THE Big thread about security

By requests from curious ones, here's a thread about privacy enhancements on Garuda. I already posted about the issues with Mozilla products, and look forward to hear anything interesting regarding privacy, security and anonymity.

1 Like

Having absolute privacy/security in the internet is pretty much impossible imo. Only thing you can do is to limit data collection and try your best to stay private. And your privacy is worth it.

It is possible but, it depends what lengths you are willing to go to. It also costs, because to avoid being fingerprinted you need to swap hardware regularly, run from different live environments etc etc. Which unless you're "Mr. Robot" is just way too much trouble for Joe average.

2 Likes

best security for your pc is to cut your wlan cable :crazy_face: :upside_down_face:

4 Likes

which search engine everyone using to stay private and is best for privacy/security...?

1 Like

https://start.garudalinux.org/

Well, with regular web it's probably searx.

I made this a while back:

4 Likes

This thread can be an addition+user feedback on that page :thinking:

Yep, thats a pretty nice idea. Additional stuff will be added to the wiki then :relaxed:
Using a VPN is on the list as well :thinking:

2 Likes

canvas blocker is only for firefox...?

Havent found it for Chromium yet :thinking:

1 Like

This one?

Adguard dns or Cloudflare dns or Nextdns or Isp default dns or any other...?

right now I would say adguard. But when I will dig deeper to it, maybe it will change.

well right now i'm using adguard....and also searching for better dns

2 Likes

Thank you sir

Big privacy advocate here. I actually came to the forum to post a new thread polling users about their favorite privacy-focused browser extensions. I'll start things off with a few but feel like they should perhaps be split into two camps, those for chromium-based browsers and those for gecko-based browsers.

Gecko-based (FireDragon, Firefox, Librewolf, etc.)

Some of our favorite, locally developed by dr460nf1r3 browsers (read: FireDragon) come with a few baked in, including one of my favs, CanvasBlocker, which unfortunately isn't available for Chromium-based browsers (don't be fooled by the Chrome Webstore Extension by the same name, it's not the same), however, I found a very impressive alternative that I'll list below. uBlock Origin is almost a given at this point but still needs to be mentioned. I've also included it's lesser known sister-extension (I'm calling it that because it is made by the same people and does essentially the same thing, they just take different approaches), however this one is not for the faint of heart and is definitely reserved for advanced users. Both it and uBlock are available for both browser types.

In addition to the those already mentioned, one of my very favorites all around for both Chromium-based and gecko-based is Privacy Redirect. As the name suggests, it redirects links originally directed to Twitter, YouTube (including embedded content), Instagram, Google Maps, Reddit, Wikipedia, Google Translate and Google Search (or any other SE for that matter) requests to their respective privacy friendly alternatives - Nitter, Invidious/FreeTube, Bibliogram, OpenStreetMap, Libreddit, Wikiless, SimplyTranslate & Private Search Engines like Whoogle, searX, DuckDuckGo and Startpage. You can toggle all redirects on and off or select a specific instance for those with several to choose from, the default uses a random instance if none are selected. You can also set custom/private instances - I use this option to redirect Wikipedia links to wiki2.org, which is a Wikipedia frontend that's much nicer to look at / easier on the eyes. I was actually under the impression that Wikipedia is / was already open source but between the fact that this extension redirects links from Wikipedia to Wikiless and after a cursory glance into what the internet has to say about it and now I'm not so sure anymore. It appears that its roots are based on open sourced code / it has a FOSS foundation in Wikimedia but things have been muddied over the years and while it does share some characteristics, there are other characteristics generally expected of open sourced projects that are noticeably absent (see this old-ass but still relevant article). I think if you want to split hairs it could be considered open-sourced but apparently has some tracking elements involved that I'd think most FOSS advocates wouldn't appreciate. I plan on looking into whether one can use wiki2 and wikiless in tandem.

