- cross-posted to:
- browsers@lemmy.ml
- libre
- cross-posted to:
- browsers@lemmy.ml
- libre
Some quotes, any emphasis mine:
We’re essentially left with only two major open-source browsers (Chromium and Firefox), and knowing that one of them is controlled by Google makes it clear that it’s not the typical bazaar-like OSS project. We’ve gotten to the point that Chrome-based browsers are so common that developers just stopped to bother supporting other browsers. Last week I saw one site that directly didn’t support Firefox (it displayed a message I should switch to Chrome) and another where the sign in was broken on Firefox, but worked on Chrome-like browsers. Soon Google are going to be in complete control of web standards, unless something drastically changes. Do you want the future of browsing to lie solely in the hands of the biggest advertising business on Earth? I’m pretty sure that I don’t.
For me Firefox is the only alternative to a complete Chrome hegemony in the sense that:
it’s open-source in the real sense (a project that’s truly community-driven)
it has a great track record of fighting for its users and for a better Internet. Chrome started with a great narrative when it was facing an uphill battle with Internet Explorer, but it has almost become the tyrant it sought to displace. I wonder if every revolution is doomed to finish like this.
it’s home to the last major rendering engine, that’s not derived from WebKit (namely Gecko/Quantum)
Probably. Commercial VPNs are only somewhat helpful for privacy, they do hide your traffic from your ISP but unless you operate your own VPN, they just give a different set of eyes access to the websites you visit. It's true that websites won't see your real IP address, but browser fingerprinting is more complicated than using CanvasBlocker, and stock Tor Browser has a pool of similar users with the exact same fingerprint/set of IP addresses, so there is some degree of anonymity.
Cybersecurity researchers agree that Windows does have better security than Linux, though it seems to me that a much smaller userbase and an open source ethic does more to deter script kiddies than they give credit for. They are not interested in likelihoods of hacks being written, they are interested in substantial defense mechanisms
Here's the same guy on Linux. Seems that people never prove him wrong, but claim that he misrepresents priorities etc. I would think that most people criticizing him are (like myself) not security researchers, who have a specific way of seeing things https://madaidans-insecurities.github.io/linux.html
I admit his broad premise is correct: a FOSS OS or browser undoubtedly will have security vulnerabilities that unknown bad actors could exploit. That sorta comes with the territory of everybody being able to see how the digital sausage is made, so to speak. Where he (and a lot of security researchers) miss the mark, though, is failing to acknowledge that Windows and Chrome have intentional security issues, and we know the names of the bad actors already: Microsoft and Google.
I'll gladly accept the risk of somebody exploiting an oversight in whatever branch of the infinite branches of Linux I choose to install, than be guaranteed to surrender my personal data for free to some billionaires.
All the security features that he lists that are either missing or poorly implemented in Linux could be explained by the lack of a multi trillion dollar company developing Linux for profit
From what I've seen, security people tend to separate "privacy" from "security." Probably because the best security seems to always come at the expense of privacy, because profit. I agree with them that there is a massive trust difference that everyone can expect to have between Big Tech and Some Hacker, and it is basically that Big Tech is not going to steal your credit card info. It's not perfect and they might develop a surveillance tool that gets used by a hacker (and definitely the feds), but them seeing your most sensitive data is not much of a financial risk.
I would think that using Chromium for purchases and banking is safe enough for most people
That's a fair point. I'm sticking to my guns on Firefox, but other folks' risk assessments may come up differently than mine—and that's fine by me. I'd prefer not to give up my personal info willingly, and let it be my own stupid fault if I get owned by some random nerd. Maybe it's not for other folks. :shrug-outta-hecks: