Microsoft Edge 105.0.1343.42 Stable fixes 8 security issues

Martin Brinkmann
Sep 16, 2022
Microsoft Edge
|
40

Microsoft released a security update for the stable version of the company's Edge web browser. Microsoft Edge 105.0.1343.42 fixes eight security issues in the web browser.

microsoft-edge 105 security update

The security update is already available. Most Edge installations will receive the update automatically, thanks to the built-in updating functionality of the browser.

Edge users may speed up the installation of the update by loading edge://settings/help in the browser's address bar, or selecting Menu > Help > About Microsoft Edge alternatively.

ADVERTISEMENT

Edge displays the installed version and runs a check for updates. The browser should pick up the security update at this point and install it automatically. A restart is required to complete the process.

Microsoft does not reveal much about the security update in the release announcement on the official Deploy Edge website.

Microsoft has released the latest?Microsoft Edge Stable Channel (Version 105.0.1343.42), which incorporates the latest Security Updates of the Chromium project.

The security updates are not specific to Microsoft Edge, but affect all Chromium-based web browsers. Google released the last security update for Chrome on September 14, 2022. The update fixed 11 different security issues in Chrome, including several rated with a severity of high.

Microsoft patched the security issues relevant to the Edge browser. All Chromium-based browsers share a core, but companies may add features to the browser that are custom; this explains the difference in the number of issues patched in Chrome and in Edge.

The maximum severity rating of the issues patched in Microsoft Edge is high, the second highest after critical.

Edge users who want to know more may check the release notes on Microsoft's Update Guide website.

Windows users who have Edge installed on their devices may want to upgrade the browser as soon as possible, even if it is not the primary browser on the system.

Now You: which web browser is your favorite, and why?

Summary
Microsoft Edge 105.0.1343.42 Stable fixes 8 security issues
Article Name
Microsoft Edge 105.0.1343.42 Stable fixes 8 security issues
Description
Microsoft released a security update for the stable version of the company's Edge web browser that fixes eight security issues.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Allwynd said on September 16, 2022 at 11:44 am
    Reply

    Is this how ugly Edge looks like right now?! When did they start copying Firefox’ UI? ROFL Firefox is the worst place one should look for good design inspiration, let alone blatant copying. Firefox looked beautiful before version 4.0 released, now it looks like ass with fecal matter on it.

    1. Jody Thornton said on September 16, 2022 at 2:10 pm
      Reply

      I actually liked the look of the legacy Edge, with square tabs. I’m really big on putting tabs below the address bar, but only Safari allows that out of the box.

    2. Anonymous said on September 16, 2022 at 7:26 pm
      Reply

      Greetings from 2003, boomer.

      1. Allwynd said on September 20, 2022 at 11:35 am
        Reply

        @Anonymous,

        ROFLMAO… cringe.. fake and gay … instagram… tic tac … fortnite .. pediepie…

    3. Quibi said on September 17, 2022 at 9:31 pm
      Reply

      Yes, I concur. Those button tabs are the single worst design choice made in the last 20 years. They should publicly humiliate whoever came up with it at Mozilla. It’s sad that Microsoft is following that ugly design. Hopefully, it will never see the light outside of Canary. Edge’s tabs are excellent as they are right now.

  2. chesscanoe said on September 16, 2022 at 12:50 pm
    Reply

    I use Chrome almost all the time, but I like to have a current Edge available as well.The current .42 Edge update requires you to make some required answers carefully if you want to have things work as you want.

    1. John G. said on September 16, 2022 at 1:25 pm
      Reply

      What questions?

  3. Andy Prough said on September 17, 2022 at 7:17 am
    Reply

    So now Google has had to fix 36 different security flaws in September alone, and we’re only halfway through the month. Including at least one zero-day exploit.

    They really are trying to take up my challenge of creating and claiming to fix at least 100 security flaws per month.

    1. Iron Heart said on September 17, 2022 at 7:35 am
      Reply

      @Andy Prough

      https://madaidans-insecurities.github.io/firefox-chromium.html

      And that’s AFTER Firefox already fixed some issues like not being multiprocess. You are a member of the Pale Moon forum, Pale Moon still retains the issues from OLD Firefox in addition to that. Also, the Pale Moon codebase is not really being audited by third parties anymore. Tell me, what do you know about security? I suspect, nothing.

      1. Andy Prough said on September 17, 2022 at 1:58 pm
        Reply

        @Iron Heart –
        You don’t need to leave links to your favorite security bloggers when you respond to me – I read the academic research that they doesn’t bother to read. Which is one reason why I often recommend Brave for normies “who-can’t-be-bothered-with-browser-security-settings-and-yet-demand-perfect-security” (WCBBWBSS-YDPS).

      2. Iron Heart said on September 17, 2022 at 2:12 pm
        Reply

        @Andy Prough

        Which “academic research” establishes that Firefox is more secure than Chromium – in terms of the implemented exploit mitigations, that is? xD

        Would like to read your source on that one, otherwise I’d have to call you out on your bullshit here.

        A Pale Moon user (“Lunatic” level on their toxic forum, too) lecturing others about security, hehe. Something that you only get to see on gHacks, I suppose… Why don’t you return to the Pale Moon forum, the place where any reasonable discussion goes to die? Perfect environment for you.

      3. Andy Prough said on September 17, 2022 at 2:26 pm
        Reply

        Pale Moon is not a static old version of Firefox, it has developed along its own path. Martin Brinkmann is one of the only writers that has followed Pale Moon’s development, and Ghacks hosts a rich history of his writing on Pale Moon – nearly a hundred articles. Which is one reason you’ll find more Pale Moon users are Ghacks readers. So casually tossing out a “Pale Moon is static old Firefox” response on this site is a bit of a weak effort, since this site is THE public chronicler of the divergence of those two code branches.

      4. Iron Heart said on September 17, 2022 at 2:48 pm
        Reply

        @Andy Prough

        “Pale Moon is static old Firefox”, I didn’t exactly say that but the gist of it is true. Pale Moon is forked from Firefox 52.0 and hasn’t seen any notable structural security improvement from later Firefox versions. It is a single-process application with no sandbox(!), i.e. a security nightmare. That Moonchild backports a security fix from Firefox every now and then is not addressing the fundamental structural problems of Pale Moon suffers from at all.

        Sure, even if you go multiprocess, escapes from any inter-process communication is a possibility, but if you remain single-process, a bad guy doesn’t even need to come up with an escape, since content from different parent domains is sharing the same process anyway. No browser developer outside of Moonchild believes that this is a good idea. I mean, even Firefox doesn’t feature actual site isolation (despite being multiprocess), hard-limiting the content processes to eight (so content from different parent domains can STILL share the same process, just like in Pale Moon), but it’s still a small step up from what Pale Moon does.

        gHacks used to report on the project, but not anymore (outside of major versions I believe). This has its reasons as well, please think about it.

        Pale Moon user talking about security, big fat LOL. And I am still waiting on your research demonstrating that Firefox has the same or better exploit mitigations than Chromium, I hope you have more to offer than “Nobody uses Firefox anyway, therefore nobody is interested in hacking it, therefore that means it is secure.” which is a bullshit excuse.

