Anyone know of an operating system/browser combination that’s actually safe to use on the internet… As in, it can’t read your whole hard drive and immediately rip off all your data?
Internet explorer is pretty safe these days.
the joke being all the spyware baked into O/S
1 Like
Are you distrustful of the browser or the scripts that it runs?
Linux/FF is a combo that’s treated me well over the years, but os is really not an issue here.
I suspect the problem might be more the scripts on websites, so you might feel safer with a browser that does not run scripts?
But that would break your internet experience, with no media, no 3rd party authentication, less interaction
or a browser extension that disables scripts.
Yeah. Ublock does a good job striking a medium of limiting scripts while not breaking the sites.
1 Like
Put it in a VM.
3 Likes
Kind of like suggested in Heims lovely guide! (Except I swapped umatrix for noscript)
1 Like
Or Tor on Tails? As recommended/used by Snowdon?
lmao!
Yea, OS/browser combined is key.
It’s really kind of ridiculous that this is something we as users have to ask about (I can’t believe it’s a thing). I don’t know about you, but when I started using the internet back in the 90’s it was never my expectation that “data rape” would be a thing that would enter my thoughts… oh, but it is! lol
If there was any modicum of standards around this kind of stuff, there would be a hard software or hardware wall between the activities of the internet and folks drives. I suppose that’s asking too much, maybe, lol.
Yea, web sites still need to work, though :-/… Why do I suddenly feel like a bad person for inquiring about a usable, practical, non onerous internet/software relationship? haha
You’re asking a question, nothing wrong with that. I’m just a bit grumpy today due to hangover.
Unfortunately, you can’t really have your cake and eat it too with a lot of sites.
Their TOS will explain what they collect, for the most part. A big thing you can do is block social media sites and integration services.
The problem is that, by using these sites, you have to agree to share a certain amount of data with them.
I would consider your comparison of information gathering to rape to be both extreme and inaccurate. You have the choice to walk away from a website that’s doing things with your data you don’t like. Rape, not so much. I’d appreciate if we drop the use of that term in the future, it’s a bit of sensitive subject.
2 Likes
QubesOS and use fresh “untrusted” browsers every time. You can use Whonix and TOR with QubesOS as well.
OpenBSD + Firefox. You can use something like IceWeasel if it makes you feel better.
Privacy Badger and Privacy Possum are a must if you care about this thing. You can use Ghostery but I find that those two do as good if not a better job. Ublock Origin is a must, as well, if you’re not doing it at the DNS layer.
1 Like
I didn’t mean to suggest that it was you that was making me feel like bad person. I actually hadn’t picked up on what you just mentioned.
I call it rape because I don’t feel like I have control over it. I can use websites that I must use to be a functioning member of society without exposing my hard drive to data harvesting, or have a very nearly impossible time functioning along with everyone else.
Agreeing to allow a website to collect information about me is an inescapable component to how web sites work, That hasn’t changed since the 90’s… It’s the “not being able to save anything locally I don’t want to share with people with no incentive to behave honorably” that’s analogous to rape, to me. I’m not giving consent for anyone to read the hard drive at all. I am implicitly providing consent for a website to acquire the data I input directly to that web site.
Is that difference more clear? I don’t hear or see anyone making this distinction anyplace, really. So far, I’ve seen a lot of focus on the trading of data among and between sites that has already been given by consent in one way or another, but not across internet domains.
This is confusing to describe, but I hope I’m being clear.
Rape isn’t lack of control.
1 Like
I think you’re overestimating how much data is available to a website.
I have to say, Qubes really sounds like what @hp185688 is looking for.
In order to read the hard drive, you need to do one of two things:
- open a file dialog and “upload” (either expose it to the local JS, or actually upload it to a server) a file to the website.
- give the script permission to access the filesystem, via a prompt. Similar to the one on this site that asks if you want to get desktop notifications.
Call it what you will. That’s not really the focus of the topic I’m trying to communicate.
How it feels to me is how it feels to me and there’s no changing that… which is the motive for the question, and the question is the focus of the topic…
It’s a topic that I doubt there’s an answer to, which is also why I ask. I’m looking for something that can work and isn’t onerous; something that’s as practical as possible to the point that it’s usable with minimum time/complexity,
Sites don’t need access to your HDD/cookies to identify you.
Even restricting what it can access, it can still identify your advertising profile to target ads at you.
“It” being google or Facebook or whatever.
Even if you don’t use the direct website, they can still build up a picture of your activities and likes, to tailor ads.
The more you block them from doing their job, the less contender you might expect from the web in response.
I say don’t worry, just try a little protection and enter the web with eyes open?
Yeah, it’s fairly modern these days too (Fedora + Xen + NAT/Internal networks)
2 Likes