I made this post, outlining my verdict about whether or not Chromium is more secure than Firefox. At the very end of the post, I noted "GrapheneOS did not respond to my requests for a comment."

Well, after weeks with no reply, they finally responded. I don't plan to do any more research about this topic, but this information is still incredibly valuable. Keep in mind the questions I asked the GrapheneOS team were created before I had done much research about the topic. Here are the questions and GrapheneOS's replies:

Does Firefox have isolation between tabs?

incomplete

Is Firefox's implementation of tab isolation as secure as Chromium's?

no, it's incomplete and their sandbox is significantly weaker across all platforms, but it varies based on platform

Firefox uses Fission to isolate embedded content from the main website. Is Fission used for tab isolation as well?

it's incomplete

Is Fission the main cause of concern about Firefox's security?

there are many ways in which it's less secure than Chromium, but the weak sandbox particularly that's entirely not implemented on Android is one of the main issues

Are there other reasons why Chromium is more secure than Firefox, besides Fission?

Chromium uses full garbage collection for a lot of the C++ objects, has much more hardened memory allocators for native allocation, has the V8 sandbox as another layer of security missing in Firefox before the OS sandbox, has much more fuzzing, auditing, etc. and much more modern exploit mitigations implemented too

Firefox is far behind in nearly every way and laid off a lot of their security people

Isolation of embedded content is important to prevent Spectre and Meltdown exploits, but is this actually something that an everyday user will be majorly affected by? It seems that, unless you are logging in through embedded content, there is far less risk associated with this from an everyday standpoint. Again, more security is obviously better, but is this as big of an issue as it's made out to be?

yes it impacts users because browser vulnerabilities are widely exploited in the wild and the OS sandbox is one of the main defenses against it, as is the V8 sandbox feature entirely missing in Firefox

Google heavily monitors for browser exploits and catches a lot of it happening in the wild

Mozilla / Firefox has little visibility into it

therefore, it's much more widely reported for Chrome but does not mean it isn't happening with Firefox regularly

Is Firefox less secure on Linux (besides Qubes, Tails, etc.) than other desktop operating systems?

Tails is not a hardened OS at all, that's a misconception about it, and it has nearly all the problems of desktop Linux

Firefox on desktop Linux has weaker sandboxing than elsewhere

on Android they haven't even implemented a content sandbox, although the OS provides an app sandbox around it as a whole but that's not the same thing

In which ways are Fission less secure than Chromium's Site Isolation?

it's not even completed yet, the issue is still open since not everything is isolated yet and there are known ways out

Does Brave provide the same privacy against fingerprinting as the Tor Browser?

Tor Browser's anti-fingerprinting is greatly overestimated and does not really work with JavaScript enabled, which it is for most users

Brave's is not strictly better or worse

neither anti-fingerprinting approach works well

Could you provide good resources for my article about the state of Firefox security on Android?

no, but it is awful, they don't even implement any content sandbox let alone site isolation, and have almost no exploit mitigations or anything implemented

Would it be easy for a developer to create a fork of Firefox for Android that uses isolatedProcess?

no, but it's easy for them to do it relative to doing it elsewhere

Would using isolatedProcess in Firefox fix isolation issues? If not, what would still need done?

no, but it would allow them to provide a content sandbox on Android and partial site isolation to the extent they implement it overall

Is there tab isolation for Firefox on Android? Is this as secure as Chromium's?

there's an incomplete implementation, and no, it's not nearly as secure aside from being incomplete

So I'm on the market for a 4G or 5G mobile hotspot with a build-in VPN client I can carry around in my backpack and connect my cellphone to. I've looked far and wide, and really the only manufacturer that seems to make what I want is GL.iNet.

The two battery-powered models they offer that interest me are the Mudi v2 and the Puli: they only do 4G and I wish they did 5G too, but I can live with that. Other than that, they really tick all the boxes for me.

From what I could read, the GL.iNet company also seems very open and very responsive. That's a plus too.

