:12 AM
LXer: Are you Privacy Aware? Data Privacy Day, and Every Day LXer Syndicated Linux News 0 01-27-2017 05:33 AM
LXer: FCC Online Privacy Ruling Helps, not Hurts, Privacy-Minded Users LXer Syndicated Linux News 0 11-11-2015 03:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration