A basic continuation of “Is Open Mandriva planning on dumping Firefox?” and I just want to add my own suggestions for anyone looking to stay private, secure or “anonymous” if done right. I recommend checking out “Awesome Privacy (Gitlab Edition)” on gitlab since it is new series of privacy readers.
Web Browsers and Addons
There are severial web browsers I’d recommend, but here is a list that I do endorse in this case.
1: Ungoogled Chromium (Default Browser in OpenMandriva). Why? Because it is non-woke and has no spyware nor telemetry related BS implemented by Google. A great Chromium Browser for those who seek better alternatives to browsers who are considered spyware.
2: Brave, While chromium based, it sure serves as a ideal replacement for FireFox because it is non-woke and is privacy respecting, but business is shady for brave.
3: Mullvad Browser, sometimes it’s better if you were to use a browser that takes security aand anti-fingerprinting seriously. A great firefox alternative if you want to stay anonymous online while doing basic tasks that just blends in with everyone else like Tor Browser does.
4: IronFox, a recommended mobile browser. Same as LibreWolf but modern version of mull (a fork of firefox, now a fork of mull).
Addons
1: Ublock Origin, The most recommended way to block ads and popups, and javascript if you use websites that misuse javascript.
2: Multi-Account Container, better to containerize web services you use then actually expose yourself using a browser that has logins to everything.
3: CnavasBlocker, a extension designed for anti-fingerprint and modification of your own fingerprints, honestly a better solution for using a FireFox or Chromium based browsers out there.
Email Clients
I recommend using Betterbird, a fork of Thunderbird since Tbird has moderate level spyware in them and has experienced some attacks that was critical.
VPN
Now if you live in poverty and is broke then I recommend ProtonVPN, chose a free plan for now and create protonmail mail account if it has to (Which is no longer the case since it now requires a account on Linux). If you are rich middle class bourgeoisie or is a crypto bro using Monero then I recommend Mullvad or iVPN depending on what you need from a VPN provider.
Search Engine
I recommend using DuckDuckGo or SearXNG for a better replacement for Google Search and Bing. If you still want a google replacement with the same results and anonymity, I recommend StartPage (I am no longer sure if it is privacy respecting anymore since it was reported to be owned by an Advertsing Company).
Sync
This one should be obvious but I recommend using Syncthing as you can share your own files with other computers or phones as a backup recovery method in case you somehow brick your PC running OpenMandriva.
Password Managers
I recommend using KeePassXC as the only solution twords creating Passwords or Passphrases, and sometimes you can use it to store passwords that you will soon forget in the future, and usernames and 2FA, everything you need is there for basic Essentials.
Now that’s basically it since this guide was meant to be geared twords OpenMandriva users and installing basic software and services that are usually essistential.
Also, if you are trying to stay apolitical then this is also the list you will like.
It’s also important to keep expectations reasonable. There is no such thing as total privacy, security, or anonymity on the Internet. That being said, definitely avoid anything that uses Tor and do not assume a VPN is a means to keep your secure. The former was developed by US Naval Intelligence, and the latter only encrypts the data between two endpoints. If either endpoint is compromised, then the point of encrypting the traffic is null and void.
Yeah, well, that’s kinda the whole point over here. And for those readers watching this post I recommend reading the comments for now, since it isn’t has obvious for those who have questions or concerns.
Yes, you should keep your expectations reasonable, and assume is trustworthy since you have no choice if they say “We protect your privacy” “We take security seriously” or “We respect your privacy” since there is nothing much you can expect from them, if it’s open source and want to audit the code yourself, then just inspect it, and verify if the code is not considered malware if something is deemed suspicious. Now, if you don’t know coding or any other programming languege then just use an AI model to explain and summerize the code itself. If the code is obfuscated then it’s proprietary, and should use a JavaScript Deobfuscator. This actually depends on what it is actually.
Yes, there is no such thing as a Silver bullet twords Privacy, Security, or Anonymity, as if you are actually doing it right, you might still encounter problems. For example, if you were to Tor, then that doesn’t mean they will prevent you from being data collect, it’s just that the Tor Network will make that said data unreabable, If you were to use, say ProtonVPN or Mullvad, it’s gonna replace your Real IP address to a VPN server owned organization such as Proton or Mullvad. They will know that you are using these and they will block them, which is Tor or a VPN which they will block them, almost all of them basically.
Yes, you should avoid anything that uses Tor, which is Brave. Just use the official Tor related software such as Tor Browser, which is the reason why you should only use the official instead of a fully implemented browser designed for convenience which you can toggle and enable settings, while also having a Tor integration which is designed for anonymity, but if you are somehow fingerprintable, that’s because of settings or extensions. Use the official Tor Browser (Which, I don’t think Sam Bent would recommand anymore since their responses and negligence of maintaining their browser is not worth it, it’s time to fork tor browser and maintain security and privacy within the Tor Browser ecosystem).
I personally agree with you. While I may try to find such alternatives to, say, Google LLC or Microsoft Software, I may have to keep my expectations as resonable and clear, since I or we as a group of privacy conscious users, expect privacy and focus on security and not just negligible software developers blaming users to keep up with their dev forum discussions. Also, yes, there is no total or any silver bullet to those things, they are just in progress about upcoming new software that should and will protect users from survillance capitalism. Yeah, never use a browser that uses Tor integration, while also keeping in mind that VPN is to make you stay anonymous (if that is the case) and/or private online. Because if the VPN goes way beyond the scope of what a vpn should do, then never use a VPN like that, such as Nord or SurfShark VPN. No wonder why I had to recommend against using such software or service for that particuler matter. And also, I think it should be common knowledge that Tor was developed by Naval Intelligence Unit in the United States. Which is what I saw in the Tor Network during and browsing the darknet. It should be obvious by now though, but I would like to see if there is a Tor or Tor Browser fork project, which there is a alternative Tor which I completely forgot, but it’s completely written in rust.
