It's not, though. There simply wasn't enough malware to worry about. Why would I run a firewall when I was unlikely to ever encounter a malicious program?
I mean, supply chain attacks are a thing that could have happened even in the earlier days. Linux almost got backdoored in 2003.
Also with the number of remote code execution exploits that have occurred in Web browsers over the years it's hard to know for sure if what you installed hasn't been hijacked unless you spent all your time on gnu.org
Run OpenSnitch for a while and you'll quickly realize how much of your system does phone home. Off the top of my head:
- GNOME Shell (extension updates without a way to disable this, weather),
- GNOME Calculator (currency exchange rates),
- NetworkManager (periodic hotspot portal checks in most configurations),
- GDB (debuginfod enabled by default),
- Firefox (extension updates, push notifications, feature flags, telemetry, ..., some parts cannot be disabled),
- VSCodium (Open VSX callbacks even when installing extensions from disk with updates disabled, JSON schema auto-downloads, extensions making their own unsolicited requests, ...),
- Electron (dictionary updates from Google servers, no way of disabling; includes any application running on top of upstream Electron, such as Signal, Discord, etc.),
- GoldenDict (audio samples fetched from the Internet on word look-up, no way to disable)
Of course, this is nothing compared to Windows [0] and macOS [1], but the malpractice of making Internet connections without asking, by default, has unfortunately been finding its way everywhere since modems stopped making audible sounds.
Having read about PRISM and seen the leaked dashboards of Paragon Graphite (said to be used by ICE), and with LLMs bridging the gap between mass and targeted surveillance, I don't want any of this.
Approximately 10-15 years ago I used an early Android app that synced contacts across multiple (local) accounts and deduplicated and merged them. It had Internet permission for some reason; on asking the developer why a dedicated contact management app would need to go online (in a time where I was using XPrivacy to prevent other apps from seeing my contacts), they said there was no real reason for it, and it was removed in an update two days later. This is the only time I've ever seen an app remove the ability to access the internet, and I really wish it was more common.
Of course, about 5-6(?) years ago Google removed it from both the play store and my devices (I allowed it because silly me assumed I could still get it again) because it requested a sensitive permission and didn't support runtime permissions.
Per se? No, maybe with the exception of GNOME Shell which literally runs code from the Internet unsandboxed. Can the traffic they silently generate be used for malicious purposes? Absolutely.
Wasn’t it KDE that had malware in its theme store not too long ago? Let that sink in for a bit. You changed around some icon themes and it executed arbitrary code.
And let’s not pretend that kde wouldn’t have an extension system if it could - but it’ll never have one because implanting one in that c++ spaghetti nightmare will never happen.
But if not, I'm not criticizing GNOME in isolation here. It's just what I use and what I'm most familiar with. KDE has the same issues and it does have an extension system too. It's called KNewStuff.
Problem with updates is that without automatic ones, users could stay on outdated systems and possibly get hacked through some vulnerability(of which there are many). While on the other hand, having explicit confirmations for each network request would be crazy annoying.
Maybe some middleground of having the tool OP sent built-in would be a good option.
I run all my systems with all outgoing connections blocked by default, and yes, it is annoying.
But it wasn't always this way, and so, I don't think it has to be. People just need to start paying attention to this.
The impact of a lot of those vulnerabilities would be mitigated if the affected programs didn't connect to the network in the first place.
As for updates in general, I really like the model adopted by Linux update managers and BSD port systems. The entire repository metadata is downloaded from a mirror and cached locally, so the search terms never leave your machine. Downloads happen from the nearest mirrors, there's no "standard" mirror software (unless rsync and Apache count?) so they don't report what was downloaded by whom back to any central system and you can always host your own. Everything is verified via GPG. And most importantly, nothing happens on its own; you're expected to run `apt/dnf update` yourself. It won't randomly eat your bandwidth on a metered connection or reveal your OS details to a public hotspot.
Simple, non-invasive, transparent, (almost) all-encompassing, and centrally configurable.
It contains Firefox and Chromium. You are right that they may call home, but at least it's very limited and easily configurable. Could be too much for you but fine with me. Also Debian does change their config by default to minimize privacy issues: https://news.ycombinator.com/item?id=32582260
It's far from easy in the case of Firefox [0], and the last time I tried, some .mozilla.com domains would still get pinged. Chromium doesn't even have an official guide. The only options I found to be reliable are source-level patches, i.e. ungoogled-chromium and LibreWolf.
Note that LibreWolf still leaves some of the stuff on for you to manually disable (dom.push.connection.enabled, extension updates).
I agree that push connections should be disabled. Maybe it can prompt you the first time you try to subscribe to one as to whether you're like to turn them on; this would annoy me personally, but also not break features by default. The annoyance hardly matters as websites already put an in-page prompt up before using the API, iirc because of Apple restrictions.
Enabling extension updates by default seems like a smart thing, though, as long as you can turn them off easily (there should really be a setting for this), and possibly a 6-month reminder to update them (similar to the refresh your profile reminder when you haven't used the browser in for a while). Extension updates happen, and many of the most widely used extensions (eg. ublock origin) really should be updated every time it's available. Better that than having the extensions go online to fetch and run arbitrary payloads because you know they will if disabling updates gets popular enough.
It’s a company that turns plants into meat like substance. There is no plant that grows like this, of course it has to be processed to get from its original form to the new form.
Likewise, not all processing is bad. Cooking food is a form of processing and just makes the nutrients much more easy to digest.
Missiles are a lot more expensive and much less reusable than goons though. If the nation state can’t afford the goons, it can’t afford to missile you either
With the digital panopticon neither goons nor missles are really necessary. Opressive forces can just disable your spending and travel credits. If they need you dead or in custody they can just grab you the next time you pop up on camera near one of their agents.
> Opressive forces can just disable your spending and travel credits
"Disabled spending" already happened to the people in the ICC that acted contrary to Trump's diktats[0], without the need for a digital panopticon, both the banks and the government know who you are.
The coat asymmetry with drones is crazy, they are stupid cheap to deploy on a nation state level. I feel like it’s going to be years until we fully learn the lessons from the Ukraine Russia war.
The price of the carried inventory is still significant; the scale they mention reaching towards is thousands per day. That's not including the backlog of components they would have onsite to ensure production uptime.
Absolutely, but they are not losing a billion+ in EUV machines with year+ lead times in a flood. It'll hurt for sure though and doesn't appear to be the smartest overall move.
That was my first thought as well, especially given the accusation of code of conduct violation. Not that I think that Adafruit is perfect no matter what, but I would have been shocked if this turned out to be true as stated.
Isn’t the real problem that the new menu somehow can’t show the missing entries of the old one but with its new coat of paint? It’s all data, why can one of them not display the old data?
The Windows 11 default context menu uses a newer API (IExplorerCommand) compared the older method which involved screwing around with the registry, and having everything play nice.
Frankly, this just follows all the same problems that MS has had with since after W7. Their own APIs have a lot of warts and problems, but MS has not been able or willing to follow through on the migration required to actually move to a whole new API. This has shown up in their Windows GUI frameworks, it's the exact same problem with the Control Panel vs Settings, and here it is again.
I can sympathize with many of the stated goals/benefits, and I can understand the technical difficulties with transparently porting registry craziness into their new framework, and infact I applaud that their fallback is "perfect" - it is just the old context menu. I just wish there was a setting toggle to set the default.
reply