70
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 18 Mar 2024
70 points (100.0% liked)
Privacy
31790 readers
205 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Preface: I haven't used GrapheneOS personally, but I've learned as much as I can over the past year. I'll try my best.
Sandboxed only means apps don't communicate with each other* and that if one got breached your entire system remains untouched, only the app gets affected. Installing and using apps is the same as normal Android, no extra steps involved. If you want, you can create a separate profile for "unsafe apps", but this is by no means a requirement and only ensures that if that profile gets breached the other profiles are untouched (profile sandboxing). Rebooting your phone is good practice after installing any software on any device, because some apps need a restart to complete the installation. It is not a requirement. To summarize: Just install the app, open it, and you're done. Apps are sandboxed by default.
Edit: The only thing you have to do before installing apps that rely on Google Play Services is to install Google Play Services in Settings (somewhere). This only has to be done once per profile.
*There are some exceptions, but for simplicity we'll stick with the textbook definition.
AlternativeTo is a good place to find alternatives for certain apps.
This goes back to sandboxing. Basically, Firefox doesn't play nice with sandboxing. That means if Firefox gets hacked there is a greater risk of infecting the entire phone (which wouldn't happen with proper sandboxing). Vanadium has proper sandboxing, since Chromium (what Vanadium is based off of) was made for Android.
Think of Firefox as a metal crate with a few small holes poked in it. Those holes aren't a huge concern, since it would take a very skilled person to climb out of the crate through those small holes, but having holes in the first place is not great since it risks letting a person out of the crate. Chromium is a metal crate without holes, no risk of anyone getting out of that box, no worries.
Cheers!
Sweet. This is helpful. Thank you!
Maybe TOR uses FF because it's easier to modify for their purposes.
Others would call that "insecure"
For a anonymous browser, but not for a secure browser. The paper is purely about privacy and anonymity. No security (sandboxing, mitigations) here.
The attacker can't gain access to the host with javascript.
A browser that support javascript but doesn't have sandboxing might not leak these data but when their are bug in their js implementation, the attacker can gain more access to the host.
Threat model. Regular user aren't attacked this way?
Because Tor browser's goal is maximum anonymity and onion service. Firefox might be lag behind in security, but its code and features met the privacy requirements. Tor browser try to achieve some security by using noscript and block some web feature.
Security here is protection from exploits, bugs,...
Nonsense.