I just want to mention kuketz-blog.de, he did loots of Browsertests including an intercept proxy and actually analyzing the content.
Great resource to look for a MITM analysis.
Be aware that these tests are not all-encompassing browser tests and instead mainly focus on analyzing the connections made by browsers and data sent. It mainly doesn’t take security into consideration and privacy features like state partitioning and fingerprinting mitigations. That basically explains the questionable recommendations.
What questionable recommendation?
For example: Linux Mint, Fennec, Privacy Browser, Adblocker Apps, recommending to disable FF’s resistFingerprinting and use a anti-fingerprinting extension instead and a few more.
What I find very positive is that he has listened a few times to my explanations why something is wrong and he has corrected some things already. Also his MITM traffic analysis are quite cool.
I mean Kuketz covers a huge range of topics, so I don’t blame him for not being an expert on every privacy/security topic at all, because that’s simply impossible. Nevertheless it will spread some misinformation further and sometimes it would’ve been better to not give a recommendation regarding a topic than to give a questionable one.
His forum was one of the worst experiences I had in a while. Full of misinformation. Most users (including moderators) have no clue about security whatsoever and if you write something which doesn’t fit into their simple worldview of “open-source/Linux=secure, everything else insecure” you wont have a good time there. Again not directly Kuketz’s fault, because he can’t correct everything and just provides a platform for discussion. Nevertheless people expect the information to be somewhat right because they trust Kuketz to a certain degree.
So you would disagree that for example a user agent randomizer addon would in practice be better than RFP? Most websites dont seem to care about all the ways they COULD get your OS and browser, and still say I am using Firefox ESR on Windows.
Thid may be nice, but why not use Chrome on Windows instead, or Edge? On Android it would also be Chrome?
Would suck as websites would see less reasons to support Gecko, but I think in practice having a randomized fingerprint is pretty good.
Dont know for sure what extensions he recommends, but I think to remember that there was some good discussion of that controversy.
Linux mint… meh. Its nice but very old. I stay with Fedora Kinoite, which will be very secure soon and its already a lot better than traditional Linux and very new.
Of course. A user agent randomizer doesn’t actually randomize the user agent, but only the user agent string. It actually makes you stand out, because not many users do this, can get easily detected and the rest of the fingerprinting surface is still huge. RFP is what is used in Tor browser, so it’s the technically superior technology. Extensions are limited in what they can do and actually be fingerprinted including many of their settings. RFP doesn’t suffer from being limited through extension APIs.
Not inheritantly better than making it more uniform.
It’s not significantly more secure than most other distros. The immutability is not cryptographically verified from a root of trust, also many parts are still mutable or mutable after reboot. It also pushes people to use Flatpaks, many of which are unofficial, outdated or with modified builds.
Thank god it isn’t just me. I spent a few hours desperately trying to refute some bs against 90 % of the people commenting there, but it was hopeless. They act like if your device makes one connection to Google once, all of your data has just been made fully public. Their concept of security seems to be synonymous to privacy. Open source good, proprietary bad, no nuance and no exceptions, ever.
Those are the type of privacy advocates that make me scared that someone who really needs security/privacy because of their threat model might follow their advice. It’s not that bad for Kuketz of course, but I do think the way he sometimes ignores important aspects is irresponsible and can do actual harm. There’s a reason why he attracted the audience he did.
So if we want to go this route.
All the installed packages are versioned through OSTree, which is Git for your OS. So I guess yes they are cryptographically verified, as the official ostree remotes are and my system is exactly the same.
For Flathub, you can now add their officially maintained subset of their repo, with only official packages:
flatpak remote-add --if-not-exists --subset=verified flathub-verified https://flathub.org/repo/flathub.flatpakrepo && flatpak update
You need to remove any previously installed Flathub repo to enable just the verified repo.
Also, OSTree Fedora Distros dont “push people to use Flatpak”. You could just install RPMs only, through a GUI even. Just doesnt make so much sense with current GUI stores (you would need to select a few apps, build them into the rpm-ostree update --install A B C
command). But if you have no problem with the terminal:
sudo sed -i 's/AutomaticUpdatePolicy=none/AutomaticUpdatePolicy=staging/g' /etc/rpm-ostreed.conf
cat >> ~/.bashrc <<EOF
alias remove-update="sudo ostree admin undeploy 0 "
alias update='flatpak update -y && rpm-ostree update && notify-send -a "Updates" "Updates done"'
alias upfin="flatpak update -y && rpm-ostree update && notify-send -a "Update" "Updates down" "Shutting your system down in 10s" && sleep 10 && shutdown -h now"
alias flatup='flatpak update -y && notify-send -a "Flatpak" "Apps updated"'
EOF
You could also run it like QubesOS, with VirtualMachines only. But then, QubesOS will be way better for you.
Also, you could use Podman containers with official RPM packages inside. Isolated, just not as easy to do currently.
It’s still not cryptographically verified from an immutable root of trust. You would need to use security hardware for that. Even if that was the case, in its current state, there would be many important files and folders which are mutable and could be tampered with. The immutable image doesn’t cover enough to be considered a meaningful security feature.
This is true.