The only time I would use a VPN is if I knew exactly who or what was on the other end of the VPN. I suspect most paid and “free” VPN services provide security right up to their VPN server. Then they are free to inspect the now unsecure the packets, grab whatever they want, and send the packets on their way in any way they want.
That being said, before I drove a truck and before manufacturing was exported to China, I worked in a tool and die shop. CNC machines, both programming and operating. Plus debugging the post processor every year because the “new and improved” post processor that came from the CAD/CAM vendor had more bugs than a beehive. Obviously, whoever wrote it knew nothing about CNC machines and G-Code syntax. I found out quickly that nobody at the vendor wanted to listen to someone who actually used their product.
Our “shop” was spread out across two buildings, across the street, facing each other. In the old days, there was sneaker-net for moving paper tapes across the street. Then CNC programs became more complex with more 3D machining and less 2D machining. Paper tapes were too short. Switch to dial-up and spend time sending the CNC “tape” files, compressing and decompressing on both ends to save on phone time. When ISDN and the Internet came into the industrial park, the owners wanted to know if it was possible to send those CNC “tape” files over the Internet. So I looked into and found out that it was possible to set up a hardware VPN server/client at both buildings. Total control. Both ends. Because we had offices in both buildings, suddenly it became possible to send other data between buildings.
That scenario is the only time when I would feel a VPN is secure.
Matter the fact, for personal use. Just use a Browser extension and enable it, just use it everytime and connect it to the United States, I recommend using ProtonVPN for this particuler case.
For a workplace like yours. I guess you can say that as long as you or they use a reputable and trustworthy VPN provider, like ProtonVPN is. Maybe.
This happened 25 years+ ago. 1998 I think. Long before commercial, heavily promoted on YouTube VPN services were even invented. Long before YouTube when most people were still using AOL, Prodigy, or whatever. Nigerian princes were running rampant with requests to send them your banking information. Email viruses consisted of things as simple as “del c:\ . /y /s” or something like that. There were no browser extensions. Your choices were Internet Exploder or Netscape. Back then, it was hardware VPN on both ends or nothing at all.
Nobody ever successfully hacked it. But we did get quite a few calls and emails from Internet hackers threatening legal action unless the VPN was taken down. Somehow, the local hackers narrowed down the source and wanted in.
Something like that G-Code. No idea what they did with a spot drilling routine. But it did get rid of them after a few weeks. Apparently, not what they were looking for (porn or financial).
More strange is how I still remember G-Code after 19 years of not being exposed to it for 10 hours a day, 6 days a week.
Sorry, no. I mean don’t use Tor at all. It can be disabled in Brave, but the software itself does not anonymize you. Tor was cracked quite some time ago. You are not safe or anonymous when you use it regardless of where you get the software from:
As I said, it was created by US Naval Intelligence and later funded by US intel agencies. It’s a honeynet. This is why they had the media say it was bypassing government spying after the Patriot Act. To lull people into using it and creating interference so they can conduct activities. This is what happened with Silk Road.
Then we need to create and/or fork their Tor Network, because there is no way that thing is going to last very long. We need developers to create Tor from scratch or fork it and create their own version of Tor. We don’t need a government made network, we need a community made one.
The Internet is a government made network. Sadly, trying to fork any privacy related network service will still need to communicate on some network in order to be viable.
I have no experience with any of the commercial VPNs. The only VPN i have ever used and trusted was between the company I worked for and my home PC. I managed both ends.
Yours sounds similar to what I had set up 25+ years ago, using a hardware VPN on both ends between buildings, before Wi-Fi and 3G cell phones. I suspect my previous post yesterday may be misinterpreted by future viewers. Critical is knowing who has control of the VPN on the other end. In your instance, you managed the VPN on both ends. In my instance, I managed the VPN on both ends. It does not matter if a VPN is a hardware device, software, or a combination of the two.
I firmly believe most people don’t understand what a VPN is and what it isn’t. I get asked all the time, “which VPN do you use.” My answer is none of the commercial VPN services.
I still use a VPN, sometimes, depending on the situation. On my phone, I keep a VPN app, connected when I need it, to my home’s Wi-Fi router. When do I use it? When on vacation from retirement (Yes, it happens) and I find myself in a location with no cellular service but the motel/restaurant/whatever has Wi-Fi. In this instance, the packets go into my VPN, travel from my phone to the local Wi-Fi, to the Internet, to my Wi-Fi router, which removes the VPN wrapper, and sends them on their way. I set up the VPN on both ends. This protects from any Wi-Fi hackers who may be collecting data. But it does not stop any potential hackers between my router at home and the destination.
It was strange, but every uppity up at work had a company laptop. I wasn’t allowed to have one. I had to furnish my own.
We had to stress that if they were sitting in McDonalds eating breakfast, we wanted them to connect through our network to check their emails, do their banking, etc. Connecting through our VPN, we could make sure they didn’t get hacked on an insecure wi-fi and that if they did not do this, they just didn’t understand the risk they were taking. They all said, "What about xxxxxx VPN? We would say, “why pay for something we can’t control both ends of?”
So far, I have not found a way to truly block fingerprinting.
The only method I could find that seems to works is to block js, which breaks everything.
uBlock, Privacy Badger, font and canvas randomizers, WebRTC blockers, nothing gets past them.
If anyone finds something that works on that site that doesn’t break everything, let us know.
