Which browser to choose for privacy and anonymity and which “free” email?

Cynwulf1 in a comment about waterfox left an advise to not trust so much a “popular browser fork” just because it has become popular “saying” it is safer and more private than the original.  After some discussion with friends and associates a couple of links came up as appearing to be telling some truth about why some are really bad, some are equally bad, some not so bad, but all with rational arguments and explanations on how they draw those moral conclusions.

As all things published on the internet, by a variety of portrayed experts, should ultimately be taken under a critical eye, “who is publishing this and why do they want me convinced”,  these two links below may answer a common question:  What browser is “safer” to use, what email provider respects my privacy and anonymity?

https://spyware.neocities.org/articles/browsers.html

https://digdeeper.neocities.org/ghost/email.html

Ultimately nothing digital these days can be trusted with any information that can risk your life and well being, and those that may depend on your safekeeping of secrets.  Being constantly informed by what is happening, who criticizes who and under what basis, is a measure of safety.  With the ethical ideological reasoning those two sites reflect we seem to have some common ground, and that is usually a safer criterion for screening fluff from solid critical arguments.  If they are true to their claims we sincerely apologize from advocating that waterfox and palemoon have been safer bets than firefox itself, they seem just as bad.

Sorry, doesn’t cut it, we should just have done more research before promoting something we seem to have no control of.  The values of waterfox and startpage (and startmail) are reflected in selling their “products” to the highest bidder, despite of how evil that bidder may or may not be.  It seems as we are about to find out more of who this system1 marketing really is in the next period.  Buying a popular search engine and a browser seems like an aggressive move to enter a competitive world we don’t want to have anything to do with.  It doesn’t seem that they made those purchases on some moral ground but by the power and ability to serve “peoples’ interests” on a zinc platter to the hungry marketing giants.

Despite of our irresponsibility to use this bandwidth to promote such crap, we apologize once again and commit to try harder to abide by the rules of ethical hacking from now on.  We are going to try to give gnu-icecat a try next since those two others seem to be self-condemned.  We will report any interesting findings after some trial period, but those two links above seem to be more reliable in their comparison than we have ever been.

7 thoughts on “Which browser to choose for privacy and anonymity and which “free” email?

  1. Hi to yee all!

    @fungalnet

    Quoting you: “Despite of our irresponsibility to use this bandwidth to promote such crap, we apologize once again…”

    Wow, don’t be too hard on yourself, man! Nice article by the way. And nice comment from Cynwulf1 on the previous thread dedicated to Waterfox . I like this picture of a “man selling bottles of ‘privacy’ from the back of the van, to the masses”. Quite eloquent. And the analogy with the [anti-]virus industry is quite adequate too. Same crap. When I was still running Windows (XP period), I often suspected that the anti-virus was just another virus yet… A (corporate professional) virus fighting other (home-made) viruses in order to better win the place.

    After a few decades of a “golden age” of being a place for knowledge sharing between universities, the world wide web has indeed become a corporate place, a corporate market, like any other, just way more strategic because it’s about (personal) data. –By the way, even this perception of a “golden age”, with the distance, now appears as it is: a myth.– We should never forget that, originally, all this huge net/web stuff is the heir of a military program, Arpanet, which was about the state security of the “free [Western] world” in a time of “cold war”.

    Now, even if there is no doubt that all these Google-Apple-Facebook-Amazon-and-So-on is about collecting data to be able to advertise (or re-sell your data to core-advertisers), the real battlefield I consider we should keep in mind is: what some call the “economy of attention”. (And when they say “economy”, we always have to understand “market”…) Just an exemple to illustrate my point.

    I am free to decide not to trust an ad when it pretends that the product/service/”value”/whatever it promotes is good for me. But I’m not as free to keep my focus, (said otherwide: to sustain a continuum of attention for things that really matter to me), since this ad does intrude in my experience, be it in “real life”, on TV, on the radio or on the web.

    That’s mass-distraction weapon.

    Hence, it may have been a mistake to “promote” Waterfox, indeed. (But who does not make mistakes? Only those who do nothing.) Nevertheless, you have made no mistake on what the true nature of the fight is. Whether ’tis systemd or web-browsers, ’tis the same fight for the freedom of keeping focus on important things, things that matter more than the hype for such or such other brand. Knowledge, awereness, deep values. In one word: autonomy.

    I’ve been verbose. I’ll give a link in a seperate post.

    Keep up the good fight!

    Like

  2. (Sorry in advance if this sounds a bit off-topic… But it is not as much as it seems. Everything is linked. Yet, the admin may decide to publish this elsewhere.)

    (Sorry too if ever those considerations bring nothing new to you, reader. But you may then have something to say on that matter.)

    Back in the days of the disastrous move of Arch to defaulting systemd –I then was running Manjaro and was hence impacted too and had to quit Manjaro, a distro I had been very happy with two years long–, I was (also) looking for a file-manager that “sucks less” ™. (What I mean by “sucks less” is: being lightweight yet full-featured, quite customizable to adapt to my workflow, and, the last but not the least, desktop-agnostic! In this period, I had to move frequently between Openbox, Mate, Xfce, LXDE, LXQt, since I was running a not-so-low-spec 32-bit netbook. Hence, this dektop-agnostic nature was kind of strategic to me.) I got interested into SpaceFM (that seemed to fit the bill) and read the blog of its developer (IgnorantGuru, iGuru for short) in order to know better what was the ground of his endeavour. I was particularly sensitive to iGuru’s claiming to be kind of a “cypher punk”.

