N.E.P.T.R

For real, a good font.

It’s Portuguese

flatpak kill some.app.id

Instantly kills it.

Yes there are. Actually quite a lot. They hate it because it isn’t a perfect solution in every single case that X.Org provided but ignore the long history of vulnerabilities, bugs, and cursed workarounds present in X.Org. it is getting harder for them to hate though as most of the pain points (eg. color management and global shortcuts) are part of the standard now.

For example Richard Stallman

Which would that be *pulls out the deathray which terminates fun places on the internet*?

No

Firejail is a large SETUID binary which can (and has) aid in privilege escalation. It is recommended to avoid it for this reason.

See: https://madaidans-insecurities.github.io/linux.html#firejail

If you are relying on community sandboxing profiles and not making your own, i can understand why Firejail is interesting as a choice because of its large community.

If you are making your own, consider checking out Bubblewrap (available on most Linux systems), Bubblejail), Crablock, and Sydbox, which all use unprivileged sandboxes.

It really isnt any defense. All a website can do is initiate a download, websites are sandboxed by default. You still have to run the executable, which doesnt really apply to Linux because the file will have no executable permission.

Yeah okay.

My logic was that it is much more likely that someone will spoof there useragent already if they are on Linux. If threat actor is targeting not just Windows but also Linux, they probably would understand the very real likelyhood of platform spoofing.

That isnt a great defense against malware “imho”. Security through assuming the threat actor is lazy is just not security. It doesnt take like any effort on their part to just use some off-the-shelf OS fingerprinting code. It isnt worth it either because it contributes to your overall fingerprint, since normal RFP users have a standardized useragent for Windows and Linux separately.

Firstly there is no need to be condescending.

Secondly, do you block all JS? NoScript is not a silver bullet and doesnt stop fingerprinting, it is itself identified by the CreepJS test site. It may in this case reduce the chance of OS fingerprinting, but pure CSS methods exist as well.

Additionally, NoScript is laregly redundant with uBlock Origin since you can do everything that it offers, such as blocking 3rd party scripts/iframes/all, block fonts, block JS, and it is very granular.

Bottom line, you are fingerpintable.

It is trivial to identify OS platform because browser work differently on each platform. Wjat Librewolf does with useragent on Linux actually is makes users stand out more because it isn’t what privacy.resistFingerprinting (RFP) reports on normally.

Hackers (like the comment scenario i was responding to) are substantially more likely to employ platform fingerprint than trust a fale useragent. And loads general websites employ fingerprinting, meaning deviation from default RFP behaviour makes you stand out (more than you already do by using RFP since it is a small pool already).

You can lie, but that doesnt mean that a website cant still tell your base OS if they use JS platform fingerprinting. Arkenfox, the base config which Librewolf is based off of says the exact same thing. Go to CreepJS and see it get your platform regardless.

Except websites can tell what base OS you run using browser fingerprinting. It os impossible to lie aboit your OS because of the differences in platforms.

Build it yourself source-driven distros?

Never ask it to do regex. Holy fuck, thank God I was just doing it for funsies as a test of local LLMs. I got it to go into an infinite loop trying to figure out what I asked.

What is missing that makes it a deal breaker? It really seems odd to always see comments effectively saying “we should have stayed with X.Org”. The nice thing about Wayland is that it’s maintained, so new features are being added over time.

To add to what you said, X11 is unmaintained software.

Adamant transphobe, but in that insidious way where they justify letting people get bullied in the Discord because their “not on anyone’s side and value different opinions”. A trans person in the Discord server was targeted by another member and intentionally misgendered repeatedly. They spent multiple blogs basically saying “people are snowflakes, we dont want an echo chamber”. Like wtf. (IIRC, working off my memory since I read about it like 2 months ago)