But I have one giant problem that prevents me from whipping out the credit card: GL.iNet is a Chinese company, and those products are sensitive applications. I know I can flash OpenWRT separately on those devices to ensure they're not doing stuff behind my back, but I don't really want to do that because I'd lose the GL.iNet plugins and custom UI. Not to mention, I have no free time for that. I'm looking for a ready-made solution if possible with this one.

Anybody knows if GL.iNet can be trusted?

Also, has anybody ordered from Europe using their EU store? They say they ship direct from Europe but they give no details.

And finally, what do you think of those two mobile VPN routers if you own one. Do they work well? I read somewhere that they can be buggy with certain VPN providers. Do they work in Europe? I assume they do since they sell EU plugs but maybe there are caveats.

Loops is a federated alternative to TikTok created by Pixelfed. Once it first came out, users were able to sign up for early access. Confirmation emails weren't sent right away, but today they announced that emails were being sent out, and registration is now closed.

I got a confirmation email today, attached in the image. I will be loosely documenting my experience, and may (no promises) make a writeup about it.

Wiz Khalifa would be proud

Happy Halloween! Tails released a small update, but it's nice to see that the software in Tails is getting updated more frequently!

Here are the major changes:

• Update Tor Browser to 14.0.1.
• Update the Tor client to 0.4.8.13.
• Update Thunderbird to 115.16.0.
• Fix automatic upgrades aborting with the error message "The upgrade could not be downloaded" even after a successful download. (#20593)

Alternative link: https://tails.net/news/version_6.9/

I used Mullvad's guide to change the DNS in Linux Mint and it worked. But I have a question about Firefox's DNS over HTTPS settings. Can I turn it to off now that the whole operating system uses the Mullvad DNS?

I was interested in hosting my own mail server that provides a similar level of privacy for users as Protonmail, ie the server admin cannot read any emails, even those which are not E2EE with PGP. Is there a self-hostable solution to this?

I'm aware the server admin can't read emails that were sent encrypted using the user's PGP key, but most emails I get are automated emails from companies/services/etc without the option to upload a public key to send the user encrypted email. If you're with a service like Protonmail, the server admin still cannot read even these emails.

actually awesome and fast search engine (depending on which instance you use) with no trashy AI and ADs results also great for privacy, if you don't know which instance to use go to https://searx.space/ and choose an instance closest to you

To me, it’s gotta be the microphone

Introduction

Many years ago, when I was first getting into privacy and security, I wanted to see how long passwords should be in order to be secure from brute forcing. There are plenty of password strength testers already, but I wasn't sure if they accounted for the increase of cracking speeds over time. Then, the idea came to me: What is the maximum speed for a password cracker?

The Planck Cruncher

The Planck Cruncher is a theoretical supercomputer, designed to crack passwords as fast as the laws of physics will allow. Here is how it is constructed:

Imagine a little computer that can fit in the smallest possible space in the universe: a cubic Planck length. This little computer is able to test one password every Planck time, the shortest possible unit of time. Now, fill every cubic Planck length in the observable universe with these little computers, all testing passwords at the same time, and you have constructed the Planck Cruncher!

I should note here: of course this is impossible to create. This is just a fun idea I had, to test the theoretical security of passwords. Don't take it too seriously.

How fast is it?

First, you need to calculate how many of those little computers can fit inside the observable universe.

The diameter of the observable universe is estimated to be 8.8×10^26 meters in diameter. To calculate the cubic volume of the observable universe, you can use the equation for the volume of a sphere: 4/3*πr^3

A sphere 8.8×10^26 meters in diameter has a radius of 4.4×10^26 meters. Substitute that into the equation to get 4/3*π*(4.4×10^26)^3 which equals 3.6×10^80 cubic meters in volume.

A Planck length is approximately equal to 1.616255×10^(-35) meters. That means a cubic Planck length would have an area of 4.222111×10^(-105) cubic meters.

Divide the volume of the observable universe by the area of a cubic Planck length, and you get how many little computers make up the Planck cruncher: (3.6×10^80)/(4.222111×10^(-105)) which is approximately 8.52654×10^184 little computers. This is the exact number (rounded up):

85265403964983393378336097748259105456962168924502458604238495861430455049618543899011655543873668882698725826961915496774007125819288029139925501721769039231796606010595173836026575332

Next, you have to find out how many Planck times are in a second.

