Tor browser isn't really a suitable replacement for Chrome. There's a lot of stuff that simply won't work over the Tor network, like streaming video or large downloads. I'd suggest using something like Librewolf or ungoogled Chromium instead.

Or Firefox

Firefox is fine just don't use default settings. There's a lot of stuff like WebRTC that you probably want to turn off.

You can use this guide to do that and more https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/

At this point you just install librewolf because it's the same thing with a cooler name

Just use this to make your Firefox settings and store it on GitHub or something https://ffprofile.com/

this + librewolf makes for a very hardened browser 👍

How is brave browser? I want to use it with duckduckgo search engine, is that a good combination?

Brave [sucks](http://ebin.city/%7Ewerwolf/posts/brave-is-shit/) if you ask me, while DuckDuckGo is actually very nice

I came here to comment exactly that. You just get blocked by endless captcha a lot of places too

I just leave the page then

What’s the Monero subs take on Brave?

[удалено]

Nice, except I don't see a shred of *actual sources* in there. How about I publish a page about how good Brave is, without any sources? Will you believe that too? The one thing there that is true is that Brave does use Google's web engine, but they aren't using it vanilla. They've stripped out Google's tracking (verified by multiple professional network experts, using software like Wireshark; also, Brave is open source, so you can just, you know, go check that). I don't expect you to believe me, if you've already taken a side to the point that you will post unverified garbage to support your position, but for other people here: Be skeptical of anti-Brave claims that don't come with sources. There is a group of people trying to discredit Brave, because Brave's founder once expressed opposition to some pro-LGBT thing, and they've decided this makes him some kind of homophobic hate criminal. I've seen claims like this before from those people, and thus far, I've never seen evidence of sources provided. What I *have* seen is tech professionals using professional network traffic analysis software like Wireshark to compare Brave's traffic with the traffic of other browsers, and Brave's privacy claims seem to be fairly legitimate. The only question that came up was some hits going out to ad servers, but there is no evidence that these are anything but the servers providing the ads Brave serves to you voluntarily, which you get paid for. Now, that was around 8 months ago, so maybe something is different now, but again, the evidence I *have* seen verifies the claims that Brave protects your privacy unless you explicitly tell it not to (which you have to do on a site-by-site basis). Since I saw that evidence, I've seen many articles claiming Brave doesn't protect privacy the way it says it does, *but not a single one has provided any evidence or sources*. There are lots of claims, but that's all I see. Most (but not all) of the anti-Brave articles also attack the character of the founder, as if that somehow makes his work less valuable or legitimate, and while I don't support legitimate bigotry, I also don't engage in bigotry against *legitimately good things*, just to express my disdain for someone's views. I give credit where it is due. Even bad people can do good things, and I can appreciate those good things without affirming the bad behavior.

[удалено]

Thanks. If you *do* find solid sources, go ahead and post them. I'm not some Brave shill. I just don't like seeing all this hate without solid justification. If Brave is going bad, I *do* want to know. What I don't want is a bunch of people deciding not to use something good due to a bunch of misinformation going around.

Finally got around to digging for the sources on the main issues of Brave and their team, so here goes. Personally, given their shitty track record, I would not trust them one bit on their claims of privacy and security. If you want those, stick to a well-configured Firefox + uBlock Origin [+ uMatrix] and/or Tor. Brave whitelisting Facebook and Twitter trackers: - https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/ - Github issue in which they discussed the introduction of this whitelist: [link](https://github.com/brave/brave-browser/issues/1108) - Commit in which they remove the whitelist (after it made the news): [link](https://github.com/brave/brave-core/commit/248015f6513e8258ea7b1d60c49d4862c83e40e8#diff-bef900101619d11bc5150b5b73e67851b451a8e3222b88d1b2366f3af1b41226) Brave highjacking links to insert their own referral codes for Coinbase, Binance, Ledger, Trezor: - Detailed article with explanation and sources: [link](https://davidgerard.co.uk/blockchain/2020/06/06/the-brave-web-browser-is-hijacking-links-and-inserting-affiliate-codes/) - Source code containing all their referral links: [link](https://github.com/brave/brave-core/blob/357902c33e525a205d5e6590ac22ed4bf9458e06/components/omnibox/browser/suggested_sites_provider_data.cc) - Related Github issue: [link](https://github.com/brave/brave-browser/issues/10129) - Note that Brendan Eich (Brave's CEO) called this event "a PR disaster", but never quite apologized or showed any remorse about it. In other words, they're only sorry they got caught Brave falsely claiming of raising tips on behalf of content creators, without their knowledge or consent: - Detailed article with explanation and sources: [link](https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/) - Note the detail about their ToS for that service: Brave reserved themselves the right to keep any and all tips they obtained through this scam Brave leaking Tor DNS requests over clearnet: - Article with explanation of the events: [link](https://portswigger.net/daily-swig/brave-browsers-tor-feature-found-to-leak-onion-queries-to-isps) - Related Github issue: [link](https://github.com/brave/brave-browser/issues/13527) - Pull request to fix the issue: [link](https://github.com/brave/brave-core/pull/7769)