      5. Iron Heart said on September 17, 2022 at 3:04 pm
        Reply
      6. Andy Prough said on September 17, 2022 at 3:29 pm
        Reply

        @Iron Heart
        I think I am going to have to stop interacting with you, since you clearly do not respond to information I’ve posted, but instead seem to be just “building your brand”. It’s very much like talking to a bot of some sort.

        I have no reason to provide information about the superiority of Firefox security since I have told you, many many times, I do not currently use it or follow it.

      7. Iron Heart said on September 18, 2022 at 9:45 am
        Reply

        @Andy Prough

        Andy Prough: Chromium is so insecure! So insecure!

        Iron Heart: Here is an article that actually shows you Chromium’s security practices vs. Firefox’s security practices. You can actually see there what is more advanced currently

        Andy Prough: No, no, no! This guy does not know what he is talking about! I have sources from academic research that show you the contrary!

        Iron Heart: OK? Can I see those sources, they should support your claim then?

        Andy Prough: I don’t need to show you no sources! I don’t use Firefox after all, I use the FF derivative Pale Moon, and Pale Moon users don’t need to show sources that they claimed they had! Checkmate!

        I don’t give a shit whether or not you reply to me, I thought this had been established by now.

        Further, look at who supports your comments, fanboy @Aluminium and fanboy @Thoughtful, two commenters who haven’t known their stuff in the past and don’t know anything about it now, congrats for that clown support you got there. Quality content.

      8. Aluminum said on September 18, 2022 at 11:21 am
        Reply

        @IH

        Why is it when people challenge your opinion you feel the need to curse and make personal attacks? Why do they occupy so much of your headspace?

      9. Iron Heart said on September 20, 2022 at 7:18 am
        Reply

        @Aluminium

        “Fanboy” is not a personal attack when you behave like one. Neither is “clown”.

        You guys should really re-evaluate what you write here. Between Andy Prough’s phantom sources and your blatant lies about the history of madaidan’s blog entry and the misleading comparison to a checklist, it’s horrendous commenting from people who have no clue what they are talking about and choose to be dishonest about it as well. Sad state of affairs.

      10. Andy Prough said on September 19, 2022 at 12:18 am
        Reply

        Andy Prough: Chrome has a lot of security flaws!!!

        Iron Heart: Here’s some ancient, random blog that says Firefox has bad security, give me a source to prove to me that it has good security.

        Andy Prough: I don’t use or follow Firefox, I don’t know if it has good security.

        Iron Heart: Here’s some ancient, random blog that says Firefox has bad security, give me a source to prove to me that it has good security.

        Andy Prough: I don’t use or follow Firefox, I don’t know if it has good security.

        Iron Heart: Here’s some ancient, random blog that says Firefox has bad security, give me a source to prove to me that it has good security.

        Andy Prough: I don’t use or follow Firefox, I don’t know if it has good security.

        Iron Heart: Here’s some ancient, random blog that says Firefox has bad security, give me a source to prove to me that it has good security.

        Andy Prough: Are you a bot?

        Iron Heart: I hate you.

        =============================

        I mean – you sound exactly like a bot, dude. Sorry. Stop sounding like a bot and we’ll probably find something worth talking about.

      11. Iron Heart said on September 20, 2022 at 6:58 am
        Reply

        @Andy Prough

        I sound like a bot when I call you out on not providing sources you claimed you had? OK, whatever you say my man. Maybe even a bot would be smart enough to call you out on your Captain Obvious bullshit, so whether I am a bot or not should not be that important, eh?

        People can see our entire conversation and how ridiculous and evasive you are when called out, I hope you realize that.

      12. Aluminum said on September 18, 2022 at 1:42 am
        Reply

        Madaidans, that’s a blast from the past. I thought link spamming was banned here. Since we’re spamming outdated links now.

        https://www.zdnet.com/article/germanys-cyber-security-agency-recommends-firefox-as-most-secure-browser/

        P.S. Do you get paid every time you put a LOL in your text wall?

      13. Iron Heart said on September 18, 2022 at 9:35 am
        Reply

        @Aluminium

        > Madaidans, that’s a blast from the past.

        Updated March 19th, 2022.

        Outdated? Nah.

        > Germany’s bureaucracy

        …looks whether or not certain features are present via a checkbox system. Browser nominally supports HTTPS? Check. Browser nominally has a sandbox? Check. And so on…
        The actual implementations are never compared, which is what madaidan does.

        A closer look at this stuff would also tell you that e.g. Firefox’s content processes are limited to eight, which still makes different parent domains share the same process, weakening site isolation. But a checkbox system is woefully insufficient for that, you see.

        > I thought link spamming was banned here.

        I don’t think facts should be banned. It’s just not a winning strategy, you see.

        > Do you get paid every time you put a LOL in your text wall?

        Depends on how often you make me lol, and since I know you, I can guarantee it will be very often.

      14. Aluminum said on September 18, 2022 at 11:17 am
        Reply

        > Madaidans, that’s a blast from the past.

        Updated March 19th, 2022.

        Outdated? Nah.

        He/You been making the same rants since at least 2018. Certain types of sites will change the post dates, despite actual content not changing substantially.

      15. Iron Heart said on September 18, 2022 at 5:12 pm
        Reply

        @Aluminium

        > He/You been making the same rants since at least 2018.

        Why is the timeframe important when it’s still true? And “rant” implies feelings, something not entirely fact-based. Which is the exact opposite of the blog content.

        > Certain types of sites will change the post dates, despite actual content not changing substantially.

        Ah, so you think that he changes the dates occasionally just for the sake of it?

        That’s a person bereft of arguments if I ever saw one.

        Go ahead then, I am pretty sure you know of that nice Internet invention called the wayback machine. There you can check it, and see with your own eyes, the bullshit that you just wrote here.

      16. Aluminum said on September 19, 2022 at 12:57 am
        Reply

        >Go ahead then, I am pretty sure you know of that nice Internet invention called the wayback machine. There you can check it, and see with your own eyes, the bullshit that you just wrote here.

        I did that’s how I know he has made the same rants since at least 2018. I know Martin does not care, but no need for foul language, this is a not that kind of site, and it does not help you.

        >Why is the timeframe important when it’s still true?

        The same could also apply to the “Germany’s cyber-security agency recommends Firefox as most secure browser” article.

        >Ah, so you think that he changes the dates occasionally just for the sake of it?

        There are certain types of sites that do that.

      17. Aluminum said on September 19, 2022 at 5:18 am
        Reply

        @IH

        >Why is the timeframe important when it’s still true?

        You could same the same thing about the article that says Germany’s cyber-security agency recommends Firefox as most secure browser.

        >Go ahead then, I am pretty sure you know of that nice Internet invention called the wayback machine. There you can check it, and see with your own eyes, the bullshit that you just wrote here.

        I did, that’s how I know how he has made the same rants since at least 2018.

        P.S. No need for cursing, it does not help you look good.

      18. Iron Heart said on September 20, 2022 at 7:03 am
        Reply

        @Aluminium

        > Germany’s bureaucracy

        I’ve already told you that they use checklists(!) that only evaluate whether or not a feature is nominally present. This is not an in-depth comparison of the code at all and can’t hope to compete with any.

