adry

Mind at least providing a link for your pretty strong claim about Tor?

I don’t have one. Thanks for asking, you made me actually reconsider the truthfulness of my own statement… I was just parroting back what I heard many times, years ago, among the people that attended a hacklab from the city I was living in back then.

Same goes with the ‘tip’ that said that Tor was initially funded by the US Military (which apparently is true, but then the project turn out to be independent.) These two “facts” were presented, and parroted back and forth in that space a lot.

It would be great to have real analysis knowing which data centers or actors have the biggest control of exit nodes. If there’s really a way to de-anonimyze any traffic from there.

PS. Since we are on the topic, another concern regarding Tor network is the possibility of correlation attacks. It always strikes me how ISP stops providing connection at ‘random’ if you were a frequent user. Pretty sure there’s legal forces behind it… but that’s my paranoia. Now those minutes or hours offline sprinkled here and there to my router were a fact. Anyway, the dark web is really full of a lot sick places. I’d rather just stay away from it entirely and use a VPN for my privacy when searching media and stuff. That’s a lesson I learned.

I hate it when I don’t know an acronym, but this one is particularly hurtful to my brain since everyone is saying “yeah, that link to the FSB was obvious glad someone demonstrated it.” So… I will just assume FSB=KGB and be done.

Anyway, most of our privacy “war fronts” are honeypots in one way or another. Take for example Tor network (high number of exit nodes are controlled). Except those apps or protocols that are truly decentralized (e.g. OMEMO in XMPP), these are good. But then again, they lag behind to our standards of “normal” Internet that connects us to the world, outside of our tiny circles of nerds.

Now, the thing with honeypots, is that they are there to catch some specific type of fly. If you were to use their network to take advantage of the features for anything that the “predator” behind doesn’t care, you’re fine. So, I will keep using Telegram for the memes and piracy channels…

From an OPSec perspective this is important news nonetheless and I will keep it in mind.

Precisely this is what I was about to comment, Thanks. Let me add that I’m using uBlue KDE flavor (Aurora) and don’t get me wrong, I love it… but for many reasons I’d rather not be using an immutable distro. As a personal decision. I prefer the Snapper approach, it gives you the benefit without any of the ‘costs’. But that’s how I see the ‘other differences’. To me, an experienced user and programmer, these ‘features’ are drawbacks. Immutable distros are quite good for non-power users (or whatever we may call them). Anyone without enough experience to understand the output of env | grep PATH (to put it in some random terms). If you want to fiddle with your system, customize the shell, etc… some simple stuff that made me fall in love with Linux might be just too difficult in an immutable system… at least this was my experience as a +10 year Linux user. Just adding ZSH to the distro is somewhat difficult enough, so the distro mantainers added a ‘just recipe’ (which is just a Makefile, see uBlue ujust docs) to do the stuff you would consider normal if you had any CLI experience; so stuff like tweaking your system (e.g. in the past I’ve used arch btw) will now be alienated from usual sources like simple online documentation… But I had to try this to get to know it. So, all in all, I think these immutable distros are great for someone who just starts on Linux or programming, and forces them to keep a clean home directory, nothing crazy like conda, pip install, pipx, etc. which I’ve learn as a dev to use; and have full knowledge of what they do with my env. Forced me to use devcontainer, cool… I guess… So, that’s the “safety” that I got from an immutable system, just being forced to keeping it tidy. Not bad, specially for a rolling distro like Fedora (the base for universal blue/ aurora.)

That’s re-victimization. People do people stuff, like using social networks. Furthermore, the database probably goes as far as previous to being bought, enshittified and renamed by Musk. So… you’re not being fair.

AFAIK that was a telemetry issue that was fixed (but very poorly addressed.) last year. Then someone posted about it recently…

I am using it BECAUSE of the vertical bar. So, I wouldn’t know.

I have been using Sidebery in Firefox for ages now… and TreeStyleTabs before that. To me it’s natural to use the space in the side of the web, since I almost never scroll horizontally but instead need the vertical space…

Thankfully I have been switching to Zen Browser just earlier this week :) I am very happy with the UI and ‘firefox backend’ (I get addons from here, not the highly censored google chrome webstore.)