arisuchan    [ tech / cult / art ]   [ λ / Δ ]   [ psy ]   [ ru ]   [ random ]   [ meta ]   [ all ]    info / stickers     temporarily disabledtemporarily disabled

/cyb/ - cyberpunk and cybersecurity

low life. high tech. anonymity. privacy. security.
Name
Email
Subject
Comment

formatting options

File
Password (For file deletion.)

Help me fix this shit. https://legacy.arisuchan.jp/q/res/2703.html#2703

Kalyx ######


File: 1515620148811.png (1.28 MB, 1920x1080, neon_test_render.png)

 No.2372

Hey Alice,

I have taken the time to read the Board Guidelines (https://legacy.arisuchan.jp/infornography.php#guidelines) and under "Please use a browser that respects your privacy and security" it says that "Google Chrome is literally a botnet".
After a bit of digging I was unable to find trustworthy information that confirms this. Sure, Chrome wants the ability to auto-update itself whenever it likes without any action by the user, is not fully open source and is made by Google, one of the biggest companies in the world. But having the ability to be a botnet doesn't mean that it actually is a botnet.
Can you give me a source on this?

I should add that I personally use Firefox, Google already has way too much data about me. I do not want to add even more by using their browser.

 No.2374

Your overthinking the word choice. The opinion you hold about it is the reason we call it a botnet.

 No.2375

>>2372
Set up a wireshark or tcpdump to capture http packets
Launch a browser (Firefox or Chrome)
If it sends any packets to third-party servers on startup like Google's or Mozilla's then it is a botnet.
If it sends or requests any data to/from servers user did not voluntarily authorize it to, for example when you visit a link, it sends a shadow copy to Google for "malware inspection" then it is a botnet too.
Basically every proprietary program with networking features is a "botnet" since it may have undocumented backdoors or phones home regularly siphoning unknown information.
>the ability to auto-update itself
How to spot a microsoft botnet node user 101

>I should add that I personally use Firefox, Google already has way too much data about me.

You are beyond salvation, keep using Chrome, citizen.

 No.2376

I'm not sure if it's a proper botnet but it is certainly spyware, given how much it tracks and phones home to Google. I use Iridium browser instead.

 No.2377

>>2372
I too use Firefox, quit using Chrome ages ago.

 No.2378

File: 1515697622495.jpg (215.2 KB, 1024x1542, ushijima.jpg)

First of all
>Chrome wants the ability to auto-update itself whenever it likes without any action by the user
>is not fully open source
Software with these attributes should be unacceptable. I won't be arguing this point, but can elaborate if you'd like.

Next, what is a botnet? I would define it as a network of bots. Network meaning a collection of computers that communicate with each other, and a bot being a program that runs autonomously.
>auto-update itself
meaning it makes connections to [i]at least[i] one third party server.
>without any action by the user
autonomously

Just using information you put in your post, without asserting that it phones home or does other nefarious/malicious things, it seems it's a literal botnet to me.

>having the ability to be a botnet doesn't mean that it actually is a botnet

You aren't very /cyb/ are you?

 No.2379

>>2378
So you only run audited (or at least audited by other people which you've checked and confirmed(!)) software on your machine? From every daemon to any client you use? You know every kernel module and any app plugin you use? I have my doubts to be honest.

Sure, having to answer no to my question doesn not unmake chrome the spyware it is. Unannounced auto updates infiltrating closed source compiled spy plugins proved this. But switching to Firefox (though becoming less and less trustworthy) in response is a nice first step.

But acting like you're super hardcore and excempt from privacy breaches makes you less legit in my opinion tbh. Friendly pointer would be a more constructive way to go about it =)

 No.2380

Do you use your phone? Congratulations, you're using a botnet capable device and software.

It's less about the actual "idea" that the software you use and give your information to can be used for a botnet, but more about the actual morals and stance you have on the software and hardware. Google is actively collecting your information day in and day out, and using Chrome is just streamlining that collection and allowing yourself to be more exposed to these data collection companies.

It's up to you whether or not you want to use it.

 No.2381

I'm using Chrome right now, to be perfectly honest. I'm just too lazy to find a better one, and I'm borrowing someone else's PC whenever I'm here so I'm not about to dig around to find some shady alternative when it's not my own property at stake.