        > I did, that’s how I know how he has made the same rants since at least 2018.

        Blatant lie. The wayback machine reveals a much different article from back in 2018 vs. 2022. Of course, he didn’t need to change things in some areas when nothing has moved at Mozilla, but this would then be a bad look for Mozilla, not for madaidan.

        > cursing

        Cursing? You mean when I call your stuff “bullshit”? You know, it is what it is. If you don’t like the word bullshit then perhaps you shouldn’t come up with any. It’s really that easy.

    2. adobe said on September 17, 2022 at 8:13 am
      Reply

      adobe for one welcomes it’s new dark zero-day overlord taking the crown for most insecure software

      every day is patch day at chromium

      1. Iron Heart said on September 17, 2022 at 8:34 am
        Reply

        @adobe

        Except Flash was a tiny codebase compared to any browser even back then, and had minimal functionality compared to a browser. If we needed proof that idiotic comparisons thrive on gHacks, I need to look no further anymore really.

  4. Thoughtful said on September 17, 2022 at 8:43 pm
    Reply

    @Andy Prough

    > You don’t need to leave links to your favorite security bloggers when you respond to me

    What security blogger? Many people would regard that stupid outdated blog to be a form of privacy and security theatre and full of FUD.

    Just ignore the BS from Iron Heart, that blog link he spams is laughed out of any serious privacy community. Many tech news websites have mentioned that Firefox has sandbox and site isolation security architecture, a simple search would tell you that it exists and it works. Iron Heart has proven time and time again that he knows nothing about privacy and security. He repeatedly spreads nonsense from his favorite blog so he can be cheerleading for google made products like the chromium engine.

    @Andy Prough, you mentioned previously that you do not use javascript in your browsers? that is good security practice, whereas Iron Heart says it is annoying to turn JS off. I would consider yourself to be much more practical in your security advice than Iron Heart. Even the clueless windows-S mode fan madaidan recommends turning off JS. Lol.

    Iron Heart gets away with spreading FUD because there is no upvote or downvote system for comments to show people he is not very educated on these topics. It would be funny to see him get downvoted on reddit.

    The blog he constantly spams gives some of the most stupid advice i have ever heard, it is nothing only privacy and security theatre. There is no threat model mentioned for any of the hardening guides on that blog, which makes the author look like someone that is spreading FUD and someone who generally does not know what he is talking about.

    Some terrible security advice is given on that blog also, such as recommending to use chromium-based browsers over the vastly more secure and less buggy Firefox (Firefox is statistically proven to be more secure) and recommending using Windows in S-mode over Linux distros.

    In no way whatsoever would a serious security expert worth their salt say that windows is more secure than FOSS Linux distros, when windows is closed source software, when the code can not be confirmed to be secure by the FOSS community. madaidan trusts M$ in telling him their OS is secure even though the code is closed source and windows has a history of having atrocious security problems, what a noob!

    No security expert worth their salt would recommend using closed-source-software over FOSS.

    No security expert worth their salt would recommend using a less safer browser such as chromium based ones over safer browsers based on Firefox.

    Conclusion = That stupid blog is a mess and full of cherry picking looking for angles to talk crap about Firefox.

    The blog says to avoid avoid Firefox or browsers based on it, as they are very lacking in security? But then goes on to say to use Tor browser for privacy? Too many contradictions only shows he spreads FUD.

    He basically says Tor is one of the most private browser. But never mentions that such a browser is just hardened Firefox with onion network. He says Firefox is insecure? If that is the case then why not publically advocate for the removal of the tor browser from whonix since tor browser is based on Firefox, which he says is lacking security?

    Why does he not do that? Because he is security and privacy theatre and a Windows/grapheneOS/chrome fan who has not a clue what he is talking about like Iron Heart.

    A bunch of LOW IQ people that think smartphones are privacy devices and windows is more secure than Linux and that hardened Firefox has no advantages. If hardened Firefox has no advantages then why does he recommend Tor (which is basically hardened Firefox with onion) for privacy?

    Also only a noob would say that it is important to create a clear distinction between privacy and security Lol.

    He is likely only saying that because he probably knows windows is terrible for privacy, well guess what? it is terrible for security too if one were to look at statistics.

    Without good security, there is no privacy. They are not different things. How can there be privacy if the door is not shut securely?

    A lot of madaidans security and privacy advice is comically stupid and not very intelligent.

    Andy Prough commented > It’s very much like talking to a bot of some sort.

    Talking to Iron Heart is like talking to people with IQ in the double digit category, they are usually terrible at critical thinking and are misinformed about many things.

    @Iron Heart just uses these comments sections as a soapbox to spread a lot of FUD, BS and create drama. Other communities would have banned him very quickly or just downvoted him.

    1. Iron Heart said on September 18, 2022 at 9:29 am
      Reply

      @”Thoughtful”

      Strange that your comments appear under the nick “Thoughtful” when the actual content is the very opposite of that. You have already posted one hateful comment about me that I was too annoyed to reply to, I guess this is part 2 now and I should not ignore this nonsense any longer.

      > What security blogger? Many people would regard that stupid outdated blog to be a form of privacy and security theatre and full of FUD.

      I don’t think so. There has never been even one credible refutation (should be no problem if what he says is plain BS, right?) and arguably reputable websites like @PrivacyGuides use it as a source too. Further, since upvotes / downvotes are seemingly the holy grail of how truth is measured in your eyes, let me remind you that @madaidan also has a Reddit account and I don’t see him downvoted to hell there, neither in privacy communities nor elsewhere.

      > Many tech news websites have mentioned that Firefox has sandbox and site isolation security architecture, a simple search would tell you that it exists and it works.

      “Exists” yes, “works” no. When web content from different parent domains can still share the same content process, which is the case in Firefox, then it does not meet the definition of site isolation. The sandbox does not exist on all operating systems and where it does, it suffers from trivial escapes.

      > @Andy Prough, you mentioned previously that you do not use javascript in your browsers? that is good security practice, whereas Iron Heart says it is annoying to turn JS off.

      “JS off” is not the reality of most browser users, due to usability concerns. That should be obvious to anyone with a brain. It’s also why adblockers with their third party curated lists are more popular than e.g. NoScript, because people have no time to maintain a blacklist / whitelist system for each website they visit.

      > Iron Heart gets away with spreading FUD because there is no upvote or downvote system for comments to show people he is not very educated on these topics. It would be funny to see him get downvoted on reddit.

      Upvote / downvote systems are good for tribalistic communities that mistake the downvote for “dislike” instead of “disagree” (based on factual info), and the upvote for “like” instead of “agree” (based on factual info). It also leads into a split up into various single purpose communities, meaning that while I would likely get downvoted to hell in the Firefox community, I would get upvoted to heaven in a Brave community. As a result, notice how subreddits of opposing products don’t talk much to each other? Yep, result of the upvote / downvote system. A website of mixed opinions is the only place where your stances could get challenged, as long as you are actually thoughtful and are not just here to post bullshit.

      Anyway, in order to show you that I am not afraid of anything: I am in favor of an upvote / downvote system, but hopefully one where YOUR NICK appears next to the upvote / downvote like it is on e.g. MacRumors. Let’s see how you like it when you can’t hide.