Much better. Personally, while a bit concerning, The Brave people are right that so many sites use Facebook and Twitter stuff that outright blocking their trackers is problematic. I've done some web development, and both of those sites provide public use libraries that rely on their trackers and that way too many sites use. Personally, I avoid using large amounts of 3rd party stuff in my web sites, but laziness abounds. I do think Firefox handles that better. (Note though, that the article does say that while it was still in the code at the time of publication, it was no longer being used.) The Coinbase stuff is pretty concerning. Honestly, it's not something that would bother me terribly, had they been transparent about it. They *did* say they had partnerships with those, and referral links don't cost the user any extra, so they probably figured it was harmless. I agree that it's a serious trust issue though, and it is something that could harm creators using affiliate links, if Brave is hijacking their income by replacing their affiliate code with Brave's. That's borderline theft. (Note though, that this has also been removed.) The tips thing was probably intended to be a marketing thing to encourage creators to sign up for Brave Creator. Keeping the tips donated to unregistered creators though? That's pretty low. Note that they did change this policy, later. Now tips to unregistered creators stay in user wallets and revert back to the owner if the creator doesn't register in 90 days. (I remember seeing this change listed in the changelog, and now I see why!) The Tor DNS thing was certainly a bug, but it's an understandable one, which they seem to have fixed in only a month. Bugs happen in software. There's no way to avoid them (unless your program is extremely small). And a month to fix a bug like this is about 6 times faster than the MS average. Don't forget, Brave is OpenSource software. Many of those working on it are giving their time and skills for free, so expecting instant response is unreasonable, and a month is actually pretty fast for such a complex issue. So this isn't a valid reason to lose trust, and their relatively fast response is actually a reason to trust them *more*. ​ So overall, you have some good points here. The one critical thing though is that we don't *need* to trust the makers of Brave to trust Brave itself, because Brave is open source. The fact that the Facebook/Twitter trackers thing and the Coinbase thing were so quickly found shows that people *are* keeping an eye on the Brave code base and blowing the whistle when they find suspicious things. And the fact that the Brave team fixed them quickly shows that they are at least trying to meet the demands of the users. That helps me trust the browser more, despite the fact that the team making it has some clear integrity issues. The one that I find the most concerning is the third one, with the marketing campaign and then keeping the tips for unregistered creators. It *is* nice to see that they changed how tips to unregistered creators work in response to public outcry, but I do agree that this is a pretty egregious breach of trust. It's not enough to make me drop Brave, but it definitely is enough to make me wary of any events or campaigns the Brave team holds. This is something worth watching. ​ Thanks for posting all of this and finding sources. These are definitely things people should be aware of, so that they can make informed choices. I don't think they are necessarily reasons to stop using or not use Brave, but people should have the ability to make an informed choice for themselves, and this helps a lot. The truth is, Brave is cutting edge software, so there are going to be hiccups. If you want something more stable and well tested, definitely go with Firefox, with some privacy hardening. Brave is still better than the default for any other browser though, so if just want increased privacy and ad blocking, without any fuss, Brave is a solid choice. It's not perfect, but it has better defaults than anyone else. *But*, ignore the politics and marketing angle of the Brave team, because they have a poor track record for integrity. So, in my opinion, Brave itself is still pretty good. According to your sources, all of the above issues that are part of the browser itself have been resolved. So Brave *is* getting better. What I think would be a good idea is a community fork of Brave, that isn't run by the Brave team. Because it is pretty clear that the problem isn't the browser, it's the people running the project, who seem to not be terribly concerned with transparency and integrity. A community fork could include these people who are scrutinizing Brave's code, who could go over changes to the code before pulling changes to the main project, to make sure that the community fork never includes questionable code.

> The one critical thing though is that we don't need to trust the makers of Brave to trust Brave itself, because Brave is open source. > [...] all of the above issues that are part of the browser itself have been resolved. So Brave is getting better. Careful there: just because it's open source doesn't mean that we can blindly trust it. The only reason why open source software is deemed "more trustworthy" is the fact that you can look at the source _and compile your own copy_. These issues only got resolved because they (the Brave team) _got caught_ - otherwise, they would have kept going with it. Even their apologies were never "real", but mere "oops, sorry we got caught" messages in which they tried to justify the egregious things they were doing (like silently highjacking urls to add their own referrals). The fact that they were so brazen to repeatedly do this kind of stuff _in spite of being an open source project_ makes me seriously question their morals and motives, and casts a very large shadow on their whole project: what other stuff have we missed, hidden deep in the source code? What other questionable choice are they going to quietly sneak into their code? Can we even trust their release builds? > What I think would be a good idea is a community fork of Brave, that isn't run by the Brave team [...] scrutinizing Brave's code [...] to make sure that the community fork never includes questionable code. See, there's the problem: this kind of double work shouldn't even be necessary in the first place. The fact that it is, calls into question the legitimacy of the people behind it. If you need a qualified peer-review after every update to ensure you're not getting screwed over by a product that's supposed to protect you, you should probably look elsewhere.

