I am trying to re-adjust how much effort I want to put into privacy concerns. Too much stuff I’m using isn’t working properly or using a lot of my mental resources that I need elsewhere.

For (a bad) example: I recently performed a half-switch from my self-hosted Nextcloud instance to ProtonDrive, in the hope that it would spare me the stress to maintain my private Nextcloud. Unfortunately, it doesn’t, as basic functionality like cross-device-sync is not possible (there isn’t even a client app for Linux, as of yet).

This brings me to the question: have you found any services/apps/stuff that significantly eases your life while still being privacy friendly? I know, this is a broad question, but I think this is for the best as this thread then maybe even has use for other users.

  • FutileRecipe@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Mobile Fennec (or pick your poison for any Firefox fork)…

    I can’t get behind Android Firefox/Gecko-based due to their lack of security:

    Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn’t have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox’s sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn’t happening for their Android browser yet.

    Ref: https://grapheneos.org/usage#web-browsing

    • laughterlaughter@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      7 months ago

      I’ve used Firefox mobile for a while now and I’ve had zero issues. The attack surface may be “much more,” but that doesn’t mean that it’s completely open to hackers.

      Plus let’s be real: Gecko-based browsers are, what, 1% of the browser market? Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that’s for sure.

      • FutileRecipe@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        7 months ago

        Gecko-based browsers are, what, 1% of the browser market?

        Last I checked, Firefox was close to 3%, but you right, still not a large number.

        Guess which browser is the most targeted by malicious actors? Not the one having 1% of the market, that’s for sure.

        It doesn’t have to attract the most attackers, especially if it is notoriously weak. You shouldn’t choose software that is easier to exploit simply because it’s more obscure. Do you also choose weaker encryption algorithms because no one uses them? I sure hope not.

        And your comment would probably ring a little more true, except we just had the xz debacle, and guess how much Linux has of a market share? Probably close to Firefox’s, both in the single digits.

        • laughterlaughter@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 months ago

          No, I use Firefox because it’s an excellent browser. It doesn’t fit GrapheneOS’s security requirements, but then, I’m not too concerned, because it’s quite secure regardless. Even to the point in which it’s more annoying than Chrome for certain things (like HTST.) You’re trying to paint Firefox as “easy to exploit” when that’s not true. Easier doesn’t mean easy. The Kremlin might be easier to sneak into than the Pentagon. But that doesn’t mean it’s easy. Hell, Tor uses it to build its Tor browser. They could very well use Chromium for that.

          guess how much Linux has of a market share?

          You’re probably referring to desktop Linux. Linux is used in billions of devices all over the world, and it reigns in the server space. So, no. Not “in the single digits” usage.