      Also LOL at your implied idea that your hateful ramblings against me would receive any upvotes. I have no problem with most gHacks readers and the usual 5 people who always write shit under my comments are something I am used to and can deal with.

      > It would be funny to see him get downvoted on reddit.

      That’s a sadistic streak, I am afraid you would be disappointed though. Due to the tribalism that upvote / downvote system foster, I would seek out communities where I would be upvoted of course. Exactly as such a system ultimately intends.

      > threat model

      You don’t need to mention threat models if the advice you give does not cause breakage and would be good for everyone.

      > Some terrible security advice is given on that blog also, such as recommending to use chromium-based browsers over the vastly more secure and less buggy Firefox (Firefox is statistically proven to be more secure)

      Statistically? You mean as in: “Nobody uses Firefox anyway, therefore nobody is interested in hacking it, therefore that means it is secure.” which is a bullshit excuse? Like that?

      This is not a comparison of the actual implemented exploit mitigations, which is the very down to earth thing madaidan does, it is a hopeful thought that nothing goes wrong because nobody cares. And Firefox also gets security patches, as there are security issues.

      > and recommending using Windows in S-mode over Linux distros.

      Windows S-Mode only accepts signed applications from the Windows Store. Whereas Linux runs binaries from any source. How Linux is more secure then remains your secret, I guess it will be “Nobody uses Linux anyway” hopeful statistics bullshit again, go ahead.

      > No security expert worth their salt would recommend using closed-source-software over FOSS.

      Hm, sure. You don’t know what you are talking about. Closed source does not mean less secure. It just means that the code is not public. And security (= resistance against outside exploitation) is not the same as privacy (= lack of data exfiltration).

      > In no way whatsoever would a serious security expert worth their salt say that windows is more secure than FOSS Linux distros, when windows is closed source software, when the code can not be confirmed to be secure by the FOSS community.

      The code not being public says nothing about its quality. Quality could be excellent for all you know, as these two concepts are very distinct. You mishmash them though because you don’t really understand them.

      And Linux can be hacked trivially, it’s just not very interesting to do with 2% market share overall.

      > madaidan trusts M$ in telling him their OS is secure even though the code is closed source and windows has a history of having atrocious security problems, what a noob!

      Windows has documentation and from various security incidents of the past we know that certain exploit mitigations are in place. Hacking Windows is often non-trivial (contrary to Linux). And with 90% market share, it is expected that Windows be the prime target of any attacker, Linux being irrelevant does not make it “secure” automatically in terms of the actual base code. I know that this is a foreign idea to you, but the popularity of a software is a mjaor determinator of the attempts made on it.

      > No security expert worth their salt would recommend using closed-source-software over FOSS.

      Closed source does not mean low quality of code, no matter how often you repeat it. Historically, Blackberry was used in many high security environments over open source Android… Probably due to its low security, right up to the level of heads of state who seemingly relied on insecure stuff according to you. LOL.

      I value the concept of open source, but only because of accountability, in order to check what a developer of an application is up to. Open source does not mean “secure”, Firefox is open source and has terrible security practices, which is something we (somewhat ironically) know due to its public code. And you also seem to wrongly assume that just because the code may be public, that there are enough people who are able to patch security issues, when in fact only e.g. the paid for Firefox devs who work with the code every single day really know its ins and outs. I hardly ever see an outside party fixing a security issue, it’s always Mozilla employees. How is that different from MS? Just because it’s public here? LOL.

      > No security expert worth their salt would recommend using a less safer browser such as chromium based ones over safer browsers based on Firefox.

      On what basis do you call Firefox “safer”? Based on its irrelevance? If so, LOL.

      > Conclusion = That stupid blog is a mess and full of cherry picking looking for angles to talk crap about Firefox.

      Refute it, then. You can’t.

      You never actually refute any concrete point the blog makes, and people are noticing it.

      > The blog says to avoid avoid Firefox or browsers based on it, as they are very lacking in security? But then goes on to say to use Tor browser for privacy?

      Security = resistance against outside exploitation via malware.

      Privacy = resistance against data collection.

      Not the same thing.

      > He basically says Tor is one of the most private browser. But never mentions that such a browser is just hardened Firefox with onion network.

      You can’t replicate Tor via your own Firefox installation. Firefox suffers from major version fragmentation (newly introduced web standard support which becomes part of the fingerprint, changes to existing web standard implementations) every 4 weeks, you never get the same fingerprint as Tor. But I did not expect you to know that.

      > He says Firefox is insecure? If that is the case then why not publically advocate for the removal of the tor browser from whonix since tor browser is based on Firefox, which he says is lacking security?

      Because the Tor Project based itself on Firefox before Chromium was a thing, and are now dependent on it for better or worse, since all their patch sets are written for it and would have to be rewritten for Chromium. Also, the Whonix project depends on whatever the Tor Project does since they get the Tor browser as is.

      That madaidan works with the FF code everyday and doesn’t deem it secure should raise a red flag for you, but hey, who am I talking to? You know, if anything, he should be biased towards Firefox. It’s incredible that you, a complete whoever, accuses him of having no clue about the code he works with daily. LOL, is all I can say here.

      And that security and privacy are not the same thing is not something I will explain to you again, you don’t get it anyway.

      > Why does he not do that? Because he is security and privacy theatre and a Windows/grapheneOS/chrome fan who has not a clue what he is talking about like Iron Heart.

      Talking about various products objectively does not make him a “fan” of them. And if he doesn’t know what he is talking about, but you do, why don’t you confront his points head on? What’s the matter? No arguments in store?

      > A bunch of LOW IQ people that think smartphones are privacy devices

      Tell me about the privacy issues of GrapheneOS, GalyxOS etc… They don’t have any more or less than any other connected device.

      > windows is more secure than Linux

      Let’s just say the hacks are less trivial there.

      > and that hardened Firefox has no advantages

      It doesn’t have any. It reduces usability, and less than 1% of all Firefox users so called “harden” their browser, with most of them running a highly unique setup when all is said and done.

      > Also only a noob would say that it is important to create a clear distinction between privacy and security Lol.

      Sure thing, buddy. LOL, indeed.

      > He is likely only saying that because he probably knows windows is terrible for privacy, well guess what? it is terrible for security too if one were to look at statistics.

      Windows does exfiltrate data itself (Microsoft’s privacy policy etc.), but is pretty resistant to outside exploitation, hacking it is non-trivial. And “statistics” would tell you that the most used OS also has to be the most searched one for security issues. Linux being irrelevant does not make it secure in terms of the actual base code.

      > How can there be privacy if the door is not shut securely?

      One example: Linux does not collect user data itself (most distros don’t, anyway), but is relatively easy to hack. Why? Because privacy and security are not the same thing.

      > Talking to Iron Heart is like talking to people with IQ in the double digit category, they are usually terrible at critical thinking and are misinformed about many things.

      Thank you for the flowers, however I don’t think someone who can’t confront an argument head on and who can’t differentiate between distinct concepts should accuse other people of having a low IQ.

      > @Iron Heart just uses these comments sections as a soapbox to spread a lot of FUD, BS and create drama. Other communities would have banned him very quickly or just downvoted him.

