/tech/ - Technology★

Good, Chrome useds deserve it.

>>871962

Don't cut yourself on that edge, wget user!

>>871962

What if it was Firefox or, you know, Palemoon/lynx/qutebrowser/etc.

Wow, its almost like you can get AIDS from dodgy Russian cracks if you don't use a cyber-condom, in our case, is a sandbox or a virtual machine.

Android does not have this problem. Our Lord and Savior Google guards over us. Wincucks BTFO

>>871965

Firefox lets you use a master password.

>>871969

>Firefox lets you use a master password.

This doesn't address the problem that installers run as root, also sage this shit thread.

>>871969

>Firefox lets you use a master password.

this is solved by installing a keylogger.

if a fucking game requires root to install, the browser choice doesn't matter much in the long run. as long as this shit is possible, they will mistreat users.

>muh root installer

Lol no, this shit is possible even in user level installers. In Unixland, Chrome and Firefox data are generally on your home directory, completely unprotected of reads by default from any program running as "you" or, depending on the distro, and by default, ANY program in the system. In Windows this is not much better, as they are inside %APPDATA% amd suffer from the same limitations. I repeat: stealing all your passwords is as easy as copying this folder, and considering all programs you run have the same permissions as your user, all programs are free to interact with each other's config files. The only sane way out is sandboxing, which Android does by default; any other operating system would require third party sandboxing software (ie. Firejail, Sandboxy), or a complete redesign of the way program storage or even processes altogether are handled, but forget about this ever happening because it would be "bloat" for suckless idiots and could probably require work by distro maintainers' part, which is quite hard considering some distroes, like Debian or Arch, have sloths for maintainers.

Remember: even trustworthy software can become untrustworthy due to the funny way C and C++ (protip: 90% of your system is written with those) handle stuff. Without proper hardening features, and even then, ANY program could steal all of your data if not sandboxed. Desktop security is fundamentally borked and you need to heavily reconfigure your stuff if you remotely want to stay safe.

>>871982

>Without proper hardening features, and even then, ANY program could steal all of your data if not sandboxed.

This is why when you have truly grokked computers you will realize, it will become self evident, that c+= is truly the best language. A perfect language.

>>871985

Privilege checks at every instruction is the only solution.

>>871990

Like SELinux? Could you please elaborate?

>>871957 (OP)

>running non-free software will bite you in the ass

welcome to >>>/tech/ how can i help you?

>>871982

>In Unixland, Chrome and Firefox data are generally on your home directory, completely unprotected of reads by default from any program running as "you"

Well at least Chrome on Windows does a bit more than this.

But yeah, the default situation on desktop OSes sucks donkey balls.

>>871971

You can install keyloggers on Unixlikes without admin rights, unless you set your user-writable partitions as noexec. Fun times.

>>871998

Generally speaking, in theory, only syscalls should be privilege checked, but the problem is we so not have a sane tight permission system yet in any OS but Android. In Android, more or less every program is forced to conform to the OS' permissions system in order to acquire them, whereas other OSes simply restrict processes on a case by case basis, so if you missed configuring one you are fucked.

In practice, rowhammer is a thing.

>>872000

Libre programs written by Pajeets (aka any programmer that's not you who was having a bad day the moment he wrote a single line of code) are as bad without proper hardening. Even with hardening, some hackers can do some mighty crazy stuff: the Black Sun server from OverTheWire was a grsec-enabled box and you were supposed to exploit it.

>>872000

Running software will bite you in the ass.

>>872016

t. proprietary apologist B$D cuck

>>872016

running software BLINDLY will bite you in the ass

at least you have the chance to look at OSS without needing a disassembler

>Letting your browser save your passwords

>Using the king botnet

They asked for this.

>>871982

>not running applications that handles passwords as different users with sudo

>not running any application that connects to the internet as different users with sudo

>not restricting access to your home folder and the home folder of different users that run said applications so nobody but the legit user has access to the data on the home folder

This is the basic of the basic of Linux security, if you not doing at least this for your security then you are doing everything wrong.

Ideally you would actually sandbox applications that deal with sensitive data.

>>872018

Fuck off gnu-male

>>871966

>I didn't read

Typical pajeet.

>>872055

>Acksuhlly, you can configure it so it is slightly better.

What if you accidentally run an application you did not configure? What if one of your properly isolated but not sandboxed geta exploited, goes rogue and manages to wreck havok by using a non sandboxed application with elevated privileges (think suid) in unintended and unexpected ways?

>inb4 you should have thought of every possible case

No, if the defaults are not sane, there is something wrong with the program and has to be fixed. You are suggesting blacklisting stuff in a case by case basis rather than applying a sane and secure default clearance profile to all programs and then building up from there. This is the sysadmin equivalent of having a huge switch block to handle every single possible case instead of building a more general construct. This is code smell, so why is it not sysadmin smell?

This is fucked up. I hope they get sued to oblivion just like Sony.

>>872013

is this true for android x86 as well?

For some reason I find this incredibly hilarious. Also, unfortunately, it seem like this could have been used to try to penetrate the computers of Lockheed Martin employees, some of whom might use or test mods to their software.

>Companies with highly confidential / Top Secret information are developing this shit for and on Windows

Anybody else feel like we've been through this before?

>>872013

Libre programs means that users will always have the permission to study and modify the software at any time. When the time happens such that there is proof that a program is misbehaving, then users are always free to improve it. This is not true for proprietary software. For proprietary software, users are completely forbidden to study or modify the software.

>>871957 (OP)

Containers and VMs would be nice. A decent permissions system would be great. A good OS that has both is what we actually need.

>>873031

Android?

TL;DR In pseudo-code:

10 IS SOFTWARE FREE?
20 BRANCH "YES" 30, "NO" 40
30 ENJOY SOFTWARE
40 DID YOU PAY FOR SOFTWARE?
50 BRANCH "YES" 30, "NO" 60
60 ENJOY MALWARE
70 END

>>871985

>This is why when you have truly grokked computers you will realize, it will become self evident, that c+= is truly the best language. A perfect language.

Wrong. C/C++ has horrible code locality issues due to the forced split between source (.c*) and header (.h*) files. This pressures programmers to develop less-advanced algorithms.

>>873205

There is no force to split source files and header files. If you want, you can do without the header files, it's not necessary for C programs.

>>873205

>what is link-time optimization

>>873208

He's probably a /g/ refugee and doesn't know about c+= yet.

>>873034

Good for phones once you remove the closed source non-free bloatware. Terrible idea for desktops.

>>873031

>>873034

>>873288

Android doesn't run applications in a VM though. In Android every usermode application is installed under its own user with its own R/W permissions. So Application A does not have write permissions to the home folder or the folder under application B for example. You could probably setup any distro to do this if you know how.

>>873315

>They dream up a version of how they wanted the world to be, and just pursue that with the intellectual capacity of a zombie.

Too be honest that sounds like a symptom of actual, clinical autism. Maybe whoever thought this was a good idea was autistic. Most people on this board should be able to relate to him if that's the case

>>873288

>Terrible idea for desktops

Explain.

>>873300

This is true.

>>873327

But this is the wrong kind of autism, so fuck him. 8==з

>>873092

just wanted to say, fuck this faggot.

>>873225

How come I never heard about this before? Its even has a official package

Looks very nicely made and active (unlike Xonotic which is dead)

Isn't this illegal, even in shitholes like clapistan?

>>871964

Kill yourself faggot