idk why but putting the chrome logo here makes the browser look nicer TBH

@itzzenxx
>chrome

@getimiskon not chrome

@itzzenxx still chr*me though

@getimiskon TBH I'd use Google Chrome than moz://a firefox.

@itzzenxx both suck, but there aren't many alternatives, especially on BSD

@getimiskon fair, only those two really exist. Chromium sucks less for me, faster and much more stable.

@itzzenxx @getimiskon Both Firefox and Chromium have terrible UIs, but at least Chromium has a sane back-end and security. Firefox sandbox took way too long to roll out (latest ESR 91 doesn't even have it fully enabled!) and it's still broken, allowing cross-site leaks. Imagine being vulnerable to Spectre in 2022...

@inference @itzzenxx I guess I should disable javascript more

@getimiskon @inference I disabled JIT on my pixel 4a, my iPhone 12 pro, and my thinkpad.

removes so much attack surface from doing this lmao

@itzzenxx @getimiskon JS is bad, JIT is worse.

Yes, it can get worse. Why fuck yourself with JS when you can fuck yourself with natively compiled JS bypassing memory protections?

@inference @getimiskon happy that apple finally enabled the option to disable JIT on iOS, really makes me feel more comfortable using iOS whenever my android phone destroys itself (becoming more and more common thanks to the shit release of android 12)

I want a new phone but I cannot afford to pre order a 6a right now

@itzzenxx @getimiskon If I used an iPhone, I'd use Lockdown Mode just for disabled JIT. I already do on GrapheneOS and Chromium.

@inference @getimiskon I love how easy it is to do this. One tap of a button and you're set

https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/

@itzzenxx @getimiskon @inference A sophisticated cyberattack would involve much more. Let me just hit a switch and I'm definitely not going to be bothered by my other devices or the IoT at home. I wonder if they are still giving the information to the government. If one hits that button, I'm fairly certain the government will know if they are watching.

Gotta love apple for making it easier to stalk people and spy. They don't have a great track record for human rights.

@AmpBenzScientist @getimiskon @inference the people hitting that button are probably aware / don't own IoT devices. And this was released in the dev beta tree not even a week ago. I'm hopeful more features will be added.

Also assuming that they have bounties open encouraging people to try to break this I think they really are going in on this.

Or, you can try GrapheneOS

@itzzenxx @getimiskon @inference They've been known to screw over talented bug hunters. They will just release to 0day solutions again. Even if they didn't have a poor history with bug hunters, they don't pay anywhere near a fair price.

I have a Pinephone. I am responsible for how secure my system is. I don't daily drive it anymore because I have beta hardware which was later considered Alpha hardware. It only has thermal problems, poor battery life because the screen adjusts from off to painful to look at in full sun light. It runs full GNU/Linux.

It was development hardware and yes I helped.

I can flip physical kill switches. That's what real control looks like.

@AmpBenzScientist @itzzenxx @getimiskon Until you realise your attacker can just wait for a connection, unless you want your phone to be a permanent networkless brick:
https://madaidans-insecurities.github.io/linux-phones.html

@AmpBenzScientist @getimiskon @itzzenxx I wouldn't touch a "Linux" phone with a large barge pole when it comes to security.