      Thank you for the flowers once more, however neither “downvote” nor “ban” is a substitute for a good counterargument. Those are the measures you use when you don’t have any arguments.

      1. we have a winner said on September 18, 2022 at 9:54 am
        Reply

        and the winner of longest rant goes to .. Iron Heart

      2. Iron Heart said on September 18, 2022 at 10:02 am
        Reply

        > and the winner of longest rant goes to .. Iron Heart

        *longest debunk of a rant

        Fixed that for you.

        Don’t like it, don’t read it. Familiarize yourself with the concept.

  5. Thoughtful Intellectualism. said on September 18, 2022 at 10:00 am
    Reply

    @Aluminium

    > Madaidans, that’s a blast from the past. I thought link spamming was banned here. Since we’re spamming outdated links now.

    Lol. I expected that outdated link to be banned aswell. Anyway, since i am for free speech, i don’t care if Iron Heart spams it as it only makes him look OUTDATED lol.

    You would be correct in assuming that a lot of information is very outdated on that blog. Iron Heart thinks he is being smart by spamming it, but since he really does not know what he is talking about, it is not really surprising that he would spread misinformation from an outdated comically stupid blog.

    The stupid outdated blog that @Iron Heart spams says the Firefox sandbox on windows lacks win32k lockdown, it also has very outdated information about Linux/X11/Firefox problems.

    See here the correct information about Firefox/Win32k lockdown below and Linux/X11/Firefox below.

    Firefox 100.0.1 Released Officially With Improved Windows Process Isolation

    The main change in Firefox 100.0.1 improves Firefox’s security sandbox on Windows devices. Mozilla notes that the sandbox is blocking access to Win32k APIs for content processes on Windows now.
    https://www.tweaksforgeeks.com/firefox-100-0-1-released-officially-with-improved-windows-process-isolation/

    Firefox 99 for Linux included a change that removed the connection from content process to the X11 server, which “stops attackers from exploiting the unsecured X11 protocol”.
    https://www.tweaksforgeeks.com/firefox-100-0-1-released-officially-with-improved-windows-process-isolation/

    Iron Heart commented >> I don’t think so. There has never been even one credible refutation

    He still does not think that blog is outdated lol.

    Iron Heart posts outdated blogs and again, it must be mentioned that he really does not have a clue what he talks about a lot of the time. But no doubt, he will likely keep spamming the link to that comical blog. Lol.

    Also much of madaidans laughable security advice only describe theoretical issues that are not really reflective of the real world. Statistics basically say that Chromium based browsers have more real world security problems than Firefox, windows OS have more real world security problems than Linux distros. In the real world that is what matters most, not any perceived ideas about which is better in theoretical scenarios that are very unlikely to happen in the real world

    1. Iron Heart said on September 18, 2022 at 5:06 pm
      Reply

      @Thoughtful Intellectualism / Anonymous123 / GNU Linux Sophistication

      > Anyway, since i am for free speech (…)

      But before you said:

      > Iron Heart just uses these comments sections as a soapbox to spread a lot of FUD, BS and create drama. Other communities would have banned him very quickly or just downvoted him.

      Stay consistent, bud. Or at least try to.

      > You would be correct in assuming that a lot of information is very outdated on that blog.

      Nope. :D The blog got updated this year already and always gets updated whenever something major moves in the Firefox code, which, as you can see, is not too often.

      > The stupid outdated blog that @Iron Heart spams says the Firefox sandbox on windows lacks win32k lockdown, it also has very outdated information about Linux/X11/Firefox problems.

      Win32 lockdown? It’s literally still an experiment, I am sure the blog will have an update once it actually gets rolled out and is considered stable, bud. :D

      > Firefox 99 for Linux included a change that removed the connection from content process to the X11 server, which “stops attackers from exploiting the unsecured X11 protocol”.

      It’s not only the content process that is of concern here, bud. Again, if Firefox finally says goodbye to the X11 protocol, I am sure the blog will receive an update.

      As said, he updates the blog whenever something MAJOR moves for Firefox, and this always includes beta / nightly unstable channels and features considered experimental.

      > real world

      You act like Firefox has never any real world security issues. It seems like you are completely safe. :-D

      OK, bud. Enjoy your nominally lower CVE count brought to you by abysmally low market share (Why do you advertise FF then? Shouldn’t you stay under the radar according to your logic, pushing new users away? :-D), while I enjoy my Brave installation that never actually got hacked in the real world either.

      Statistical likelihoods are not taken into consideration when you undertake an analysis of the security practices of the actual base code, as it should be.

  6. JJ Mendes said on September 18, 2022 at 11:02 am
    Reply

    There is a bug in this version that makes the scrollbar not usable when mouse is on the far right edge of screen.

  7. Thoughtful Intellectualism. said on September 18, 2022 at 11:42 am
    Reply

    Iron Heart Comment >> Closed source does not mean less secure. It just means that the code is not public.
    Iron Heart Comment >> The code not being public says nothing about its quality. Quality could be excellent for all you know

    Lol.

    Closed source = code not public = code can not be confirmed to be secure by FOSS community. Therefore the code can not possibly compare to the security of the FOSS model, where the FOSS community have more eyes on the code to see how secure it is or how insecure/buggy it is. That is very unlike the lazy programming in a proprietary software environment with no real world peer review process like the FOSS community has.

    Since you are here literally making excuses for the terrible security and privacy of the Edge browser anyway, it must be said that you love proprietary software over FOSS lol.

    You know nothing about security or privacy and it really shows lol.

    Iron Heart commented >> open source Android

    Most versions of Android are proprietary. The core components are taken from the Android Open Source Project (AOSP), which is free and open-source software (FOSS) primarily licensed under the Apache License. However, When Android is installed on devices, the ability to modify the otherwise FOSS software is usually restricted, either by not providing the corresponding source code or preventing reinstallation through technical measures, rendering the installed version proprietary.

    It is not as if people can just install regular desktop style Linux distros on smartphones, as smartphones are very locked down devices.

    Pixel phones = Google product = money that went to google when purchased new. By buying a used pixel phone, somebody had to pay for that new originally.

    Most Android devices ship with additional proprietary software pre-installed, most notably Google Mobile Services which includes proprietary apps such as Google Chrome Lol.

    Iron Heart commented >> I value the concept of open source

    Yet here you are making excuses for proprietary Edge or Chrome and talking your usual nonsense about Firefox which is FOSS.

    Do you think people are stupid to not see how biased you are?

    Iron Heart commented >> Firefox is open source and has terrible security practices

    Firefox gets nowhere near the security or bug problems that chromium-based browsers get.

    Iron Heart commented >> Security = resistance against outside exploitation via malware.
    Iron Heart commented >> Privacy resistance against data collection.
    Iron Heart commented >> And that security and privacy are not the same thing is not something I will explain to you again, you don’t get it anyway.

    Double digit IQ moment for you? lol

    Definition of malware = Malicious computer software that interferes with normal computer functions or sends personal data about the user to unauthorized parties over the Internet.

    Without good security against malware, privacy gets eroded and personal data stolen. Without good security, there is no privacy Mr ignorant.