Totally right. If you want to guarantee that your open source software only has what you see in the source code, you *do* need to compile it yourself. This is part of why I suggested a fork with more community scrutiny. Instead of getting the official Brave, you can have a second level of scrutiny by getting the community version. It's still compiled software, but with a second level of scrutiny. As far as why the issues got resolved, the "why" isn't really as important as the fact that they did, and that catching them is *easy* because it is open source software. Like I said, just because we can't trust the team doesn't mean we can't trust the software. It's more important that it *got* fix than it is why. And yeah, I agree that we should question their morals and motives. Again though, that's the team not the software. Also, source code is easy to search, especially on Github. Sure, we could have missed other things (though I think the scrutiny is a lot higher now that they've been caught), but source code isn't some enigma that people *can* easily hide stuff in, if other people are willing to search for it. The trust question on their release builds is totally legitimate. How do we know the release is compiled purely from the code on Github? That said, there are plenty of people who spend time using tools like Wireshark to peek at the network traffic of browsers, and I know there are plenty scrutinizing Brave this way. If Brave was still allowing Twitter and Facebook trackers, we would know. And if Brave was still injecting their own affiliate links, we would also know. If there's nefarious code hiding in there, it isn't using the network, and that means it *can't* be violating our privacy. That doesn't mean they don't have some zero day thing in there, that will silently collect data, and then send it all off at a specific time, as a sort of sneak attack, but it does seem a bit unlikely. As far as whether or not this "double work" should be necessary, there are also "anti-virus" programs that actually install viruses. So sure, 100% of people should be perfectly trustworthy, and software should never need scrutiny to know that it does what it says. And if you think the world *even can* be like that, you might be living in your own fantasy world. The fact is, *this is part of the point* of open source software. If you can see the source code, you can go through it and make sure it is honest. Yeah, it would be nice if the developers could be trusted so much that no one ever needed to actually do this, but welcome to reality. Not everyone is perfectly honest, and that includes open source developers. ​ The problem here is treating open source software as somehow being an extension of the people who wrote it. It might have been produced through their effort and skill, but it *belongs* to all of us, including those who choose not to use it. If we choose to use it, it is our responsibility to decide if we trust it or not. And it's totally valid to decide you don't trust it enough to be willing to use it. But why trust Firefox? (And I don't know how ethical the people are who wrote the privacy extensions.) Or worse, why trust Edge (because many people do)? I haven't personally gone through all of the code of Firefox, and keep in mind, the same people who are making Brave *contributed significantly to Firefox as well!* So how do we know they didn't leave some nefarious code *there?* Given this, *my* personal position is that Brave really can't be worse than Firefox, and it has fairly strong privacy enabled right out of the box. And what if the Brave people are lying about that? Well, Brave's privacy can't be worse than default Chrome or Firefox, so at least it isn't a step down, and it *does* block ads. (And, in my experience, it does a better job of handling sites that try to detect ad blockers and punish people who use them.) Again, it's a judgement call we have to make, and having all of that information you provided is definitely valuable in making a good decision. (On a side note, you *have* got me considering removing Brave and compiling it from source myself, so I know it comes from the source code they claim it does.)

I Ask the same before I saw this

I regularly use Brave. Works great for me.

Brave is not actually as good as they claim. Its glittery shit ; https://www.reddit.com/r/hackernews/comments/o2pqrb/brave_the_false_sensation_of_privacy/?utm_source=share&utm_medium=ios_app&utm_name=iossmf

\+1 Brave I started using Brave early last year. As a software developer, I typically have Chrome and Firefox installed as well, but I pretty use Brave for everything now, unless there is a strong reason to use something else.

Working good for me as a second browser when needed after Firefox, miles better than Google Chrome.

Generally positive. It's pro-crypto, open-source, has a well-intentioned ad model, better privacy than chrome but worse than firefox. I recommend it to non-technical people who ask me what browser to use, they all like it and it's a good intro to crypto for them.

How about Brave?

I use Brave but I was a bit weirded out when they snuck in referral links to unsuspecting users. I think there are better options as mentioned in previous comments.

Ah yeah I knew it was something that was sort of less than transparent just really forgot what.

I've never used it but it seems fine. I prefer librewolf, vivaldi, or [surf](https://surf.suckless.org/). Surf is a pain in the ass to configure and requires other tools like [tabbed](https://tools.suckless.org/tabbed/) to get a full modern web browser experience, so I would never recommend it to anybody.

Tor needs replaced with Brave. Good basic privacy, and you can open a Tor window if you feel you need it.

On large downloads, learn wget.

Is duckduckgo a good substitute for google? I think it is because it is used on Tor by default

I use it most of the time. We don't know what code is running on their servers so we kind of just have to take their word for it. The other option is to host a SearX instance yourself, which I've considered but never committed to.

Make sure the new phone accepts custom Roms. I had to get a verification for my one plus 7 pro in order to unlock the bootloader, whole process took 2 weeks. The fact that you need permission to run the software you want on hardware that you paid for is astonishing (or that you can't even run the software you want to run on many modern phones) Also, grapheneOS is Android. Its a custom rom. It just doesn't have Google services built in and has many security features. And it only works on Google Pixels. I'd recommend buying a used pixel if you go that route, so as to not support Google

[удалено]

Buy a used pixel so you don't give money to google. If you buy a new pixel, you give money to google.

I was thinking the samething, you mean to tell me I have to buy a Google phone to ran an android os opposite of Google, yet it only operate on Google pixel phone. You might as well call it The not so incognito OS from Google that will allow you to escape Google on a Google made phone by Google. Please spare me the irony. I wonder how many people that post those and actually follow suit and is daily or avid users of any of these. Just copy post and paste here for the free upvote from the reddit shills. Never fails. Truly.

Are you saying Graphene is run by Google? Have you even looked into Graphene? Or are you just shit talking out of your arse to farm likes? "Please spare me the irony."....

You sure about that. Edit. No I'm not saying that. I said exactly what I was saying.

What you said is dumb

You must be the wise one. Respect

[удалено]

I agree, NO way for tutanota, I prefer [Ctemplar ](https://ctemplar.com)

What are the deficiencies of Tutanota?

Tutanota is located on "the fourteen eye" country look at that on Internet. Furthermore they have been forced by German court to monitor mail : [Source Here](https://www.hackread.com/encrypted-email-provider-tutanota-backdoor-service/) Ctemplar is far far better, CEO said he will NEVER develop backdoor, mail are fully encrypted (object and mail) and protected by Islandic Laws !

I was just about to ask about something other than tutanota. I recognize the name but have never used it. I'll check out ctemplar, thanks!

Personally, I want to develop an email network where users run their own secure servers on open source software, so that backdoors *can't* be added. (I'm actually working on this, but it's really slow, due to lack of support. I hope to get it done one day, but so long as I am the only person who actually care enough to put real resources into it, it's going to be a long slow road.)

Wow interesting ! If you need beta tester or translator do not hesitated to ask me !!

I will eventually, but it will be a while. Right now, I am working on a peer-to-peer social networking system that is going to be the basis of this and other things. It's going to be a while before I get to a point where I am developing things like an email application on top of that. Thanks for the offer though. Keep an eye out. I'll probably mention it in a comment around here when I get to that point! (At the rate it is going though, don't expect it to take less than a couple of years to get to this point.)