 No.2382

To cyberpunk people, the burden of proof is reversed. Unless you prove beyond the doubt of any that you are absolutely open and do absolutely nothing wrong, you are automatically a botnet. They take nobody else's word for what a piece of software is or isn't. This attitude is based on principles optimized for security and privacy instead of rationality, peer pressure or compatibility. For a cyberpunk kind of Alice, not speaking is preferable to speaking on a compromised channel.

 No.2383

File: 1515735623462.bmp (1.61 MB, 750x750, flower2.bmp)

>>2379
LOL did you even read my post?

>So you only run audited [(or at least audited by other people)] software on your machine?

>From every daemon to any client you use?
>You know every kernel module and any app plugin you use?

I've personally audited next to nothing that I run. I also didn't say a single thing, explicit or otherwise, that would imply I did.

>Sure, having to answer no to my question doesn not unmake chrome the spyware it is. Unannounced auto updates infiltrating closed source compiled spy plugins proved this.

I'm not sure what any of this means to be honest :(

>But switching to Firefox (though becoming less and less trustworthy) in response is a nice first step.

Yes it is. If you want to go even deeper try gnu icecat ;+)

>But acting like you're super hardcore and excempt from privacy breaches makes you less legit in my opinion tbh.

I'm not sure you even read my post tbh. Why are you resorting to personal attacks? I don't believe myself to be 100% cybersecure, and I in no way made any such claim or assertion. In fact, I didn't say a single word about myself at all, and still haven't. If you'd like to know about the hardware/software I run you could ask.

I'm sorry I upset you.

>>2380
>Do you use your phone?
No, don't have one, lol

>>2382
pretty much this, in reference to the last thing OP said, which was
>having the ability to be a botnet doesn't mean that it actually is a botnet

 No.2384


>muh botnet rrrrrrrroooooooaar

Being 4chan refugee is a tough thing, huh?

 No.2385

>>2382

Yes, I do not trust Google, use DuckDuckGo as a search engine and always connect via a VPN. I am very paranoid about my data and do not trust closed source applications.
I should have made this more clear, I hoped that the last part of my original post would have cleared this up.
But it seems like most people on /cyb/ agree that it its closed source, hat it could theoretically be controlled by obe companyand its tracking are enough to classify it as a Botnet. I personally do not agree with this definition, but can definitely see why you would classify it as one after reading people's opinions.

 No.2386

>>2378

Yes, by that definition Chrome is a botnet. I personally wouldn't call it that as how I see it, a botnet is made to spam, not to collect data. Although I can definitely see where your definition comes from

>you arent very /cyb/ are you

No need for attacks, all I asked for is answers. I don't trust Chrome a bit, I just wanted to know why you would call it a botnet, not defend it. I thought my last statement
>I should add that I personally use Firefox, Google already has way too much data about me. I do not want to add even more by using their browser
cleared that up, but apparently not.

 No.2387

>Google Chrome - Botnet?
I thought this was obvious. This is a question worthy of a thread?

 No.2392

lol the fucking Google Chrome internet defense army and shills in this fucking thread

put the burden of proving an extremely popular product (by fucking google of all corps and companies) is a botnet is somehow on us?

>>2384
if anything, you are behaving as a 4chan or probably even reddit refugee. the same ignorant blahblahblahcanthearyou kind of attitude coupled with WELL PROVE THAT EVERYONE AROUND ME ESPECIALLY THE MEGACORPS ARE NOT GOOD BOYS WISHING THE BEST FOR ALL OF HUMANITY AND ME BECAUSE WE LIVE IN A FLOWERBOY WORLD soykaf.

I really want to believe google is paying you to defend it online, because if you do it for free there's probably no saving you.

 No.2393

File: 1515917552567.jpg (150.81 KB, 850x1203, lillie.jpg)

>>2392
savage, but seconded

 No.2394

>>2392
>non-post-ironically live action role-playing as 8chan refugee itt

 No.2683


 No.2687

>>2683
>on-your-windows-computer
r-right…

 No.2714

So what browser would be recommended then?

