Can DuckDuckGo replace Google search while offering better privacy?
The alternative search engine markets itself on protecting users’ privacy, but is it worth using?
So is DuckDuckGo no good? Surprised you did not mention it. Murray
Following last week’s article about privacy and surveillance capitalism, several readers wrote in about the absence of DuckDuckGo, and it was mentioned a dozen times in the comments. I have suggested this privacy-oriented search engine a few times since 2012, and I think it’s worth a go. However, I’m answering Murray’s earlier query along the same lines because I can use his email verbatim rather than cobbling together a joint question from multiple sources.
I watched peer.tube and Vimeo yesterday in solidarity with the #youtubewalkout . When I first got on peer.tube there wasn't much there, but it's certainly grown. I found this fun animated vid, 'Copying is Not Theft.' https://share.tube/videos/watch/a5bcc9ab-221c-4e25-afdb-88d837741b61 . Vidcommons also posts documentaries on peer.tube. https://email@example.com/video-channels . No ads either. That's really cool! If you are a You Tube content creator, please consider backing up your channel onto peer.tube, like @ChrisWere and https://share.tube/video-channels/chrisweredigital/videos
Beyond evil: This month Facebook started to scrape sites that use 'pixel' for all kinds of information. Including personal information about the visitors. People could be identified even without cookies by name or email. This affects also non FB Users. https://developers.facebook.com/docs/facebook-pixel/advanced/advanced-matching/
Seems to be currently live on booking.com and airbnb.com. Here personal information like name, email and phone number is sent to facebook during registration at airbnb.
#nginx is one of the most recognised (not necessarily attributed...) products of Russian IT industry, powering most of the Internet as we know today.
Today police raidet Nginx office in Moscow due to a Russian portal Rambler filing a copyright violation claim on Nginx code.
Granted that Nginx was just acquired by F5 and in parallel Sberbank acquired large share of Rambler, it looks like a regular business-class extortion attempt to me.
Experimenting with cool #systemd #linux #security #hardening features and "systemd analyze security" tool https://viewer.scuttlebot.io/%25WNfDjCz6ku1W32nh%2Ff08UAybVq2Sdl2ZwSTlvplwEXE%3D.sha256
Tested the #Ethereum ENS, which is a name resolution protocol that lives fully in the ETH blockchain and allows using names like webcookies.eth instead of hex addresses. There's also DNS -> ENS feature that imports DNSSEC-protected ETH addresses declared in regular DNS (currently only .xyz TLD).
If you're using MetaMask or other ENS enabled wallet, you can try to enter webcookes.eth or webcookies.xyz in the Send form (no need to send anything) and you'll see it resolved into my 0xDA... address.
@kravietz That of course. Standard BIOS setup should include:
- BIOS update
- BIOS password for accessing settings and changing boot options,
- Changing boot order and disable not needed boot devices
- Reset TPM and change to 2.0 mode
- Enable Secureboot and reset Secureboot keys
- Disable unneeded devices
- Explore further features in BIOS/firmware (like enable temper detection, disable Intel device mangement, …)
Twitter just invented the fediverse https://twitter.com/jack/status/1204766078468911106 "Twitter is funding a small independent team of up to five open source architects, engineers, and designers to develop an open and decentralized standard for social media. The goal is for Twitter to ultimately be a client of this standard. "
@kravietz The main goal of using a grub password is preventing someone from booting, pressing e setting /bin/bash as init and use vi to write nasty little scripts around your boot partition. It rasies the bar to "I have to open the device" which that again can be made visible using nail polish:
At least when you are paranoid enough.
Also of course you should use secureboot as you mentioned.
@kravietz Set a grub password!
Use OpenSCAP Workbench with the proper profile for Ubuntu, Fedora or CentOS to check compliance.
Full set of instructions (one might want to select just a few, but still):
I guess that should already help a lot :)
3) When there's choice between .deb and Snap/Flatpak version available (there is for Firefox, Brave and many other popular programs) always go for Snap/Flatpak version as it runs in a much more effective sandbox.
This doesn't come completely free either because with Snaps your profile file move to the sandbox but it's quite a simple operation.
My answers in random order:
1) Make sure you have Secure Boot enabled in BIOS, and BIOS password set.
That's pretty much all you can do to prevent backdooring & keysniffing of your bootloader today when someone covertly gets physical acces to your laptop.
If this is a viable threat, go for QubesOS, but be aware of its limitations (e.g. inability to access GPU by the operating system, so no games or 3D graphics)