10·
2 days agoTBH I still donate $5/mo to Mozilla. But only because someone has to fund the upstream development of the browser I actually use (and which arguably is the browser Mozilla was supposed to be)
nymnympseudonym
“If man chooses oblivion, he can go right on leaving his fate to his political leaders. If he chooses Utopia, he must initiate an enormous education program - immediately, if not sooner.”
-R B Fuller
- 0 Posts
- 13 Comments
Joined 8 months ago
Cake day: August 25th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2·2 days ago(tech)
Yeah, we’re on the same page (and probably approximate darknet-fu level)
people might just click “allow” on something
They do this even while not hind-brain-horny. Which is why defense in depth is good. From the network to the browser to the OS to the firmware to the hardware. Amen.
This could have been you, Mozilla.
sniff
I wanted so much to believe in you
they load some resource via the clearnet
That means going through an exit node, which knows the clearnet address but not your IP address. Again that’s the point of the design.
or WebRTC
Then you didn’t have ‘Safest’ mode enabled
one of the several other methods to squeeze an IP out of a browser
-
Those are called bugs and they do happen but the question is who is attacking you. Assuming you are fully up to date, they are burning an 0day to do so.
-
That’s why solutions like Tails, Whonix, and Qubes exist. Even if the browser is compromised, those OSes guard you against leakage.
Q: What did Snowden use to walk out of NSA with gigabytes of national secrets?
A: Tails on a USB stick (hidden in a Rubiks cube)
EDIT: Oh yeah. Streaming videos over Tor literally cannot be done without giving up your anonymity. So no those sites won’t work the way you want them to. You can still download MP4s off PornHub and XVideos though. I have… tested this.
-
Think of the children. Use vim.
Yeah, “make a 100% selfhost mozilla sync” is about number 12 on my long list of cool tech projects I swear I am going to get to.
EDIT: But seriously in terms of low effort and high security (due to E2E and relatively high number of eyes on Mozilla sources) it hits the sweet spot for me. Even though yes Mozilla and its advertisers know when and from what IP addresses I login to Mozilla services.
use some TOR browser bundle or something like that
First, this was an I2P link not a Tor .onion link. They are different, non-interoperable anonymity protocols.
Second, using Tor browser directly would be zero layers of sandbox. Running Tor browser inside a VM would be one layer of sandbox.
someone trying to use JavaScript against you, or leverage other browser techniques to leak your IP
Ummm… first the whole point of Tor and I2P both is that nobody knows your IP address. Not even the website operator. Not even the darknet node operators, except the entry node you initially connect to (it kind of has to know your IP address for that to work). And that entry node can see only your IP address – it has no idea what sites you connect to from there or what data you transmit.
Lastly, if you’re taking the trouble to use Tor or I2P in the first place – turn off javascript. Or even better, just move the slider in Tor Browser to ‘Safest’ mode (why that isn’t the default has been the subject of a religious war, one where my side so far has lost, so you do have to do this manually)
Not clicking that without like 2 layers of sandbox isolation
Mozilla browser sync
Self-hostable if you want
There is already a darknet
ed