cross-posted from: https://lemmy.ml/post/12400033 (Thank you https://lemmy.ml/u/Kory !)

I first used Linux about 5 years ago (Ubuntu). Since then, I have tried quite a few distros:

Kali Linux (Use as a secondary)

Linux Mint (Used for a while)

Arch Linux (Could not install)

Tails (Use this often)

Qubes OS (Tried it twice, not ready yet)

Fedora (Current main)

For me, it has been incredibly difficult to find a properly privacy oriented Linux distro that also has ease of use. I really enjoy the GNOME desktop environment, and I am most familiar with Debian. My issue with Fedora is the lack of proper sandboxing, and it seems as though Qubes is the only one that really takes care in sandboxing apps.

Apologies if this is the wrong community for this question, I would be happy to move this post somewhere else. I’ve been anonymously viewing this community after the Rexodus, but this is my first time actually creating a post. Thank you!

UPDATE:

Thank you all so much for your feedback! The top recommended distro by far was SecureBlue, an atomic distro, so I will be trying that one. If that doesn’t work, I may try other atomic distros such as Fedora Atomic or Fedora Silverblue (I may have made an error in my understanding of those two, please correct my if I did!). EndeavourOS was also highly recommended, so if I’m not a fan of atomic distros I will be using that. To @[email protected], your suggestion for Linux Mint Debian Edition with GNOME sounds like a dream, so I may use it as a secondary for my laptop. Thank you all again for your help and support, and I hope this helps someone else too!

  • Throwaway1234@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    9 months ago

    Librewolf has a nice build pipeline, I created a PR to just support replacing the malloc, that would be the easiest and best solution.

    That’s very neat! Hopefully it comes through!

    Then fedora firefox and librewolf would allow that, only flathub firefox missing really. Replacing the malloc is a very unsupported case for flatpak though, as the apps should be OS-unspecific.

    But even with the ability to replace malloc, isn’t Firefox still vastly inferior compared to Chromium if security is desired? Or are they actually operating in close proximity of each other in terms of security features?

    • Pantherina@feddit.de
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      Arguable. Chromium is just horrible to use. No sync, that would require something NOT Brave or Vivaldi to step up. Floccus is overcomplicated, xbrowsersync unmaintained.

      Firefox had core components rewritten in rust too.

      • Throwaway1234@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        Chromium is just horrible to use.

        Hard agree, except for PWAs; those at least work on Chromium-based browsers.

        But honestly, it’s just very unfortunate that the closest we have to an ungoogled, secure, private and anonymous web browser is particularly platform-locked; I’m indeed referring to Vanadium.

        On the desktop side of things, it’s just a mess; at least in my opinion*. I guess our best bet would be like running Tor Browser or Mullvad Browser in a disposable qube on Qubes OS 🤣. Furthermore, it would have to be connected through their respective network of choice; be it Tor network (and/)or VPN. And, ideally, without additional configuration changes to blend in as much as possible. Which comes down to foregoing your favorite extensions and even not maximizing the app window.

        *sigh*, such a drag…

        • Pantherina@feddit.de
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          I guess our best bet would be like running Tor Browser or Mullvad Browser

          Those are just Firefox. Using some other routing doesnt improve security.

          Vanadium might be degoogled and not send critical platform data, but it is not fingerprint resistant afaik.

          On mobile, browsers cant really be that though. On Desktop there only is ungoogled Chromium which is a beginning. But especially secureblue doesnt use it for some reason.

          • Throwaway1234@sh.itjust.works
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            Those are just Firefox. Using some other routing doesnt improve security.

            Never said or implied they were. Security is achieved through

            Tor Browser or Mullvad Browser in a disposable qube on Qubes OS

            Tor and Mullvad are only for preferred for the sake of anonymity as every user runs the exact same config on the same type of network.

            Vanadium might be degoogled and not send critical platform data, but it is not fingerprint resistant afaik.

            Hmm, you might be right. TIL. Thank you! Somehow, I was having high expectations for it… *sigh*

            On mobile, browsers cant really be that though.

            Do you happen to know why that’s the case?

            On Desktop there only is ungoogled Chromium which is a beginning. But especially secureblue doesnt use it for some reason.

            If I recall correctly, ungoogled-chromium has (at least in the past) been slacking on security. Don’t know if that’s still a thing though.

            • Pantherina@feddit.de
              link
              fedilink
              arrow-up
              1
              ·
              9 months ago

              QubesOS is interesting, I think overcomplex but needed until better systems are in place. Bubblejail would be an alternative that runs on normal hardware.

              I dont know how resistant Vanadium is, it for sure doesnt send critical data, but screen size, hardware specs etc cant be not send without having no GPU acceleration and a letterboxed screen.

              mobile browsers have limited screens size and every SOC has a different GPU basically. So if you avoid hardware rendering, you would still need to pretend to be the smallest phone comparable, and pixel density etc. may still be different.

              Ungoogled Chromium is a set of patches. These should totally be applied to Secureblue chromium, but currently it is saving effords by just using Fedora chromium and a few policies.

      • spalius@mastodon.social
        link
        fedilink
        arrow-up
        0
        ·
        9 months ago

        @Pantherina @Throwaway1234
        GrapheneOS authors stated that Firefox is less secure. The biggest issue is that Android is very reliant on WebView and so you inevitably have to increase your attack surface if you install a new browser.

        • Pantherina@feddit.de
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          9 months ago

          We are talking about different platforms here.

          Firefox on Android (fenix) has no process isolation at all. Same with all those tiny browsers that use the webview (every Browser with less than 50MB download size uses the webview, like Edge, DDG “privacy browser”, the common FOSS browsers and likely more).

          Currently for some reason 3rd party Browsers cant use the Chrome Trichrome library to use the full process isolation stuff, but need to ship it in their APK.

          Then on Linux Firefox (gecko) has process isolation, which for some reason is supposed to be compatible with sandbox. I opened an issue about that, asking for an explanation as there is none afaik.

          Only on Windows does Firefox have some form of advanced memory protection, which is unfortunate.


          So on Android, full Chromium Browsers have sandboxing, fenix and webview wrappers (and every app) can only spawn a single process.

          Also on Android there is a Webview based on Chromium, which most apps utilize, which can lead to the assumption (firefox on Android increases attack surface). Not though, that apps only connect to dedicated websites mostly. Also, this only makes a difference if hackers would target Firefox mobile, which has tiny marketshare.

          Meanwhile it should be more likely they target Chromium on mobile, do not using Chromium could spare you of some attacks targeted at the most commonly used Browser on mobile.


          Then to the usability issues

          • no containers i.e. different profiles for different logins needed
          • lack of many good addons
          • no UI customizability for users
          • worse stability than Firefox on Linux (may be due to Secureblue hardening)
          • no sync of passwords, bookmarks, session, etc.

          And the privacy problems

          • getting hacked is very unlikely with both browsers, but Chromium sends data to Google ootb (dont know if Vanadium has this removed)
          • Chromium is less fingerprintable due to being the most common browser, but most active antifingerprint measurements are nonexistent, unlike on Firefox.