    Only a noob would say privacy and security are different things. But that is to be expected from madaidan or you as neither of you seem to have a clue what you’re talking about lol.

    Iron Heart commented >> You can’t replicate Tor via your own Firefox installation.

    Some Firefox about:config settings came from the tor project. Mr ignorant. Privacy resist fingerprinting is one example.

    Iron Heart commented >> That madaidan works with the FF code everyday and doesn’t deem it secure should raise a red flag for you

    madaidan is a clueless individual as regards knowledge about security related discussions, he never mentioned this massive security issue that windows had.

    The WannaCry ransomware attack was a worldwide cyberattack in May 2017 by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency
    https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

    In no whatsoever is windows OS more safe than Linux distros, Linux is FOSS, windows is not. Statistics say windows gets more security issues.

    Iron Heart commented >> Tell me about the privacy issues of GrapheneOS, GalyxOS etc… They don’t have any more or less than any other connected device.

    IMEI, bluetooth, Wifi, cameras, mic, location tracking just to name a few. Standard desktop computer can have no such privacy invasive features as they are more customizable.

    Iron Heart commented >> less than 1% of all Firefox users so called “harden” their browser, with most of them running a highly unique setup when all is said and done.

    “The self proclaimed soothsayer Iron Heart returns” thinking he knows what setup everyone has in Firefox.

    Laughably stupid analysis from him. No one knows what percentage of Firefox users harden their browser. Fingerprinting testing sites are not very accurate it can be presumed. Librewolf is getting popular now too if one were to look at the praise it gets in privacy communities, Librewolf is hardened by default = more hardened firefox browser users.

    Iron Heart commented >> Linux being irrelevant does not make it secure in terms of the actual base code.

    Double digit IQ moment once again. He says he uses grapheneOS, well guess what Mr ignorant? Android is based on modified Linux kernel and you sing the praises about how private and secure grapheneOS is. Be grateful to Linux.

    Linux is known for excellent security, it also seems you have never heard about RHEL, red hat enterprise Linux.

    Linux is the supercomputer operating system by choice.
    Linux Runs on All of the Top 500 Supercomputers, Again!
    Linux now runs on all the fastest 500 supercomputers in the world
    To give you a year wise summary of Linux shares on the top 500 supercomputers:
    In 2012: 94%
    In 2013: 95%
    In 2014: 97%
    In 2015: 97.2%
    In 2016: 99.6%
    In 2017: 99.6%
    In 2018: 100%
    In 2019: 100%
    In 2020: 100%
    Supercomputer Fugaku is the fastest supercomputer on the planet as of now (2020) in Japan.
    https://itsfoss.com/linux-runs-top-supercomputers/

    Linux is the fastest, the most accomplished.

    Iron Heart commented >> Thank you for the flowers once more,

    You should say be more grateful and appreciative of the many lessons that Firefox users often give you here on privacy and security related browser discussion topics etc, as your knowledge on such topics is severely lacking.

    Enjoy the comment, i must say though that making you look ignorant is getting very boring, at least educate yourself a bit or be more inclined to do some critical thinking.

    1. Iron Heart said on September 18, 2022 at 4:53 pm
      Reply

      @Thoughtful Intellectualism / Anonymous123 / GNU Linux Sophistication (Such a variety of nicks so far for the same person, what’s next I wonder?)

      > Closed source = code not public = code can not be confirmed to be secure by FOSS community.

      …this does not make the code insecure. “Not public = insecure” is a false equation no matter how you spin it.

      > Therefore the code can not possibly compare to the security of the FOSS model, where the FOSS community have more eyes on the code to see how secure it is or how insecure/buggy it is.

      More eyes on the code of your distro than there are devs at Microsoft or Apple? Hehe, good one. The number of commits and devs who committed fails to prove this.

      > That is very unlike the lazy programming in a proprietary software environment with no real world peer review process like the FOSS community has.

      That’s why Linux has conquered the desktop by now. Because the other OSes are so bad due to lazy programming. Is this comedy?

      > Since you are here literally making excuses for the terrible security and privacy of the Edge browser anyway, it must be said that you love proprietary software over FOSS lol.

      Who talked about Edge? Anyway, Edge is rebranded Chromium and Chromium is FOSS. Not that it matters, because as I said, just because code is not public does not make it automatically insecure.

      > However, When Android is installed on devices, the ability to modify the otherwise FOSS software is usually restricted

      Only if the bootloader can’t be unlocked due to encryption, which will always depend on the brand you buy.

      > It is not as if people can just install regular desktop style Linux distros on smartphones, as smartphones are very locked down devices.

      With an unlockable bootloader a smartphone is not any more restricted than a PC. Note that you brought smartphones up again, before you accuse me of only talking about mobile.

      > Pixel phones = Google product = money that went to google when purchased new. By buying a used pixel phone, somebody had to pay for that new originally.

      Quick reality check: Someone will buy it anyway, so buying it used is always going to be valid.

      > Most Android devices ship with additional proprietary software pre-installed, most notably Google Mobile Services which includes proprietary apps such as Google Chrome Lol.

      “Ship with…”, so what? I thought you were so big on Linux? How many PCs ship with Linux? Now it is suddenly a hurdle according to you? At least try to stay consistent.

      > Yet here you are making excuses for proprietary Edge or Chrome and talking your usual nonsense about Firefox which is FOSS.

      I am not making up excuses for anything. Anyone sane will tell you that a code does not need to be public to be secure, as those are very distinct questions. That you call each and every closed source software insecure is insane on your part.

      And I said I value the concept of open source, not each and every open source project. Firefox is on its way out for a reason, after all.

      > Double digit IQ moment for you? lol

      That’s as insulting as it is hilarious. If you haven’t noticed so far, you are the one who consistently fails to tell distinct concepts apart.

      > Without good security against malware, privacy gets eroded and personal data stolen. Without good security, there is no privacy Mr ignorant.

      The developer of the software itself can collect data, whether it be telemetry or any other data. Windows is not considered malware and neither is Chrome, not by sane people anyway. Do you want to imply that the majority of people runs malware, go ahead then, prove that you are not quite right in the head after all.

      Malware is an “unallowed” intrusion into your system. The system needs to get hacked first. This happens via bad security. Data can than get exfiltrated. This, however, is not the same as secure (= resistant against outside exploitation) software that has problematic privacy policies, but which you have installed voluntarily and agreed to the ToS.

      > Only a noob would say privacy and security are different things.

      Windows and Chrome are pretty resistant against outside exploitation. While they do get hacked like any other software, including open source software, hacking them is usually non-trivial. They have problematic privacy policies, but that does not make them malware.

      > Some Firefox about:config settings came from the tor project.

      Nah, Firefox had about:config before Tor was even a thing.

      > Privacy resist fingerprinting is one example.

      This subset of settings maybe. Still, you can’t replicate the Tor setup in Firefox. Firefox suffers from major version fragmentation every four weeks, guaranteeing that you never have the same fingerprint as Tor which uses ESR (and thus frozen web standard support for a year).

      > madaidan is a clueless individual as regards knowledge about security related discussions, he never mentioned this massive security issue that windows had.