A Planck time is approximately equal to 5.391247×10^(−44) seconds. To find how many Planck times are in a second, you simply take the inverse of that to get: 1/(5.391247×10^(−44)) which is approximately equal to 1.854858×10^43 Planck times in a second.

If you multiply the number of little computers in the Planck Cruncher by the number of Planck times in a second, you find out how many passwords the Planck Cruncher can test every second: (8.52654×10^184)*(1.854858×10^43) is approximately 1.581553×10^228 passwords tested every second. The exact number is below (rounded up):

1581552541832778082294061053931661922686201706664570527082852925518538754570483301896790400140703419500140242637035837845567215262429787192831741927642510892782256238873773986538301349050212882962091805863577761872814550820473182

The complete equation is this:

How secure are passwords against it?

Since you know how many passwords the Planck Cruncher can test in a second, you can calculate how secure a password must be to fend it off for, say, 100 years.

There are 95 printable characters on a standard QWERTY keyboard. If you make each character of your password a randomly selected character from the 95 printable characters, you can calculate the number of possible combinations for your password using the equation 95^length where length is the length of your password. I will refer to this as the "complexity" of the password.

With that, you can calculate the bits of entropy of the password by using the equation log2(combinations) where combinations is number of possible combinations for your password. For simplicity, I will be referring to the strength of passwords by their bits of entropy. The unit used to represent entropy is the shannon unit, denoted as "Sh".

To calculate how many seconds it would take to crack a password, you divide the password complexity by the speed of the Planck cruncher. For example:

An 8 character password has a complexity of 95^8, or approximately 6.6342×10^15. That password has an entropy of log2(6.6342×10^15), or approximately 52.56 Sh. To crack the password, assuming it was the very last password tested, the Planck cruncher would take 4.1947×10^(-213) seconds. That is orders of magnitude shorter than a Planck time itself.

So, how many bits of entropy is secure against the Planck Cruncher? If you wanted a password that is strong enough to keep the Planck Cruncher at bay for 100 years, the password would need an entropy of approximately 789.66 Sh. The password would be 121 characters in length (rounded up).

A passphrase with the same entropy (assuming 7,776 words are in the wordlist, from the EFF Large Wordlist for Passphrases) would have 62 words (rounded up).

Conclusion

Obviously if the the universe is (literally) against you, you have bigger problems than a password protecting your sensitive data. This was just a fun thought experiment to see what the upper limit of password cracking is. It's interesting to see how a 1024 bit key would be resistant against even the fastest theoretical supercomputer for over a vigintillion years (assuming it has no other weaknesses). I hope you had as much fun reading this as I did writing it. Be sure to use strong passwords, and use a password manager.

The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay.
Tor has written about this.
Hacker News thread.

I honestly haven't found any good reading material other then the arch wiki which indeed vaguely outlines pros and cons, and I was wondering if the only significant advantage Is that you dont have go type your password in... Which ita a big advantage if you dont mind cold boot attacks ... Also automatic login Is handy if you dont mind privacy at all ... What do you think?

So I went to update my apps and was greeted with these warnings in FDroid. A quick and basic search online and in various communities yielded no news regarding a major compromise in Fennec and Mull, does anyone know more about this or have you seen any news regarding a vulnerability? Curious if this is a false positive or if there is something going on with firefox forks.

Two weeks ago, I made this post. The goal was simple: I wanted to dig into the details of Chromium and Firefox to see if the claims that Chromium is more secure than Firefox are true or not. You'll notice I also started turning that post into an update log, but only one update got released. There is a reason for that. Life suddenly got extremely busy for me, I could barely make time to continue researching. However, during that time, I spent a lot of time thinking about the issue. I tried breaking down the problem in a million different ways to find a way to simplify it and start from the ground up.

I came to a conclusion today, a realization. I have no way to put this gently: I cannot conclusively determine which one is more secure. This will upset many of you, and it upsets me too considering I maintain my own list of software that relies on only providing the most secure and private versions of some software. I need to explain why there cannot be a solid conclusion.