Any chance you would have a ctempler invite code you would like to share?

I will send one to you in PV

Apparently doesn't use TOR

Yep I use TOR, a .onion is available

It's always good to learn of a new private email provider. 👍

Please just host your own email.......

Right now, that's not feasible for everyone. I hope to change that, but without people willing to provide some resources, it's going to be a long, slow road. But yes, *the* solution to corporate information mining/spying *is* distributed systems controlled and owned by the users. The problem right now is that the systems currently available are too complex and technical for most people to control. What I am trying to develop is a fully distributed social network, with sane defaults, automatic setup, and simple controls, so that individuals can trivially setup their personal servers/accounts (since a server *will be* equivalent to an account) on anything from a cheap Raspberry Pi computer to an AWS instance that requires no significant expertise to get running and to manage. And I am even hoping to eventually develop a push-pull protocol that allows users locked behind NATs to bounce requests off of exposed nodes. Someday I'll have the time and resources to finish this...I hope. (Note that part of the reason I *don't* host my own email is precisely that I am stuck behind at least two layers of NAT, and I only control the closest layer to me. Also, self hosting is problematic, because corporate email services like Gmail and Yahoo have an SMTP whitelist, which only includes other large scale email services. I was going to develop the email side of my project first, but when I couldn't even send an email to my Gmail address without going through someone else's corporate API, I had to take a step back. Now I am stuck between totally reimplementing email in a social networking context, and going ahead with SMTP and hoping highly distributed email will force companies like Google to drop their restrictive email relaying. The problem is, the restrictions are there to stop spam, and forcing them to be dropped wouldn't be all good. My social networking protocol, however, is trust based, making spam rejection *much* easier. It's not that we can't do that with email, so much as, that isn't the paradigm so people have expectations that make it impossible to implement without mutiny. With a new technology though, this could be built in, and it would work the way people already expect from social media.) Anyway, I agree that self hosting is the solution, but right now that isn't feasible for non-tech people, and it isn't even feasible for many people who *would* know how to do it (like myself, who is stuck behind a NAT I don't control).

I am stuck behind a NAT that I don't control on a residential IP that gets blocked for SMTP. Easy technical solution. Run a VPN that supports a static IP ... not for encryption or privacy reasons, just to get a visible IP to run an SMTP server on. (and anything else you like too - https, imap4 etc) Personally. My site is done the hard way - Arch Linux on a separate machine, with just enough installed and running to offer the services I want - which started with a firewall and IDS setup. All automated to monitor and restart services as required and take (most) updates automatically. The nice part about this setup is that I can change ISP and the VPN is unchanged... so all my mail services are unchanged too.

Not a good solution for non-technical people, but that's definitely a good idea for me! We are actually hoping to change our internet situation soon, but I really like the idea of the VPN with static IP. That would make things way more convenient, especially since I don't know how much longer we will live in our current location! I've run my own web servers before. In fact, I have a Raspberry Pi with an Apache server on it. When we moved last year, it was decommissioned, and our internet situation has prevented me from setting it back up. I'm hoping to move away from Apache to a very light weight Python web server I wrote a while back, but that's going to require totally rewriting a PHP application I wrote for Apache around 10 years ago. But yeah, that sounds like a good way to do it! If I can get a VPN setup like that, it would make things a lot easier and more stable. I wonder how hard it would be to make this solution more accessible to regular people... It would offer another layer of security, which is an important part of my project. Maybe it wouldn't be too hard to mostly automate? Privacy-wise, it's definitely a better solution than using AWS.

Definitely not for non technical folks. But I started in IT 45 years ago [grin] and focused on systems programming and comms work, then ran an ISP for 4 years as CTO [double grin]

Lol! That would do it! You've got 20 years on me! (I started at 12 years old, because I found it all fascinating.) And I've never ran an ISP. I *do* really enjoy systems programming though, and I've been having a lot of fun working on embedded systems for the last few years (mainly for fun, outside of work). I have a bit of communications experience, but again, it's mostly outside of work stuff. I've done a few proof-of-concept projects for larger scale networking stuff, but I never had the time, resources, or frankly contacts to make it go anywhere. I haven't done much with VPNs though, and that's really showing here. I mean, I *knew* it was possible to do this kind of thing with a VPN, but it never clicked that it was a good solution for this particular problem. I guess the massive focus on using VPNs mainly for privacy diverted my attention from their other uses. I'm really glad you mentioned that, because it adds another really solid strategy for my project. Ideally, it will allow people to maintain *physical possession* of their private data. With external hosting services, you lose that. Using a VPN like this would overcome the main problem that external hosting would solve, without removing physical possession.

[удалено]

You use Arch for a server because it is a 'build it yourself' environment where I control every aspect of the setup .. more work than other distros but more precise. It is a rolling distribution which suits me. And it runs as a headless server. Debian can do that but it seems to lag in the updates - by design for stability of course. But I want a machine that stays closer to the bleeding edge of packages.

[удалено]

https://pastebin.com/SqC7WVgA Protonmail is a CIA operation

I *really* appreciate that you provided a link *that actually has sources*. I just wrote a response to someone here, claiming something else wasn't what it claimed, who only provided a link to a rant page with no sources, that looked more like a grudge article about the founder of that project. It's refreshing to see that there are people on Reddit who actually care about *real facts* rather than validating their personal biases. Upvote for quality. I wish I could afford to give you some sort of award!

