As I have mentioned previously, privacy and security are different concepts, but they are (with few exceptions I foresee) inseparable. Both cases about connecting to Google you presented are about security, they just assume different adversaries: eavesdroppers and active attackers who could interfere with the connection, and then Google itself. In the latter case, the security implications might be clearer if “Google” is replaced by “journalist” or “darknet market” etc, where it might be catastrophic if that other party knows who is connecting or from where.
Based on your wording and the context of this forum, this seems like the “if system XYZ is impenetrable by cybercriminals then ” narrow cybersecurity version of security. Security has as many definitions as there exist different threat models. Digital security, operational security (opsec), personal security, physical security etc would beg to differ too. Browser fingerprinting, IP address leakage, network metadata etc can be security issues as well as privacy issues.
Lack of privacy is not just a human rights issue, it’s also a security issue. Back to operating systems, the topic of this thread, things like what data the operating system provider collects from users and privacy protection measures (anti-fingerprinting, MAC address spoofing etc) should be factored into the security considerations of an operating system just as much as the operating system’s resistance against privilege escalation and buffer overflow.
I think you are conflating personal beliefs with what is widely accepted. Privacy and security might be interlinked for you, but they are largely orthogonal to each other, at least at scale. You can have a reasonably private system that is wildly insecure (some obscure linux distro running on Stallman certified hardware), and you can have reasonably secure devices with no privacy (HSI-4/5/6 enterprise desktops/laptops). Thus, think of privacy and security as two different variables you set at what is comfortable for you, and not a single spectrum where loss/gain of one means the loss/gain of the other.
On a sidenote, @RoyalOughtness thanks for secureblue! Use it everyday, and easy customization of bluebuild makes it easy to recommend to others too
@jerm
brace is meant to be a set and forget package that you can install so extra things like fapolicyd, firejail, and hardened_malloc are meant to be installed only if the user understands them.
Both my firejail and hardened_malloc package work together to allow more programs to run that normally wouldn’t.
@RoyalOughtness
how did you get hardened_malloc to work for flatpaks?
certainty that the hardening changes are being applied persistently
nearly all changes are applied via drop-ins or override configs and always applied
Not conflating, but disagreeing with the narrow definition (system impenetrability, or “cybersecurity” for lack of a better word). Other than by narrowing the definition of security, I can’t see how privacy and security can be considered separable. Do you suggest that the narrow definition is the one that is widely accepted, and if so, in which communities/contexts?
In digital security (example, example), security is thought of not just in terms of whether or not software, hardware, humans etc can be penetrated or made to behave in unintended ways, but whether or not digital technology can endanger users in any way (by design, accident or otherwise) by any adversarial means according to their threat model. Opsec and personal security are also security, but are very different to the narrow definition.
Making some assumptions here and there, I think I understand this example using the narrow definition: the Stallman system is very penetrable but hasn’t got spyware built into it, while the HSI-4/5/6 enterprise system allows users to be spied on by whoever developed or commissioned those systems but is hard to penetrate by other adversaries. However, I would say that both systems are neither good for privacy (I will have no privacy if I use it) nor security (my life, health, wealth, autonomy or information will be at risk if I use it), but if the entities who can spy on the HSI-4/5/6 enterprise system can be sufficiently trusted then many of the security issues vanish.
Straying away from operating systems for a moment, there’s the example of malicious certificate authorities being forcibly inserted into web browsers by authoritarian governments. I don’t remember the sources, but according to the sources this has both actually happened somewhere and is a proposal somewhere else. How should these TLS connections be evaluated?
I get your point, and can see where the confusion in this thread stems from. This is exactly why most academic articles start by defining the terms they use .
My response was limited in scope to operating systems, and in no way I meant to say privacy and security don’t intertwine. What I actually meant to say was: Within the scope of this discussion on other “Secure” OS, the terms “privacy” and “security” as defined with respect to operating systems are orthogonal to each other. For the larger discussion of how they intersect in the wider world, the terms, their definitions, and the scope of their application would be very different.
Apologies if I accidentally implied that the narrow definition I am using is in anyway the only definition. I was just trying to keep the scope of terms and discussion limited to technical aspects of operating systems only.
This is for sure a big issue on the larger web privacy and security discussion. There are already examples of this happening (sources: 1, 2), and governments too can do the same. Asking me to evaluate how TLS connection threats should be classified is asking a fish to fly, not my area of expertise at all. I do think it is both a security and privacy threat, and not a case of “either…or”.
This will ship as the default for secureblue as soon as a couple weeks from now. It’s not vaporware. The copr build pipeline is already setup
Your fork could benefit from their patches?
hardened-chromium isn’t a fork but we do pull in desktop relevant Vanadium patches. It looks like most of the patches in the repo you linked are either windows-only or already covered, but I’ll look through them more thoroughly later.
If you find anything is missing, whether from that repo or otherwise, please open an issue
There’s no need for an apology. I think this ambuguity is just an unfortunate part of human language. This forum has people from different backgrounds meeting together in one space.
I think this discussion has strayed too far from the topic of this thread. Maybe a new thread can be started if the topic still merits discussion?
CheriBSD is a Capability Enabled, Unix-like Operating System that extends FreeBSD to take advantage of Capability Hardware on Arm’s Morello and CHERI-RISC-V platforms. CheriBSD implements memory protection and software compartmentalization features, and is developed by SRI International and the University of Cambridge.
” narrow cybersecurity version of security. Security has as many definitions as there exist different threat models. Digital security, operational security (opsec), personal security, physical security etc would beg to differ too. Browser fingerprinting, IP address leakage, network metadata etc can be security issues as well as privacy issues.
(it’s still a work in progress)