blacklight447 
@blacklight447@social.privacytools.io
Admin
Localization co-leader Qubes OS project
Editor-in-chief at privacytools.io
Joined Apr 2019
@switchingsocial@mastodon.at @manyver_se so it only works over tor and Bluetooth?
We also have plans to update the about config and fingerprinting section on this page, for this we will be collaborating with thorin-oakenpants from ghacks.js project.
Dear PTIO community: after quite some work in the last few days, we are proud to show you our new browser recommendations! We now list recommendations for desktop Android and iOS!
See for yourself:https://www.privacytools.io/browsers/#browser
Greetings, the PTIO team
@infosechandbook@mastodon.at @sheogorath this is always what annoys me when people just argue"just run your own server its easy". No, it is not, there is a reason why being a systems administrator is a job.
Last approvals for it should be on github any moment now! :D
Big chance that our new browser recommendations will be up tonight, can't wait to show what we have been working on! #excited #privacytoolsio
@kyle these days, how bad an exploit is doesn't matter, only how fancy the name is, like meltdown and spectre.
@kravietz that's gonna cause a shitstorm.
@kravietz *made the account invisible and have it flagged "user deleted"* FTFY ;)
@kyle have you ever came across Belgian highways?
@gro kodachi is kinda shady, the also don't seem to ha e a proper security model, they just add security tool upon Security tool and hope it turn out well. I would most certainly avoid, especially their suspicious VPN.
blacklight447
boosted
boosted
Wow…
So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).
#Signal Desktop noticed this problem and as well and "fixed" it in the worst way possible:
https://github.com/signalapp/Signal-Desktop/commit/1ca0d821078286d5953cf0d598e6b97710f816ef
On the other hand #Riot Desktop did a proper fix, which enables an SUID bit on this binary: https://github.com/vector-im/riot-web/commit/56674ea70849b3a793fa7b862945163aa10b36b8
blacklight447
boosted
boosted
After @blacklight447 asked about my opinion on #OnlyKey, I looked at their docs once more.
I remembered that they didn't convince me last time, I saw them, but I took the time now to write down a short analysis of what I figured out from their docs about the security status of this "Hardware password manager".
https://github.com/privacytoolsIO/privacytools.io/issues/489#issuecomment-528426928
I really hope they proof me wrong, otherwise, it's a dumpster fire.
blacklight447
boosted
boosted
What is browser fingerprinting? How is it used? What is Tor Browser doing against it? Find out in this guest post by Pierre Laperdrix
"Any script running in your browser can silently build a fingerprint of your device without you even knowing about it."
https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead
@kyle fingerprints should be used as identification, not authentication.
@kev I advise newpipe on mobile and freetube on desktop. If you want something web based, I advise looking at invidio.us
Admin
Localization co-leader Qubes OS project
Editor-in-chief at privacytools.io
Joined Apr 2019