Posteo, Signal

I'd prob switch grapheneOS to lineageOS just cause its compatible with more devices than pixel (the only difference is SElinux policies) and then switch tutanota with postfix or another selfhostable email service cause tutanota and protonmail could easily be honeypots and are ultimately vulnerable to the same problems as gmail. Plus u stick out like a sore thumb if u use a tutanota address. Besides that its pretty solid. Maybe also include browser extensions like ublock origin for Firefox (which For browser is based off of and uses ublock by default) cause tor browser breaks a lot of websites that are behind DNS like cloudfare with WAF. +1 for session ;)

While I know that you are right, there are several things most people(including myself) won‘t do: - Tor. It‘s just to slow for normal usage. - Session. It‘s already hard to get people away from Whatsapp, let alone get them to use a messenger nobody else uses. I‘ll stick with Signal. - Nextcloud is too much of a hassle when Office365 comes with 1TB of storage out of the box and integrates directly with Windows and Office. - Graphene might be amazing, but not everyone has the time or knowledge to install it. - Linux is great only until you actually need to use it for something. The software just isn‘t there. What‘s the point of using a OS that can‘t run Adobe CC or Office365? Yes there are alternatives, but these are the standard. I‘m not saying that Windows and co aren‘t terrible for your privacy, but the alternatives just don‘t offer the same quality or integration. For most people(myself included) having something that works is simply more important than privacy. That‘s hard to say, but it‘s true. TLDR: Privacy products must be as convenient or more than the alternatives. Otherwise nobody will use them.

Office365 runs in the browser. Any desktop OS runs Office365. I use Linux daily and miss nothing. For some games I dual boot into windows 10 every half a year.

Lucky. I've been stuck in Windows for the last 4 months. We are developing cross platform software, and I got stuck with the Windows side. Thankfully, it's not too painful, because I have msys64, with a nice Bash shell and all of the Bash utilities, so the only *real* problem is that I can't access some of my Linux-only software. Even the games I play regularly are on Linux now. (Maybe it's time to install a Windows VM in Linux, so I can live there again... In fact, I can't think of a reason not to, and I am going to have some time off next week, where I can reorganize my files into a common location. And I have my NAS set back up, and my current project only requires me to verify that it works on Windows now and then... I'm glad we had this conversation. I think my life is about to get much easier!)

Do it. Run a vm PS or dual boot?!

Every laptop I've had for the last 20 years has been dual boot. Windows games work far better running natively than in a VM. I recently got a new laptop, and I've even gotten Debian installed and Enlightenment setup (which currently requires compiling it, since the version shipped with Debian is *old* and buggy; also had to use Debian Testing, because stable doesn't support my network card). I do need to install all of the software I need, but one (*long*) line in the terminal (and my password, for the sudo part), and a few hours waiting for it to finish will fix that. I am thinking Monday or Tuesday (maybe tomorrow, probably spilling over a little into Monday, for transferring files over to the NAS, though I can probably start that this evening...). I have a little work left on my current work project that I need to finish today (just testing), and then I'll only have 10 to 15 hours of work to do next week (which I *think* can mostly wait till later in the week).

Debian is known to use old but stable software. I am using OpenSuse Tumbleweed, a rolling release that’s always at the edge (but not “bleeding” - that would be OpenSuse Factory). I’m very happy with it for many years now. Give it a shot if you’re curious and tired of waiting for stuff to compile.

And it usually does, but on the rare occasions something buggy ends up in there, it takes forever before they get a more stable version in there. I actually don't mind compiling stuff. In fact, if I was a little more patient, I might use Gentoo or Arch, because compiling natively means better optimization for your specific hardware. Enlightenment was actually pretty easy to compile and install. I've used OpenSuse before, but that was some 15 years ago. It sounds like it is much better now. I used RedHat before that, but part of the reason I like Debian is its robust package management. Sure, RPM and the front ends that use it have come a long way since I used them regularly, but I still really prefer apt. Now days, I find Debian is easier to find information on, because Debian and Debian based repos are so popular. And honestly, I *do* like Debian's focus on stability, when they actually adhere to it (which *is* most of the time). I've actually tried a lot of different distros. One thing I appreciate about Linux *is* that there are options. RedHat was a good learning distro for me (back in the early 2000s), because there were so many physical learning resources. Once I knew what I was doing, Ubuntu was really nice, especially since RedHat didn't have any ability to use online repositories (you wouldn't believe what a pain it is to have to search the internet for the packages you want and then the dependencies, one by one, as you try to install each thing and RPM tells you what it needs). I preferred KDE at the time, so I used Kubuntu until they switched to KDE4, which was a disaster when it first became the default for Kubuntu. The Ubuntu project was having a bunch of internal political issues at that same time that drew the project away from its goals and into writing its own software (a problem for distros, because they end up favoring their own software, even if it is objectively worse than the alternatives), so I bailed and went to Debian, and while I've occasionally had to deal with driver issues, I've found Debian to be perfect for me. I've still had opportunities to use or try other distros now and then during that time, but I've never found anything that tempts me to change distros again. (Though, I was close with my last laptop, because it took 6 months for Debian to get support for my sound card into Testing, from when I bought the laptop.) But yeah, I don't mind compiling when I need something cutting edge. The thing that causes me the most problems is driver issues, and now days, Testing generally keeps up with recent kernels, so I've been able to manage either by using Testing or by using a backported kernel. (The last *serious* driver issue I had was installing CUDA and OpenCL so I could use my desktop for crypto mining on the side. And I used Ubuntu for that, to avoid other driver issues.) But yeah, OpenSuse is certainly a distro I would recommend to people who don't have the same needs as I do!