    Hence, it was not by any “rabic” anti-systemd research that I came across this blog-post:

    https://igurublog.wordpress.com/2014/04/08/julian-assange-debian-is-owned-by-the-nsa/

    I’m not techy enough to apreciate all the content of the post and of its comments. (I hope that some, here, will be.) But what I see is the consistency of the lead from RedHat (& NSA as one of its biggest clients) to Poettering and the “irrational” systemd contamination in the Linux world.
    Debian is reputated for being both a very developmental sandbox and being conservative when it comes to provide a “stable” experience. Plus they also have the reputation (relatively to Ubuntu) as being nearer to the “Unix way” and also being more “community driven”.

    Consequently, it made no sense that Debian adopted systemd so fast as the default init. Hence, the only “logical” explanation for this move is that they “had to” do it.

    Regards

    Like

  3. There was an old saying, which went something like “security is not something one simply installs”.

    The same goes for privacy. Also, one can have a very secure browser which is at the same time not very private – because it’s transferring all that telemetry data to the provider’s servers using a secure transport!

    And vice versa…

    If you see “marketing”, if you see a brand, a flashy website, you smell a rat. Where a “consumer product” is being pushed, someone is looking at commercial gain. No one “markets” sysvinit or fluxbox or X.org or an OS like NetBSD in that way for example…

    If it’s fork of a free project and it’s been rebranded and it’s being marketed with promises, claims and assurances about privacy, security(!), or speed or whatever, then you should assume they’re trying to monetise it – and there is really only one way to monetise a free web browser project…

    When it comes to security, I tend to check the CVE database:

    https://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224

    1858 vulnerabilities to date, of which 2 known exploits, last one 2010.

    https://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452

    1873 vulnerabilities to date, of which 15 known exploits, last one 2013.

    Firefox has been around a good while longer, so you’d expect the newer product to have many more vulnerabilities and exploits of those. With chromium, it’s not the case and it’s clearly the more secure project.

    It has been acknowledged by a certain expert that chromium is the more secure project, better designed from the ground up for security.

    https://marc.info/?l=openbsd-misc&m=152872551609819
    https://marc.info/?l=openbsd-misc&m=152872744210957&w=2

    “Answered it in the long, the short version is: Chrome/Iridium is safer code”

    Your first link mentions Iridium. As it stands, Iridium is a good means of getting something akin to “ungoogled chromium” binary installers. The caveat is that you have to turn off the “safe browsing” spyware – for me not a problem as it’s become a habit for me for years. Once you’ve done that, it’s usable. I would habitually check that it’s disabled, irrespective over the browser and the fork project involved, as firefox also comes bundled with the same spyware.

    But when it comes to privacy, disclosing your IP address rather than using proxy/vpn, exposing a true user agent instead of a faked up one makes your browser finger print unique or easier to pin down by those invested in tracking. So you easily make yourself a target rather than blending with the crowd: “oh here he is again, with that odd browser, *nix OS, add ons blocking all sorts of scripts, visiting those same few sites…” – you stand out from others with such a configuration, so in reality you’re in a very defensive and visible privacy mode, rather than a passive and invisible one.

    So a combination of using (different) proxies, using different (random) user agents rather than using the same user agent and script blocking when using proxies and when not using.

    With onion or any proxy or vpn, you don’t know who’s running it, you don’t know controls the exit nodes, whether you can trust them, who they work for or what their price is, etc.

    When all is said and done it’s a minefield. It’s the same with the ultra private mail providers, often ironically based in the US… Using them makes you a target, whereas using something like hotmail or gmail and your own encryption makes more sense.

    Again it comes back to “you are responsible”.

    If you want a suitable analogy, just look at Ubuntu – 14 years ago, they were marketing and selling “Linux for Human Beings”. The fans were buying into statements such as: “Ubuntu is entirely committed to the principles of free software development” and “that people should have the freedom to customise and alter their software in whatever way they see fit”. That has obviously changed quite a bit… I leave it as an exercise to the reader…

    Like

  4. Hi people. Really like the site you’ve got there. Relentless focus on the user and exposing the bad guys. That’s how it should be!

    Anyway, Waterfox obviously sucks, but I still like Pale Moon thought the devs did some dumb stuff. It’s our best choice for standing up to Google and Mozilla. Though optimally, it should be forked.

    Keep up the good work!

    Like

  5. I really need the reinforcement after calling out some Void devs for their miserable treatment of users and be called “retarded” for it. See the last article on Void, which I defended against ungrounded criticism earlier this week.

    Like

If your comment is considered off-topic a new topic will be created with your comment to continue a different discussion. This community is based on open and free communication, meaning we must all respect all in minimizing the exercise of freedom to disrupt such communication. Feel free to post what you think but keep in mind the subject matter discussed. It is just as easy to start a new topic as it is to dilute the content of an existing discussion.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.