On 170115-14:23+0100, meino.cra...@gmx.de wrote: > Hi, > > while trying to setup a better environment for online banking, > I wanted to make my daily Linux environment also more secure (in the > sense of keeping my digital footprint as small as possible). > > I read some informations on the internet. > Conclusion: Its more private to hide in the mass as > to be the only one, who is able to keep all information > off the internet -- which is remarkable unique -- > you are putting a label with your name right onto > your fronthead just before entering the digital world > of surveillance. > > I did not tried to do the same with PaleMoon which > I did with Firefox since the amount of compatible plugins/extensions > for PaleMoon is quite small and I still cant use NoScript with PaleMoon. True, quite small, still. And growing slowly. But just wait to learn more...
> Two sites I found on the internet, which are quite handy to > check what the current browser is submitting: > > https://panopticlick.eff.org/ > and for more detailed results: Didn't know about the this one: > https://anonymous-proxy-servers.net/en/help/security_test.html > (the presented results on that page are examples. Click > "Check it!" on the upper right corner of that page. If a > authetication dialog pops up, click it away and click > "Start test" on the page.) > > The results of the modification and addons I added > are shown in the attached images. > > I removed the informations of my ISP and IP-address. > > If there is an interest of what I did I would be happy > to describe it...but there is a problem of the memory > footprint... I don't understand what you mean by the "problem of the memory footprint". I've limited time to delve into this issue, but I suggested to you that you "just wait to learn more". Here's a post in reply to my long standing query, which is just abounding with information I'm sure you'll find you don't want to miss: Tracking protection and NSS SSL secrets logging (two security questions)? https://forum.palemoon.org/viewtopic.php?f=26&t=12544&p=103747#p103695 Just two of the links (they're really several links there, most all relevant, none mentioned yet in gentoo-user ML, and I've been reading/skimming pretty much faithfully)... [Just two of the links] (that may even be linked from some of the links therefrom), first: http://www.ghacks.net/2017/01/05/browser-autofill-data-may-be-phished/ (yes, it's kind of a referred link, it's from: Autofill vulnerability https://forum.palemoon.org/viewtopic.php?f=4&t=14425 ) And second... Which is also something related to memory, but it's not about memory footprint that is not clear what you mean above. Latest Tor Browser Exploit Shows Firefox's Urgent Need To Increase Security http://www.tomshardware.com/news/tor-browser-firefox-security-defenses,33117.html which somebody should tell the author that it's not "user-after-free", the bug, but the bug is "use-after-free" bug. Just the kind of bug that was strongly suspected, either that or some race condition, by probably the top world expert on security in this Gentoo bug: =sys-kernel/hardened-sources-4.7.6: Kernel panic when starting KVM guests https://bugs.gentoo.org/show_bug.cgi?id=597554#c16 (in the end it appears to me, the bug shows how virtualization people want unfettered use of sysfs pseudo filesystem... Be sure to read also why sysfs should not protected: https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Sysfs.2Fdebugfs_restriction Good luck with anonimity using virt stuff!... To myself I wish good luck too, because I have no option either... ) I remember you said you had Secret Agent Spoofer[1] addon installed in Palemoon. I'm checking the traces (which is arduous and very time-consuming work), as it appears that one was _the_ bad addon, to me. And it might be what spoofed you from Palemoon... I can say that I was finally able to log into Palemoon forums (I posted in the link "...NSS SSL..." above) right after I removed that addon, and also I was able to subscribe right away to: https://lists.gnu.org/mailman/listinfo/bug-wget which I had tried quite a few times previously, with Secret Agent Spoofer installed, to no avail. Took me long time to write this... Pls. see if I needed to correct, esp. any links, in the possible errata follow-ups of mine, sooner, or not-too-soon. Regards! -- [1] You wrote in Message-ID: <20170109163721.GB4970@solfire>: > Furthermore I installed SecretAgent, Encrypted web (replacement for > HTTPsEverywhere), Decentraleyes, CrushThoseCookies, CleanLinks and > Adblock Latitude (or: https://lists.gt.net/gentoo/user/321711#321711 ), where "SecretAgent" can only stand for Secret Agent Spoofer. -- Miroslav Rovis Zagreb, Croatia http://www.CroatiaFidelis.hr
signature.asc
Description: Digital signature