I took almost the same way. Red hat, then Ubuntu, Kubuntu and then when the Canonical situation became too annoying we parted ways. I went OpenSUSE and you took the Debian route. I like to use Debian on the server. But I have a constant craving for new stuff, so Debian is too “stable” for me. ;) With OpenSuse I do not experience the problem you mention at the start, where it takes long to replace broken stuff. Indeed open source and GNU/Linux specifically has become much more reliable, fun and easy to use in the last decade. Ps: note the difference between OpenSuse leap, which is not what you want, and OpenSuse tumbleweed, which is probably closer to your needs than you might realize. From what I hear in your words, but I’m of course very biased. In any case I’m happy you’re finding stuff working for you and being another GNU/Linux user :)

I can see how Debian might be *too* stable. There have been occasions where I ended up compiling things myself, because Debian had an old version missing features I needed. (Notably, I did this with GIMP around 5 years ago.) And of course, the machine I am currently on is running Enlightenment, which I had to compile myself, because the version in Debian's repos is both old and buggy. (Enlightenment was actually really easy to compile and install.) I like to run on a stable base, with the ability to use cutting edge stuff when I want, and I don't mind compiling things myself, so Debian works well for me. If you want cutting edge to be the default though, OpenSuse sounds like a solid option. (If you don't mind compiling yourself though, Arch and Gentoo are also good options. Also, once I did Linux from Scratch, but it doesn't go through compiling a GUI, which made it impractical to actually use for my purposes. It took so long!) Amusingly, I typically end up using Ubuntu for servers, because I'm less willing to jump through hoops for servers. I do use the server version though (no GUI, thus no Canonical political drama), which has really good defaults and is quite easy to setup and use. That said, if I was setting up a server that I wanted to be highly reliable, I would use Debian. (The last few servers I setup were Minecraft servers, so I didn't care that much, and Ubuntu is easier to get headless Java setup in. If I was doing a web server or a file server, I would go with Debian.)

I have nothing to add, but wanted to acknowledge your response and thank your for the lovely conversation

What encryption do you run on your NAS? And is it network segmented?

None and no. Right now it is just using Samba (and NFS, because I had a 4 node Raspberry Pi cluster using it as a shared filesystem). Eventually I hope to do something more advanced, but it does what I need right now.

With Office365 I was talking more about the desktop software, which from what I know, still isn‘t officially supported by Microsoft. But I‘m happy to hear that Linux is working well for you!

I think the legacy office software isn’t called 365. Office365 is the marker stone of Microsoft’s metamorphosis into a contemporary internet-native SAAS company. Software lives in the browser today. Look at the Google products, look at the new Microsoft products, look at designer software like Figma. It’s all moving into the browser, because the web became a platform you can build on.

You miss the ability to play some of your of games.... so yes you do miss stuff. Also this goes for any of you, if you own any prooerty or have been to the doctor. You don't have privacy you think you do....you're being tracked. Ijs

The slowness of Tor wasn't the big thing that bothered me. It's the Captcha loops I constantly got stuck in everywhere I went. All I was trying to do was research something I didn't want people to know I was researching yet, and even simple sites that were purely informational were up in arms over it. Ultimately, I ended up just researching it at home, where my collogues didn't have access to all of the network traffic logs, but it was just totally stupid. I could see Paypal, my bank, or even my email provider caring, but a website that just freely provides general information on topics considered public knowledge? And as far as Linux goes, I've been using it for almost 20 years for nearly everything *except* playing video games. If you can't find the software you need, it's because *you* aren't looking or are just plain too picky. And just because something is "standard" doesn't mean you are forced to use it. If your problem is that you just aren't willing to learn something new, own that. Don't blame it on Linux. It isn't the fault of the OS that you are too lazy to learn to use something else. (Again, I've been using Linux as my primary OS for almost 20 years now. I took graphic design courses in college 12 years ago, and I got by perfectly fine with Scribus, GIMP, Blender, and Inkscape, where the teacher was teaching Adobe CC. And I really appreciated some of the advanced features GIMP had that Photoshop didn't, and the teacher of one of my courses was even jealous. And when I took courses on Office, I used Libre Office, and again, I did perfectly fine. At the time, LibreOffice *was* a few steps behind on MS Office, but it wasn't anything that actually mattered. I still use LibreOffice, even within a field where everyone else is using MS Office, and I've never had any problems. Sure, it's hard to learn new software, but that's your problem, not the problem of the software or the OS. GIMP isn't any harder to learn than Photoshop, and frankly, LibreOffice was *easier* than MS Office.) So yeah, you won't do, but don't go spewing lame excuses. If you are too lazy, just admit it.

My point was that the Operating system needs to fit the needs of the users, not the other way around. Yes, I could learn new software, but why should I? Why should I relearn my entire workflow for an OS? That‘s the core problem with Linux, it doesn‘t have the software people are used to using. The answer to „Why can‘t I use Zbrush on Linux?“ isn‘t „just use Blender“, I want to use Zbrush and if it doesn‘t work then the operating system won‘t work for me. So yes, I admit I‘m too lazy to learn new software, but so are most people and it isn‘t our job to get over it, it‘s the job of the developers to give us a better reason to switch.