I managed to collect many sources to be used for the research. A lot of the information is parroting this article which, despite having many sources, fails to provide sources for some of the most crucial claims made there ("Fission in its current state is not as mature as Chromium's site isolation" has no source, for example). My favorite source is this Stanford paper which I think does a great job at tackling the problem. The problem I noticed is that a lot of privacy advice is given from an echo chamber.

Think about what privacy advice you like to give, and think about where you heard that. A YouTube video? Reddit? Lemmy? Naomi Brockwell gives a lot of advice that stems directly from Michael Bazzell's Extreme Privacy book, as I found out after reading it. Her videos about convincing people to use Signal are paraphrased passages from the book itself, which has a whole section about it. People touting Chromium as more secure than Firefox, or that the Play Store is a more secure option than F-Droid or Aurora Store, often get their information from GrapheneOS. I've never seen anyone research those in depth.

The point I'm trying to make is that a lot of privacy advice is circular reporting. I'm certain that if Michael Bazzell and GrapheneOS were to provide sources as to where they got their information (they rarely do, I checked) it would come to light that it boils down to a few real sources. GrapheneOS, no doubt, likely has inspected at least some part of the Firefox codebase, but Firefox is rapidly changing, so any sources that used to be true may not be true today.

FUTO Keyboard and GrayJay get recommended often because of Louis Rossmann, but HeliBoard and FreeTube (or NewPipe) were options long before those pieces of software. The reason the former became so recommended over the latter is simply because people used a popular figure, Louis Rossmann, as a primary source. It then became an echo chamber of recommendations and best practices.

That doesn't mean the claims of Chromium being more secure are false, but as a researcher it is very hard to credit something that doesn't provide any primary sources. In the eyes of a researcher, GrapheneOS's word holds just as much weight as a random internet user, without any proof. I see it play out like this: A source like GrapheneOS or Extreme Privacy makes a claim, secondary sources such as GrapheneOS users or Naomi Brockwell present this information without providing the sources, the general privacy community sees both, and begin giving the same recommendations on Reddit or Lemmy (sometimes with sources), and eventually the privacy community as a whole starts presenting that information, without any primary sources. Even if GrapheneOS, Extreme Privacy, or Louis Rossmann provided no research or direct comparisons, their word is taken without question and becomes the overarching recommendations in the privacy community. They each gained credibility in their own ways, but there should always be scrutiny when making a claim, no matter how credible.

The main reason why I cannot give a concrete conclusion is this: the focus on the article was to compare Chromium's Site Isolation to Firefox's implementation, however there are too many variables at play. Chromium may be more secure on one Linux distro than another. Debian is an example. Firefox supposedly has worse site isolation on Linux, but then how does Tails deal with that? It's based on Debian, so does that make it insecure for both browsers? Tor is based on Firefox ESR, which is an extended support release with less security, but Tor is also deemed a better option than Chromium browsers for anonymity. Isolating iframes doesn't really affect daily use, so is it really necessary to shame Firefox for that? Some variants of Firefox harden the browser for security, but some variants of Chromium (such as Brave Browser) try to enhance privacy. No matter what limits I set, how many operating systems or browser variants I set, there is no way to quantify which one is more secure.

"Is Chromium more secure? Yes, under XYZ conditions, with ABC variants, on IJK operating systems. Chromium variants XYZ are good for privacy, but ABC Firefox variants are better at privacy..." The article would be a mess. The idea for the article came because I was truly sick of the lack of true in-depth sources about the matter, and so I wanted to create that. I now realize it was a goal that is far too ambitious for me, or even a small group of people. Tor and Brave give different approaches to fingerprinting protection (blending in vs. randomizing), and there's no way to directly compare the two. The same goes for the security of each. There is no "Tails" for Chromium, but there is no "Vanadium" for Firefox. There's no one to one comparison for the code, because some of it is outside of the browser itself.

