Akip

joined 7 months ago
[–] Akip@discuss.tchncs.de 8 points 1 week ago* (last edited 1 week ago)

I'm using different browsers for different use cases. LibreWolf for general day to day browsing

Waterfox for background streams stuff where I log into accounts, its a choice not to cross contaminate these

Mullvad Browser for everything grey area-ish

Mull on phone with incognito icon and deleting everything on closing for day to day browsing

Firefox Beta for logging in to accounts where closing doesn't delete credentials

Everything is equipped with at least ublock origin and different modes of no script ranging from default mullvad browser config, to super strict allow per side and script basis in LibreWolf

[–] Akip@discuss.tchncs.de 5 points 1 week ago

It was good to have it as a backup. I primarily use wireguard but now its a single point of failure.

[–] Akip@discuss.tchncs.de 3 points 1 month ago (5 children)

Am I missing something or is the price higher after the 2nd year?

Yearly: $500 for first year, $400 thereafter
Quarterly: $150 every three months

$600 for 3rd year?

[–] Akip@discuss.tchncs.de 6 points 1 month ago

what divestOS is actually saying:

While DivestOS includes a Gecko based browser for privacy reasons, Chromium based browsers have many security advantages. It is up to the user to choose their preference.

https://divestos.org/pages/browsers

[–] Akip@discuss.tchncs.de 4 points 1 month ago

https://github.com/mumble-voip/mumble-docker

myself, I run a docker container of mumble in casaOS

[–] Akip@discuss.tchncs.de 4 points 5 months ago* (last edited 5 months ago) (1 children)

Thanks for clearing up my WiFi mix-up. From my understanding the same attack path still applies even to https://grapheneos.org/features#lte-only-mode and respectively https://grapheneos.org/usage#lte-only-mode correct?

https://en.wikipedia.org/wiki/International_Mobile_Subscriber_Identity states the phone would send a https://en.wikipedia.org/wiki/Mobility_management#TMSI most of the time? But your point about the IMEI still stands. So there is no real way to protect yourself other than to turn off cell tower roaming?

[–] Akip@discuss.tchncs.de 4 points 5 months ago (3 children)

Right, that’s what I understood. So using a VPN, a CSS will be able to identify that my phone is active, but not the content I’m accessing, or who I am accessing it from, correct?

From my understanding your statement seems correct, but it's also lacking a bit. Unless you also randomize your mac address (grapheneOS does this) they can still map your position and visiting times. Additionally not all of your phones data goes through the VPN, something like a phone call/SMS isn't encrypted unless you're using an app to make the call.

The previous comment said VPNs do nothing against this type of attack- were they just referring to identifying your device?

Yes, they are thinking of a VPN as a privacy tool, not strictly as a security tool as in your example. Privacy will be compromised.

[–] Akip@discuss.tchncs.de 10 points 5 months ago (8 children)

That's not how a VPN works. A VPN masks the information you are actually accessing by showing you query the VPN instead. To make a connection to a service you still need an address. This info is what they are using to identify your device.

Most traffic is already encrypted (httpS) so someone spying on you wouldn't know the content of your communication only who you contact. But without a VPN a man in the Middle could see who you are contacting. E.g. looking up pornhub. With the VPN it only shows you looking up the VPN.

[–] Akip@discuss.tchncs.de 1 points 7 months ago (1 children)

something you can try https://github.com/ValveSoftware/csgo-osx-linux/issues/3282#issuecomment-1969271416

For me putting the gaming monitor higher on the virtual canvas made them launch on that monitor.