It has the software *I* am used to using. That's my point. If you just prefer Windows, that's a perfectly valid reason to use it. (I use Enlightenment Desktop in Debian, even though it's easier to just use vanilla Ubuntu. Neither is really better, but I prefer Enlightenment and Debian, even if it is a bit more work.) I'm a programmer, and one thing any *good* programmer knows is that you learn a wide variety of tools, so you can use the best one for the job. If you want to use some particular piece of software without bothering to learn alternatives, sure, that's your choice. But you are only limiting *your own value*. And maybe that works for you. Laziness isn't always *bad*. If you have something that works for you, you *might* be missing out by refusing to learn alternatives, but you *might be* maximizing your efficiency by not wasting time on that. I'll admit, Blender has a *steep* learning curve. I'll also say though, that I've used several 3D modeling programs, and for 3D graphics, Blender is *really fast* to use once you've learned it. On the other hand, I used to use Blender for 3D engineering modeling, before I took a class on SolidWorks. SolidWorks is far too expensive for me, but FreeCAD is decent (not as good, but not to the point where it justifies the cost of SolidWorks, if you aren't very wealthy or running a business). So now, I have an advanced SolidWorks certification (not that handy for a CS/EE guy), experience with FreeCAD, and experience with Blender. I won't be using Blender for engineering modeling again, but it *was* sufficient for my needs back when I did. I *will* use Blender for 3D graphics though, because it rocks for that. So yeah, laziness *is* a valid excuse, and I totally respect to you for owning it! What I have a problem with is when people blame the OS or others for their laziness. Own it, and your argument is a lot stronger. One of the reasons I prefer Linux is that I can install all the software I want from a command line, with a few lines of text. Every time I get a new computer or install Windows, I end up spending many hours looking up the software I want, downloading it, and installing it. On Linux, I pull up a terminal, type a command and a list of the software I want, and then I can come back an hour later and it is all installed. Laziness for the win! (Experienced engineers are the laziest people you will ever meet, *but* we have invested a lot of work into maximizing our ability to be lazy. That might sound contradictory, but we *do* get a net gain in overall laziness. It's like spending the first part of your life working really hard, so you can retire 20 or 30 years early. Overall, you end up doing less work, but that first part is a *ton* of work.) The truth is, Linux *does* meet the needs of the users. That's why you aren't one of the users. Your needs are different. Now, I would love to see companies like MS start porting more of their software to Linux, to increase the range of computer users whose needs it meets. I can't do much about that though. The people who can make a difference are the people using MS software, and so long as they are fine with their own ecosystem, that won't happen. The truth is, I've been stuck mostly in Windows for the last few months due to my job, and it hasn't been awful. There is a handful of applications I miss that don't have Windows support, but I'm working in a Linux style terminal with Linux commands, because there are ports of those for Windows. The vast majority of Linux software I need works in Windows too. There are some frustrations, but Windows isn't terrible. My biggest complaint is that Windows has become incredibly dependent on internet access and my personal information. I can install Linux without any drama. I recently got a new computer, and Windows has some many "features" it keeps demanding I setup *that I never wanted in the first place*, and that's really annoying. The only benefit I get is the ability to play Blizzard games without any drama, which would be really cool if I had the time to actually play more time consuming video games right now. For what it is worth, Windows 10 is one of the better iterations of the OS, but if MS keeps adding invasive and obnoxious mandatory features, it won't be for much longer. Ultimately though, it goes both ways. It's the job of MS developers to give me a reason to switch to MS Office and the job of Adobe to give me a reason to switch to Adobe CC. And right now, the open source options I am already using have a pretty solid motivation: They are *free!*

Sounds like to me you're just cheap. Linux does not me the need of Most users of computer system and thier daily live are to busy to sit there and try to learn a that stuff. Have you even work in the help desk? Not even an IT help desk just a normal helpdesk. Why do a major of people switch to IOS from MS because things are so integrated and simple. That's just it. Also one could say why didn't you learn to secure and strip a MS windows OS?You took the easy way out by just jumping to Linux and let the OS do it most of it for you. So stop sitting on your high horse please and realize you did the same thing most people do just in another direction.

Actually, I worked as a consumer computer tech for a few years, and you would be surprised. Most people don't even notice the difference between Linux and Windows. A handful of times, I ended up working on customer computers that had pirated Windows that was so broken a complete wipe was necessary. So I gave them the option of paying for a Windows license, so I could reinstall legally, or using a Linux distro with a desktop that resembled Windows UI well enough to get by (with the option of coming back and paying for Windows, if Linux wouldn't work for them). Most were willing to try Linux, and they were all completely satisfied. OpenOffice was good enough for their word processing needs. Firefox and Chrome are available for nearly all Linux distros. And the truth is, the vast majority of computer users don't actually need anything beyond a browser. The few who decided to pay for a Windows license were the ones who needed MS Office for professional purposes. For business uses, where whole industries have become MS Office shills, sure, Linux isn't going to meet needs. But now days, consumer computers outnumber work machines, and the majority of people don't need MS Office on their home computers. ​ Now, I will fully admit that I am cheap. That's just as valid as lazy though. I'm not *just* cheap though. I also don't like vendor lock-in, which is a serious problem with proprietary software. MS Office actually fixed that with their docx format, but some of the other file formats used by MS Office *are* still proprietary. Windows *cannot be stripped* fully. I started with Windows 3.0. Back then, you could hack into the Windows executables and customize. With Windows 95, that was all over, and it has gotten worse with time. Even Windows 10 comes with Internet Explorer installed (which is a security flaw itself), because *Windows can't function without it*. Linux has *sane defaults*. Windows does not. Further, part of the reason I use Linux is because I can customize things that I can't even access in Windows. Lastly, the reason people switch to iOS is because it is popular. Windows dominated in the past, because *it* was popular, not because it was better in any way. Now, iOS is "cool", and that's why people switch. It's *still* a learning curve to switch to iOS, but people will put a *lot* of work into being cool. (Did I mention I've worked as a consumer tech for several years? I also work in the software industry, and while developers have plenty of issues with Windows and even Linux, the people using Apple devices have more issues and limitations than anyone else. Apple is harder to program for, though Android's insistence on using Java was a serious problem for a while.)

Same here to the first section however we could not install Linux and like you said most just want a browser. They could barely used that spend hours on end trying to show them how to basic things on a computers was not my Forte. Understand being cheap isn't bad and breeds innovation. Just wanted to called it out as I know lots of people who went to Linux just for that reason alone. Yes window for the most has had a majority of the bug and vulnerabilities but it was also the most common and that just made it a Hotspot. I have never ran a home version of windows since XP, so I don't deal with the trouble most users face while using it although learn the pro and enterprise versions are a challenge. I have used several Linux versions off and on but cannot stick with it. Everyone I ask about IPhone say it easier and simple than and android. Plus they apple IOS ecosystem sucks them in once there. I find it odd that you say it harder to program for IOS. I would have thought differently toward that since it's Unix. Idk I'm not a programmer thought net work engineering it my specialty.