I regret making that initial post, because it set unrealistic expectations. It focused on a problem that can't tell the whole picture, and then promised to tell that whole picture. At a point, it comes down to threat model. Do you really need to squeeze out that extra privacy or security? Is someone going to go through that much effort? You know how to spot dark patterns, you know not to use privacy invasive platforms. Take a reality check. Both Chromium and Firefox are better than any proprietary alternatives, that's a fact. Don't bother trying to find the "perfect" Linux distro or browser for privacy and security, because you already don't use Windows. Privacy is a spectrum, and as long as you at least take some steps towards that, you've already done plenty.

Be careful next time you hear a software recommendation or a best practice. Be careful next time you recommend software or a best practice. Always think about where you heard that, and do your own research. There are some problems that are impossible or infeasible to solve, so just pick what you feel is best. I really am sorry that I wasn't able to provide what I promised, so instead I will leave a few of the sources I found helpful, just in case another ambitious person or group decides to research the matter. Not all of these sources are good, but it's a place to start:

GrapheneOS responded to my requests for a comment after this post was made, here: https://lemmy.ml/post/22142738

https://www.cvedetails.com/version-list/0/3264/1/

https://en.wikipedia.org/wiki/Site_isolation

https://madaidans-insecurities.github.io/firefox-chromium.html

https://news.ycombinator.com/item?id=38588557

https://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf

https://grapheneos.org/usage#web-browsing

https://www.reddit.com/r/browsers/comments/17vy1v5/reasons_firefox_is_more_secure_than_chrome/

https://www.wilderssecurity.com/threads/security-chromium-versus-firefox.450867/

https://forums.freebsd.org/threads/why-im-switching-from-firefox-to-ungoogled-chromium.87878/

Think about it. It was released (read: forcibly shoved down our throats) by Google and came out of nowhere when there were zero problems with the decades old and extremely well researched incumbent image/video formats that the web was already using (i.e. jpg, png, gif, mp4, etc). Google has confirmed ties to the US three-letter agencies through PRISM, as well as AFAIK all but confirmed ties to the Israeli government. BlastPass was reportedly apart of Israel's Pegasus hacking suite for years before the vulnerability went public, and was actively exploited by Israel to track down political dissidents. It's also the worst type of vulnerability there is, a buffer overflow resulting in arbitrary code execution, meaning once you exploit it you can do literally anything to the target device, from an image format, the type of file most people would never suspect to be capable of doing that (and indeed most developers never suspected that either, considering how everyone from Mozilla to Apple seemingly just took Google source code and incorporated it into their own software, no questions asked).

Maybe I'm just overly cynical, but I'm having a really hard time believing that such a critical vulnerability in such a widespread code base would be accidental, especially in the age of automated testing, fuzzing, and when the industry generally has a very good understanding of how to prevent memory vulnerabilities. The vulnerability was there since they very beginning of the standard and we're to believe one of the largest software companies simply failed to spot it for years? I don't think Hanlon's Razor should apply to companies like Google because they have a long and shameless pattern of malice and have long exhausted their benefit of the doubt.

I have a sneaking suspicion that WebP was planned as a Trojan horse from the start to backdoor as much software as possible, and Google sold the exploit to the US and Israel govts. Why else would Google so relentlessly push an image format of all things unless there was some covert benefit to themselves? (An image format that's not even patented/licensed mind you so they're definitely not making money that way.)

What do you think?

I'm investigating getting off the cell network permanently to avoid at least the constant triangulation of my position. I figured I'd look into getting a VoIP number and getting calls and texts over WiFi. I don't mind being unreachable when I'm not connected to a hotspot, so it's not a problem for me.

But before looking for a good VoIP provider, I decided to check if WiFi still worked in airplane mode. And indeed it works. But to my surprise, when I connected the WiFi, my cellphone provider's name also came right back up at the top right of the screen. In airplane mode? What the hell?

Long story short, after investigating a bit, I realized I had WiFi calling enabled. So I can in fact already get calls and texts without being on the cell network.

And I'm thinking, maybe that's good enough for privacy?

I mean I know SIMs leak information like ICCID / IMSI / IMEI so obviously they have no reason not to do that over WiFi also and that's not so hot.

But on the plus side, none of that information is linked to cell towers and location anymore - at least not precise location if I'm not on a VPN - the baseband processor is off and can't do whatever shady chit-chat it does with the SIM and the cell towers, and I can still use my normal phone numbers without having to change and tell a million people that I have new numbers if I go with VoIP.