      What about the security issues of Android which uses the Linux kernel? There have been worse than Wannacry, and yes I mean kernel exploits.

      > In no whatsoever is windows OS more safe than Linux distros, Linux is FOSS, windows is not. Statistics say windows gets more security issues.

      Statistics also tell you that Windows has 90% market share while Linux has 2%. Which do you think hackers are interested in? It’s no surprise that Windows gets a higher nominal number of security issues. I say “nominal” because the Windows will always get more CVEs due to its popularity, even if it was 10 times as secure as Linux.

      > IMEI, bluetooth, Wifi, cameras, mic, location tracking just to name a few. Standard desktop computer can have no such privacy invasive features as they are more customizable.

      I have already told you that hardly anyone uses tower PCs because they do not meet the usage profile of most people. Most people want to use their PCs on the go, and AiOs save space compared to towers, even they are more popular.

      Anyway, a tower PC can still be compromised, all your connections can be monitored as well as your files, which is already among the worst things that can potentially happen. Other PCs aside from towers can also be compromised in terms of camera / microphone / bluetooth.

      And IMEI is not a better or worse identifier than the MAC address, which is already unique. What does the IMEI add that the MAC address does not already tell you? –> Nothing.

      This leaves location, and it is not exactly easy to compromise GPS.

      > No one knows what percentage of Firefox users harden their browser.

      “For Firefox, statscounter reports a market share of 3.15% as of August 2022. Wikipedia mentions claims from different sources as of October 2021, varying from 2.18% to 4.4%. Firefox’s figures show around 200 million monthly active users.

      Based on our internal information from August 2022, traffic originating from Brave on Desktop and Android accounts for 1.57% of all identification events. For Firefox, it’s 1.997%. Interestingly, Firefox traffic matches the values spoofed by the privacy.resistFingerprinting preference accounts for only 0.48% of all Firefox traffic we see. The Tor Browser accounts for 0.017% across all events.”

      source: https://fingerprint.com/blog/browser-anti-fingerprinting-techniques/

      > Librewolf is hardened by default = more hardened firefox browser users.

      LibreWolf still suffers from major version fragmentation every four weeks. This limits its anti-fingerprinting effectiveness no matter what you do. Tor uses ESR for a reason.

      > He says he uses grapheneOS, well guess what Mr ignorant? Android is based on modified Linux kernel and you sing the praises about how private and secure grapheneOS is. Be grateful to Linux.

      Mr Ignorant, that’s highly idiotic. Anyway, how about asking the actual Linux community about whether or not Android is a Linux distribution? Brace yourself for the answers you’ll get, because Android has very few things in common with Linux in 2022 other than the kernel, and there are many more components that are relevant for security other than just the kernel.

      GrapheneOS also has additional security protections compared to AOSP, some of which even made it into AOSP after GrapheneOS pioneered them. GrapheneOS is superior to AOSP, just like Qubes OS is superior to plain Debian.

      > Linux is the supercomputer operating system by choice.

      You think the super computers have the same security standards as your home Linux distro? Hehe, sure thing bud. The network level alone is already heavily locked down, no valid comparison can possibly be drawn here.

      > Supercomputer Fugaku is the fastest supercomputer on the planet as of now (2020) in Japan.

      Great. I think that’s mainly due to the hardware though.

      > You should say be more grateful and appreciative of the many lessons that Firefox users often give you here on privacy and security related browser discussion topics etc, as your knowledge on such topics is severely lacking.

      You mean like the one you just gave me, when you didn’t realize that major version fragmentation is a thing and that it actually influences the fingerprint? :D

      I spare you the comment about the Firefox community on this website, it probably wouldn’t get through. Thoughts are free.

      > Enjoy the comment, i must say though that making you look ignorant is getting very boring, at least educate yourself a bit or be more inclined to do some critical thinking.

      You came here with a long ass ad hominem reply, so you signed up for being called out on your bullshit again. The only thing that is embarrassing here is your inability to differentiate between different concepts, coming up with a pathetic pseudo-argument based on the mess that you’ve created in your mind.

  8. Thoughtful Intellectualism. said on September 19, 2022 at 12:43 am
    Reply

    @Aluminium & Iron Heart

    Aluminium comment to Iron Heart >>> Why is it when people challenge your opinion you feel the need to curse and make personal attacks? Why do they occupy so much of your headspace?

    Because Iron Heart is probably terrified that some of his ridiculous comments get ridiculed here, which they have been time and time again. Apparently he believes himself some sort of a “soothsayer” and believes he has a large following here that value his opinion.

    Iron Heart Commented >> Updated March 19th, 2022. Outdated? Nah.

    Naaaaaah? Is the ignorant word “Nah” meant to make you look serious or something? It makes you look ignorant i believe.

    Some parts of the blog you linked are outdated. The Win32k lockdown part and Linux X11 part specifically. Also his security advice is BS, but that is just my opinion.

    Quit the bitching and just admit you were wrong. Everyone makes mistakes.

    Iron Heart commented >> Firefox’s content processes are limited to eight, which still makes different parent domains share the same process, weakening site isolation

    Chromium-based browsers get more security problems than Firefox according to statistics. So all that perceived superior site isolation you believe exists in your favorite google made products like chromium, makes no difference to such browsers getting more security problems than Firefox in the real world.

    Quit the bitching.

    Firefox is better.

    Iron Heart commented >> I don’t think facts should be banned. It’s just not a winning strategy, you see.

    The facts are chromium based browsers are less secure according to statistics.

    Iron Heart commented >> Stay consistent, bud. Or at least try to.

    Bud?

    I am not your friend, i do not like opinions that say closed source software is better than FOSS.

    Iron Heart commented >> Nope. :D The blog got updated this year already and always gets updated whenever something major moves in the Firefox code

    You have great faith in your IDOL even when his blog is OUTDATED.

    Are you mentally challenged? Have you not read the two links i showed you.

    Some parts of his blog, such as his opinions on Firefox relating to WIN32K and Linux X11 contain information that is outdated.

    Iron Heart commented >> Win32 lockdown? It’s literally still an experiment, I am sure the blog will have an update once it actually gets rolled out

    Mozilla notes that the sandbox is blocking access to Win32k APIs for content processes on Windows now.
    https://www.tweaksforgeeks.com/firefox-100-0-1-released-officially-with-improved-windows-process-isolation/

    “Your reading comprehension skills are a joke” Do you not understand the word “NOW in the sentence above the linked news article?

    Iron Heart commented >> It’s not only the content process that is of concern here, bud. Again, if Firefox finally says goodbye to the X11 protocol, I am sure the blog will receive an update.

    Firefox 99 for Linux included a change that removed the connection from content process to the X11 server, which “stops attackers from exploiting the unsecured X11 protocol”.
    https://www.tweaksforgeeks.com/firefox-100-0-1-released-officially-with-improved-windows-process-isolation/

    Your reading comprehension skills are a joke.

    X11/Firefox issue has been fixed.

    Iron Heart commented >> As said, he updates the blog whenever something MAJOR moves for Firefox

    His blog is out of date as regards the BS he says about WIN32K and Linux/X11 relating to Firefox.

    Quit the bitching and spreading outdated information.