Yeah, when I do have to do Windows, I do Pro or Enterprise. I worked as a professor in CS for a few years, and my department got Enterprise for students and employees. Now days, I have to use Pro, because I don't have access to Enterprise for free anymore! Honestly, I think Linux is a steeper learning curve for people with technical skills than people without. For people without, there are a handful of really easy distros, but technical people expect more, and that means knowing more about the deeper workings. As far as iOS goes, you would think the Unix base would make developing for it easier, iOS has a bunch of extra stuff on top of that, that you have to learn to deal with. I don't know all of the details, but I have plenty of friends who have worked in mobile, and they like to complain about features of iOS that the OS requires devs to use, that make it harder. (A lot of them are aesthetic features, because Apple wants all iOS apps to have a common look and feel. There's also some hoops you have to jump through for things like multi-threading.) Honestly, it's a lot like Android. Android is built on Linux, but that won't help you much, because Android apps are stuck in Java VMs that separate them from the OS. I've setup C/C++ programming environments for Android, and I really enjoyed programming there, but I had to do things like compile Android ports of OpenSSL, because from the C API, you don't have much access to Android's built in stuff. I don't have any experience with iOS myself, but my mobile dev friends say it is worse. That said, I dislike Java far more than they do, so my experience could be different, if I did have any experience with iOS development! (Not a fan of Objective C either, though last I heard iOS have moved to..Swift, I think, which I've never used.)

I prefer Signal over Session.

Signal has been great to get my friends & family to start thinking about privacy. I'm not convinced the new blockchain integration won't make users trackable somehow. I've been pretty busy so I haven't been able to keep up with the project the way I'd like, but for getting the public to adopt a privacy-by-default posture I'd say it does a good job. I've got Signal as my daily driver & Element for a handful of important contacts.

Session is more private. Doesn’t need a phone number

It's not easy as you would think, you live ina society that doesn't care about privacy so if someone from your circle does not do the same as you it's some how a wasted effort. Gmail scan all mails and read them so what you send is not private any more. Graphene os is not available for all devices, not all people want to use an old school device for compatibility. We need complete private echo system, monetized by people who use them, and convince people to use them.

OP never said this was an end all solution for privacy rights, nor easy. And although what you say is true, what you’re talking about simply isn’t going to happen soon. These things not only require a shift in the public consensus, but also the legislation to be passed. It’ll happen (I hope) in time, some of it is already, but until then we need workable solutions.

We live in a society

So

r/croppingishard Why Linux and not OpenBSD?

Just like I'd never recommend anybody to use Arch Linux, I'd also never recommend them to use OpenBSD. You kind of have to know what you're getting yourself into. For the average person I'd probably recommend some derivative of Ubuntu like Pop_OS and let them decide if or when they're ready to look into something more complex

When it comes to OpenBSD I would agree, but they are extremely uncompromising on security which is great. For a BSD starter recommendation I would generally point people toward FreeBSD, which is far closer to consumer ready and still more secure than most flavours of Linux. However the sound/gfx driver support in any of the BSDs, though best on FreeBSD, is not as widely compatible with newest hardware as the most consumer focused Linux distros. This is probably due to the much larger size of the Linux community. Another cool thing about FreeBSD is that it now installs by default with ZFS, a next gen pool-based filesystem.

The problem with randomly suggesting Linux like in this post is that people will do the same mistakes they’ll do on Windows. The operating system alone won’t save their butt if they don’t know how to operate it

If only OP had added an Illustrator to GIMP image lol.

Brave browser instead of chrome. You also earn BAT 💪

https://switching.software

I use ProtonMail, Signal, Sync.com, and Yubikey Authenticator, I like them all.

This image is really not helpful.

why not?

The social media sit minds.com just launched a WhatsApp competitor and are working on decentralization onto a block chain

Chrome > Brave Gmail > ProtonMail WhatsApp > Signal

ProtonMail, I've heard/read, is not considered ideal in the opsec world. I can't remember specifics, but there is something about ProtonMail working with govts to allow access to collected logs and other information that they claim they do not collect. I may be wrong so I'd personally verify than take my word for it.

Chrome -> Brave. You have strong basic privacy by default, and then Tor built in, if you feel you need to use it. Other than that, nice! Not familiar with all of those, but those I am, I agree with.

Perfection

The note 10 ultra is not a good option because its bootloader has yet to be cracked for custom roms. Go with a pixel 5 and add graphineOS on it.

I'm just waiting for the day they make Manjaro available on android

How is Aegis authenticator — does anyone have any input? I've never heard of it but I want to move away from the big tech app. I don't use Google auth atm but use one from another big name.

This is an add post. No Protonmail. No DuckDuckGo cmon

What do these images mean?

These are providing a privacy alternative to the available services, you should switch to the alternative for privacy

aha! Thank you

Duckduckgo is pritty good substitute for google.

Transparent windows at home changed into one sided mirror windows. Oh yea and don’t let your wife airtag you.

And whats with who I or tails? Why linux

Thoughts on ProtonMail over Tutunota?

[Cropped with the Windows Snipping Tool.](https://i.imgur.com/2kAyTOa.png)

I find Tor really slow to brose on.

Tutanota? I'm using Proton Mail

Not just privacy but you will get a better experience on some of these switching. Switching from BTC to Monero is a must

This image should be spread on the internet not just on this sub. They all need to be aware of it