Also, I don't store my contacts on my SIMs and I use a deGoogled Android. So I figure that limits how much adversarial software can exploit the SIMs to leak data.

So it seems to me that WiFi calling may be a good solution for me for better privacy without too many compromises.

Can you think of something I missed that I should know before using this feature?

Basically title. How does one go about pairing third party services like streaming services to a mini PC so that you can stream it on your dumb / degoogled TV? I don't really know how TVs work, much less mini PCs, so if anybody could dumb it down for me I'd appreciate it. What does your setup look like, if you have a dumb TV (e.g running kodiTV without network connection)?

There is the diceware method to make passwords random and strong to crack. But is it advisable to use this method to make random names for email addresses? That is the concern I have, when a person makes a random email address, they inevitably introduce things with which they can be identified, breaking the previously stated randomness, what ways are there to avoid this?

Okay the title is a bit exaggerated, but honestly not far off. This post is very mundane and a bit long, but thought it fits the community.

I'm visiting my home country and went shopping for pants, there were "30% off everything!" signs with a tiny text underneath that said "member discount" (don't have membership). Not a problem, did not notice and I don't care for such marketing tricks to get you into the store but okay.

Picked up couple of pants, went to the cashier and they asked me "do you have our membership?" - I answered no and expected the follow up question whether I'd like to join, but, to my positive surprise the cashier just happily responded "okay, not a problem!" and continued to bag my stuff.

I stood ready to pay and then the cashier said "now I just need your phone number and you can pay". Hold up. What. I did not expect that, I honestly had a burst of anger inside me (never gonna take it on a cashier, they are just doing their job). I asked nicely why do I need to give my phone number and I was told that to register me as a member so I can get the discount.

I declined and said I don't want to join and would like to just pay.

The entire interaction after questioning why they need my phone number was awkward, as if I had been the first person to decline, the weirdo, aluminum foil hat wearing hermit.

This was just one of many interactions in the recent years that make me feel as if I was a weirdo for not sharing all my info around. The worst is when everyone keeps telling me "its just an app, just download it and use that why do you make things complicated" or "just sign up you don't need to pay anything".

Thank you for reading my mundane rant, would you like to hear more? Just sign up for my weekly mailing list! ~~Your email will be shared with our 12 453 partners~~

On a linux machine I ran lsof -i while running tor just cuz; and I saw this plaintext URL that tor connected to, It persists even after i restart it or change identity, it is probably harmless but still is there some kind of event going on?

Latest news i was able to find: https://last-chance-for-eidas.org/

I cite that article:

Last week, representatives of the European Parliament, Council and Commission announced they had signed off on the eIDAS Regulation and that a vote in Parliament’s ITRE committee will be held on November 28th. We understand that although no changes have been made to Article 45, there were last-minute changes to the accompanying Recital 32. However, the EU has still not published the agreed legal text. There are now less than 13 days until the vote and the cyber security community, civil society and the public are still unable to read the proposed regulation, let alone scrutinize its impacts.

I'm considering buying a new TV. There's plenty of posts about trying to find dumb TVs, comments like 'just don't connect it to the internet/network'.

What surprises me is that there isn't a good overview of (popular) TVs or brands with basic information, answering for each TV:

• Can you use it as a basic TV by choosing not to enable smart features during setup?
• Can you opt out by just not accepting a bunch of agreements?
• Does it have a camera and/or microphone? Where in the device are these? Is there a physical disable switch for microphone?
• Does it nag when not connected to any network?
• Does it have higher than normal power usage when not able to phone home?
• Has it been discovered to connect to public WiFi networks? Does it have the (theoretical) ability to connect to 5G mobile networks?

And similar.

There are extensive lists with a lot of detail about VPN services but nothing like that for TVs. Am I ignorant of a good source, or does this just not exist (yet)?

If one chats/mails with a person using Windows, despite using secure private protocols, every message will be stored by Microsoft's Windoze Recall. Either I'm missing something but this feature seems like the most grotesque breach in online privacy/security.

What are ways to avoid this except for using obfuscated text?