Special Wall

This depends whether you care about security or software freedom guarantees. Because if it’s security that is the priority, F-Droid is a much weaker option than Obtanium+Appverifier because they use their own signing keys for nearly all apps. If F-Droid’s build infrastructure is ever compromised, then almost every app you have downloaded through it is also compromised. The inability for developers to control their own signatures is part of the reason Signal does not release on F-Droid.

Accrescent is a much better option than anything else because it still allows developer-managed keys, although it doesn’t have many apps. Google Play (although it does have high-security infrastructure) has the same problem as F-Droid of centrally managed keys. Obtanium with Appverifier at least lets you ensure that your app is signed by the developer.

Yeah, I’m actually a bot working for the NSA, sorry.

Okay. Well, in this case it would probably be a good idea to at least have the update process also verify developer signatures, since otherwise it’s not only trust on first visit, but trust every update.

And yeah, I agree that a standalone package might be a good solution, as long as it is signed.

If the user trusts the server to serve safe JavaScript each time they connect with an empty cache (which is cleared often for privacy-conscious users), I’m not sure how this adopts a very different security posture from the Trust On First Use security model that’s used by many other apps, even if the app itself implements secure MITM mitigations using data from shared links.

When you have an app with dedicated updates, it is possible to verify that it is genuinely from the developer or maintainer. Web browsers’ certificate validation protects against connecting to a fake server, but it does not protect the user if the server is compromised when they first connect.

The most security-conscious users are going to end up hosting the JavaScript in a webserver on localhost, and at that point it might as well be a dedicated application.

You can run appimages in Tails

Removed by mod

What’s the alternative? Keeping Nicolás Maduro in charge?

Yeah, any authentication cookie will be unique to you, so if you do use one, Google will be able to track you across browsing sessions, which is likely what you’re trying to mitigate by clearing them.

I don’t think there’s stigma. Most users use package managers to get their software. For large operating systems, a torrent does help make downloads faster and less expensive when many people begin to seed it (and many FOSS operating systems do offer torrents), but most projects won’t benefit from that.

I personally would not want to go through the hassle of getting the magnet link, putting it in my torrent program, waiting for it to finish, verifying the signature (if there even is one) and the checksum, and only then manually extracting it so that I can use it.

There are extensions that let you encrypt/decrypt messages right in your Gmail inbox. I’m not sure whether that would let Google grab the decrypted messages using JavaScript, though.

It’s news to me that you can’t connect to a proxy over a VPN.

I don’t know why there’s a need to use outdated symbols here.

If you don’t use Tor: https://www.privacyguides.org/en/

There are going to be more services you need than http and https. You’ll also need to allow DNS queries and a way to keep your time updated, for instance.

The advantage of blocking incoming connections is that each potentially vulnerable network service isn’t automatically exposed to the internet. Blocking outgoing connections isn’t going to improve your security much, considering that any compromised service trying to phone home could just use http, the same protocol your browser uses.

It would still matter that your OS isn’t up to date. For instance, if there is ever a vulnerability in the way Windows 10 renders an image format that allows remote code execution, Microsoft will not give you a patch.

If you must remain on Windows 10, the best way to reduce attack surface is going to be to uninstall as much software as possible that you don’t use.

If you only use a browser, then you could have a quite seemless transition to Linux. That way you can have an up-to-date system. The vast majority of browsers support it natively, including Chrome and Edge.

Or maybe it’s the other way around 🙀

De-Googled forks of Android would have just reversed that limitation

If you want F-droid’s moderation, you can still ensure the code is original to the developers by verifiying signatures with something like AppVerifier.

That would probably be more effective as a form of protest against such technologies.

Yes. I’ve noticed this is a lot more common for Mullvad than for ProtonVPN servers.

What exactly is your concern? It’s a decentralized service, so it’s not as if any of your data has to be controlled by them to use it