 No.2715

File: 1524397637625.bmp (5.02 MB, 1024x1542, ushijima4.bmp)

>>2714
Gnu Icecat
Favorite browser of mine for years

 No.2716


 No.2723

>>2714

Many answer for this question I fear…

Like >>2715 said Gnu Icecat is a most for casual browsing.

My personal preferences over many year is Firefox ESR. The reason for this choice is really simple. I apply myself modification to make it more privacy oriented and at the same time without having to worry about new undiscovered bug from newer version.

What I found was more interesting to respond for this question is probably this. The browser you use doesn't matter it's the way you use to browse internet that as more impacted on your data. For example keeping cookies in the web browser, using google search engine all the time, accepting every script without looking etc etc. I believe if you practice good ways of browsing the internet is even better then even the most privacy oriented browser. This is my personal opinion and i might be extremely wrong, but that just what i see over many years. In fact this is something we don't often see as a guide on internet, a browsing guide privacy oriented.

 No.2792

^ I agree, and I think it's because we live in a product-oriented capitalist society. People are told to simply buy (or in this case, install) this one thing, and all their problems will be solved.

"buy this diet food(TM) from goodcorp(R)" instead of "eat healthy and do sports"
"install this browser and those extensions" instead of "don't run js by default, don't use google search"

 No.2793

File: 1525994081514.jpg (74.44 KB, 403x604, e5lPEMxCSCE.jpg)

There is ungoogled chrome that have less botnet than chromium. Still it eats much cpu and ram, but still firefox cannot handle simple page and display it properly. Mozilla is doing soykaf with privacy right now. All of these sucks, so the guy >>2723 is totally right. People dump tons of data into facebook or VK or twitter or anything huge and popular, and also then they are going to some kind of reddit and start to fight for the glory of privacy under nickname "An0nimoou5_2005".

>>2792
Same situation as above. People that 'fight' for the privacy are like: 'hey, Google sucks, let's use Mozilla and DuckDuckGo!' and then after several hours they use google translate or their new shiny technologies with AI, still thinking they got rid of Company Evil and Co. If you want to know: DDG is hosted on Amazon. Basically people are just switch one soykaf to another, but now because they've been told not to buy, but to be controversial. If you don't want to think, no matter what people will told to you, the only person that will really care for you is yourself.

 No.2796

File: 1526067935431.jpg (16.03 KB, 480x479, oneXcjf.jpg)

I use Chrome and Firefox for regular stuff (albeit no Facebook as well as several other social media platforms) and Iridium/Palemoon through VPSes serving as socks proxies for grey area stuff. Bad stuff gets VPS→Tor→unsecured IoT

Rationale:
I feel like you gotta have some kind of footprint, cause no footprint is worse than a plain one.

I very much dislike any movement or ideal that restricts my use to only one technology. To me, being unable to navigate or work on a system just because my beliefs prohibit it is the opposite of freedom. Anyone in a competitive tech field understands the value of being able to work a solution on a system/technology no one else is familiar with.

Basically, I prefer freedom of movement, and being able to adapt to whatever system I land on in the Wired.

 No.2802

>>2796
By insecure IoT you mean soykafbox home routers with default password web interface in WAN or do you have your own botnet made of smart buttplugs?

 No.2813

>>2375
>You are beyond salvation, keep using Chrome, citizen.
bad advice. no one is beyond salvation. OP should opt for a small browser like falkon.

 No.2826

>>2793
would you preffer to switch to (in the case of the search engines) no search, or do you have a solid replacement?

I've tried getting away from ddg and its frustrating to say the least, there are some alternatives like startpage that are just alternates to google, a lot of ones I also fine. . . quesitonable and corporate, and then things like searx (just metasearch) and yacy (which is a pain and generally not great outside of a specific domain).

What do other alices use for searching the web ?

 No.2854

if you are using a modern computer (doesn't matter what OS), your hardware is likely tracking you at a deep level. people in here thinking they are clever or hidden for using firefox and a vpn are wasting their time; further reinforces that this is a hobbyist board. if you want serious information on cybersec I suggest you get it elsewhere



[Return] [Go to top] [ Catalog ] [Post a Reply]
Delete Post [ ]