Also available for both browser types and a much easier to use alternative to something like uMatrix is the well known NoScript. There used to be one called ScriptSafe that was good but looks to have been abandoned as it hasn't seen any updates since 2017.

Another favorite is one that I discovered while looking for an alternative for CanvasBlocker on CBBs. It's called Trace and it turns out that this one is available for both as well, I just hadn't seen a need for it because CB does such a good job but after using Trace for a while now and being very impressed, I'll have to look more closely at what each do because there is a fair amount that Trace does that CB doesn't, including:

  • Canvas Fingerprint Spoofing
  • Audio Fingerprinting Protection
  • WebGL Fingerprinting Protection
  • JS Crypto Currency Mining Domain Blocking
  • WebRTC IP Leakage Protection
  • WebRTC Device Enumeration Protection
  • Client Rects Protection
  • Screen Resolution Spoofing
  • User-Agent Spoofing
  • Battery API Spoofing
  • Network Information API Spoofing
  • Browser Plugin Fingerprinting Protection
  • Hardware Fingerprinting Protection
  • Beacon/'Ping' Request Blocking
  • Blocks Malicious Top Level Domains
  • Hyperlink Auditing Prevention
  • HTTP Referrer Headers Controls
  • Google Header Tracking Controls
  • E-Tag Tracking Mitigation
  • Removal of specific Tracking Cookies
  • Removal of URL Tracking Parameters

It's being actively developed again after a short break for apparent personal reasons (its Github page still says it's not been updated in a while but the changelog says otherwise) and the roadmap looks promising.

My last highly recommended extension/addon is called SponsorBlock and once again this one is available both CBBs & GBBs. Aptly named, this is a YouTube extension that, you guessed it, skips the sponsors. You can also configure it to skip self-promotion, interaction reminders, Intermission/intros, and endcards/credits as well as skip right to the meat of the video. So if you don't fancy something like Privacy Redirect to take you to Invidious, Freetube, etc. (or directing yourself there, for that matter) and you don't use something like NewPipe or YouTube Vanced (both have SponsorBlock integration, though technically the NewPipe Integration is a NewPipe fork) and don't care for watching commercials or any other kind of disruptions with your YT content, this is the extension for you. Just a note though, you really should turn it off for any of the smaller channels you subscribe to/watch as its use could hurt the income potential, although there is some debate about this. I read something that lead me to believe that it's up to the influencer(s) and their discretion as to whether sponsors would be notified of dips in viewership that exactly coincide with the ad placements (indicating some sort of ad blocking). If you care about the channel, though, better to be safe and just take the 30s to watch the damn thing :stuck_out_tongue_winking_eye:

That's all, I guess I didn't have any that were expressly for CBBs after all but that's due in large part to FireDragon successfully converting me (thanks @dr460nf1r3!)

Anyway, your turn. What are some of your favorites, for any browser? (on that note, many of the above are available for Opera, Vivaldi, Safari, etc.)

PS - every time I go to bump an old thread like this, I get a warning message warning me about it and asking me if I'm sure I want to do it, which leads me wonder - despite the single most important commandment of any forum community being, "THOU SHALL USE THE SEARCH FUNCTION PRIOR TO POSTING," is it better/preferred by the powers that be and/or the community at large to start a new thread rather than revive an old one? I wouldn't think so but between the warning associated with this thread and the one I just posted in a few minutes ago by @brvheart (crossposted just above), I thought it prudent to ask. Spanks

5 Likes

heh glad you did bump this thread. made me read some things i liked :slight_smile:

I am using firedragon ( used firefox before with alot of customizations from user.js and ublock+localcdn+cleanurls ).

though my "darling" browser is qutebrowser :slight_smile: Qutebrowser - Spyware Watchdog

very actively developed, very configurable, integrates perfectly with kde x11/wayland, adblocker and python scripts. only negative is qtwebengine being always behind on chromium integration.

I also use sometimes brave, because I don't trust the firefox reddit sycophants, but nothing too serious.

2 Likes