    Iron Heart commented >> Statistical likelihoods are not taken into consideration when you undertake an analysis of the security practices of the actual base code, as it should be.

    Firefox is more secure according to statistics, i know you hate that fact.

    Iron Heart commented >> Not public = insecure” is a false equation no matter how you spin it.

    Keep trusting in closed source big tech to keep you secure. You likely are a windows or mac user, that would be my guess. You also seem to hate Linux. I would never use proprietary crap like Windows or Mac. No security expert worth their salt would advocate for proprietary software instead of FOSS. Most well known privacy tools are FOSS for a reason.

    Iron Heart commented >> Anyone sane will tell you that a code does not need to be public to be secure

    You know nothing about why Richard Stallman advocates for FOSS.

    Most privacy tools promote and say that they are FOSS so people will trust them more, you are in the double digit IQ category i believe.

    I would always use FOSS over proprietary software as much as possible.

    Iron Heart commented >> The developer of the software itself can collect data, whether it be telemetry or any other data. Windows is not considered malware and neither is Chrome, not by sane people anyway.
    Iron Heart commented >> Windows and Chrome are pretty resistant against outside exploitation.

    Such software gets lots of security problems and are privacy invasive.
    Your support for proprietary software shows your bias, you are a FOSS hater.

    That is why i say that in some FOSS communities, you would likely get banned for advocating for proprietary software instead of FOSS.

    Iron Heart commented >> Nah, Firefox had about:config before Tor was even a thing.

    Naah again?

    Tor browser is basically hardened Firefox with onion. It must really bother you that the most private browser according to many privacy security experts is based on Firefox.

    Do not get jealous that hardened Firefox is more private than Brave.

    Iron Heart commented >> What about the security issues of Android which uses the Linux kernel?

    Android which uses a MODIFIED Linux kernel*

    I fixed that for you.

    Anyway smartphones are not really privacy devices even with Linux kernel or not.

    Stallman dislikes smartphones apparently.

    Stallman knows his stuff about what should be considered privacy or not.

    Iron Heart commented >> I have already told you that hardly anyone uses tower PCs because they do not meet the usage profile of most people.

    It seems you do not know about the massive GAMING COMMUNITY that specifically only use TOWER PC to do gaming.

    The gaming industry is a very profitable industry and desktop CPU’s/Graphic cards make smartphones look like toys.

    CPU and Graphics in smartphones are quite pathetic when compared to something like a AMD threadripper CPU that has over 60 CPU cores or the latest graphics cards that consume lots of electrical power.

    Iron Heart commented >> Android has very few things in common with Linux in 2022 other than the kernel

    Without the modified linux kernel, android would not exist as an OS. Lol..

    Iron Heart commented >> GrapheneOS is superior to AOSP, just like Qubes OS is superior to plain Debian.

    QubesOS is a good secure OS, but not very practical, it is very limited when used casually, compared to Linux distros based on Debian where gaming can be done and apps are easier to install and use.

    Iron Heart commented >> it actually influences the fingerprint?

    You say turning off JS is annoying. With JS on there is much stronger possibility for advanced fingerprinting methods and tracking,

    You have not a clue what you are talking about.

    Iron Heart commented >> Great. I think that’s mainly due to the hardware though.

    (Supercomputer Fugaku)

    The general advantages and benefits of Linux = free and open-source software, superior performance, flexibility, speed and lower costs.

    You know nothing about Linux, a video game designed for Linux specifically, usually greatly outperforms the same video game made for windows in “Frames Per Second”

    Iron Heart commented >> The only thing that is embarrassing here is your inability to differentiate between different concepts, coming up with a pathetic pseudo-argument based on the mess that you’ve created in your mind.

    You are the one embarassing yourself here!

    Security and privacy are not different concepts in my opinion. People can have different opinions you know? You are only repeating what you hear from a stupid outdated blog and from some blogger who largely has not a clue what he is talking about. This author seems to be some sort of idol of yours lol.

    It seems you need a new idol, because by continously spamming links to that blog, you are only embarassing yourself at this stage, many commenters have ridiculed you here for spamming it repeatedly.

    You have spent weeks here on Chrome and Edge news articles hating on Firefox/FOSS.

  9. Thoughtful Intellectualism. said on September 19, 2022 at 4:58 am
    Reply

    Some more sources that prove Iron Heart has not a clue what he is talking about as regards the advantages that FOSS has in relation to security over proprietary products.

    Some sentences from the article below.

    So why is Linux More Secure Than Windows?
    User Permissions
    Software Installation
    Open Source
    Updates
    Security through obscurity

    Open platforms historically undergo a lot of scrutiny, but there are a lot of advantages to having an open source platform from a security standpoint. — Sundar Pichai
    In contrast, Windows is proprietary software owned by Microsoft, and no matter how many talented developers Microsoft hires, finding exploits will never be as fast as in Linux since there is a big community behind it.
    Linux distributions promote open source software. So most applications you will find on Linux are open source and benefits from the same thing.
    https://medium.com/codex/5-reasons-why-linux-is-more-secure-than-windows-1d036c3d3324

    Also mentioned on that excellent article is that unlike Windows, Linux distributions generally promote open source software. So most applications on Linux Distros are open source and benefits from the same excellent security as Linux Distros.

    Next article,

    Google Research: Linux platform is more secure than Microsoft Windows, Apple macOS, developers fix security holes faster
    According to the latest reports, new research from Google’s Project Zero found that the Linux platform is much more secure than Microsoft Windows and Apple macOS.
    Google’s Project Zero has published new research showing that Linux developers are faster than others at fixing security flaws. Surprisingly, developers seem to be working on maintaining Linux faster than Google’s own internal team.
    https://www.realmicentral.com/2022/02/19/google-research-linux-platform-is-more-secure-than-microsoft-windows-apple-macos-developers-fix-security-holes-faster/

    Linux devs are the best obviously!

    Linux is safer than its competitors because developers race to fix security flaws
    Linux as a platform is a lot more secure than Microsoft Windows and Apple macOS, according to new research by Google’s Project Zero.
    https://www.neowin.net/news/linux-is-safer-than-its-competitors-because-developers-race-to-fix-security-flaws/

    Linux developers patch security holes faster than anyone else, says Google Project Zero
    Linux programmers do a better job of patching security holes than programmers at Apple, Google, and Microsoft.
    There’s a lot of FUD about how Linux is being shown recently to be less secure than proprietary systems. That’s nonsense. But, now there are hard facts from Google’s Project Zero, Google’s security research team, showing Linux’s developers do a faster job of fixing security bugs than anyone else, including Google.
    https://www.zdnet.com/article/google-project-zero-finds-linux-developers-patch-security-holes-faster-than-anyone-else/

    Dear brother Iron Heart to question Google is to question god itself, even Google Project Zero say that Linux developers patch security flaws faster than anyone else. Lol.

    So next time you type your nonsense about Linux and FOSS again you bitter FOSS/Firefox hater, educate yourself first.

    You simply do not have the intellect to understand how FOSS allows better security practice, because FOSS has a massive community with eyes on the code looking for security problems which is a massive advantage for improved security, unlike proprietary crap which just creates an environment for lazy programming with no peer review process from a community as big as the FOSS One.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.