What fonts are the most common on Linux today?
Had the same issue with Plasma Wayland in QEMU but I never found a solution. Toggling anti-aliasing sometimes helped, temporarily
Try going down the page and looking for the categories with more than a few bits of identifying information. I'm running LibreWolf with just uBlock Origin and Dark Reader (which I don't think influences results) and I'm able to get nearly-unique, instead of unique (but I do get unique on default settings). TBB gets non-unique, which is a good set of results to compare to.
In my case I noticed that my fonts were really unique so I set browser.display.use_document_fonts = 0. Also I use my WM to set my page resolution to 1920x1080, which seems to have a better fingerprint than the default LibreWolf floating resolution of 1600x900 (and even the letterboxing resolutions, from what I can tell).
I just spent some time testing again and checking for anything else. RFP does force a generic user agent, but unfortunately it keeps the version information and I can't figure out how to change it with RFP on. Would be nice to set it to the ESR version used by TBB (which has lower bits), but I'm not sure if that would lead to a more unique fingerprint (if, say, a feature was detected that is available in later versions but not ESR).
Edit: just tried Mullvad browser, and it's non-unique! Might be the best option.
Genkernel is a good alternative generator, but you can also write your own initramfs and build it into the kernel. A custom initramfs (see also) is pretty flexible- I've had success setting up cryptsetup, lvm, and dropbear sshd by reading the various wiki examples. Not sure about your Intel issue though
Was getting 71% on Librewolf with only uBlock Origin. Enabled every blocklist in the extension and am now getting 100%. Thanks for sharing!
Yes! Depending on how much time you want to spend figuring things out... there is a learning curve, but the documentation is quite extensive. And you do learn a lot about Linux by diving in. The compile times aren't really an issue today if you have decent hardware- I run it at home and on all of my servers (some of them not very powerful). You can do other things while it's compiling.
It's great if you want to customize everything and learn how your system works, or are interested in optimizing everything for your specific CPU architecture. There are a few pitfalls (especially when learning), but I've generally been able to learn how to fix any issues as they arise.
Also, the package availability is great. If you can't find something in the gentoo repository or in an overlay, you can usually find its dependencies and build it yourself.
I can't speak for YubiKeys themselves, but I've been using an OnlyKey for years (which can emulate one). Works great for KeePassXC, but only because it can type the DB password (challenge-response unlock still requires the password). I haven't used the YubiKey emulator very much, except with a few services that are much easier to use if you have one.
I think it's great to have the option of securing things with a hardware key, and I think it's a good investment in general. But as others have said, it's probably not be the best choice for KeePassXC (but there are benefits). I would recommend an OnlyKey, but it seems the prices have gone way up and they're sold out.
No problem! And yeah, it's good to see people talking about it over here. I think it's the best tool for online privacy OOTB (depending on your threat model), and it gets better the more people use it.
The difference is that your ISP doesn't know where your packets are headed, and the destination doesn't know where your packets came from. The ISP sees you connect to the entrance node and the destination sees you connect from the exit node, and it's very difficult for anyone to trace the connection back to you (unless they own both the entrance and exit and use traffic coorelation or some other exploit/fingerprint). Regardless, both parties are generally able to tell that you are using TOR if they reference lists of known entrance/exit nodes. Also the anti-fingerprinting measures taken by TB are a bit more strict than other privacy-focused browsers
It's great for anything low bandwidth that isn't tied to your identity, and helps for peace of mind, despite its issues. You do run into captcha or DDOS protection issues occasionally, but the new tor circuit for this site button sometimes works. Also it uses letterboxing to prevent resolution-based fingerprinting, which isn't very pretty, but leaving it at its default size (or locking the size using the WM) works well and is good for privacy.
Yep that was after make clean :). Running a 12-core Ryzen 9 that's a few years old and 64GB RAM; using 24 threads does speed it up quite a lot.
Edit: to be sure, I completely removed the source directory and re-emerged gentoo-sources and got similar results
Great idea to use GPT for that! Been wanting to trim mine down for a while; will give it a shot.
With a decent CPU the kernel compiles pretty fast. I'm using a default configuration with modules disabled (compiled in) and various settings enabled/optimized for my hardware, and this is what I get:
make -j24
real 2m16.357s
user 38m36.133s
sys 4m26.449s
An extension would be cool! I'm currently trying to do something similar, in some sense; I've patched my instance to filter out DB results from public queries so that only my posts and comments are visible (unless I am logged in).
The only thing I’m not sure about yet is if it’s possible - if I create a Post on an instance that’s not my home, who is hosting the data? Do I only send ActivityPub Create Post with the data and the instance then saves it, or do I create the post on my own instance, send an ID, and if someone requests the Post data on the instance I posted to, it will be requested from mine?
I believe it might be possible, but I'm not sure. It seems that the protocol itself is mostly geared for synchronizing data and distributing updates. From my limited understanding, servers follow users or communities on other servers, which inform those servers that updates should be sent to the requesting inbox. These updates are then used to build up a local copy of the remote page. In the case of a remote community, users interact with their local copy and notify the remote community of those changes.
For example, I am viewing a local copy of this post that I received from lemmyml, and my reply to your comment will be stored locally. My server will notify lemmyml of this comment (including its contents), and lemmyml will notify my inbox if anyone interacts with it (because I am a follower).
It seems that at least some of this syncing might not be necessary... a lightweight frontend could rely on the API of each site it connects with to build up the activities it sends. However, this would probably cause some unnecessary traffic, as such a follower would both receive updates and query the API. Also it would probably break some things, such as ap_id (see the multicolored fedilink icon, which points the original copy of the content on my instance).
Also a fan of sway! Plenty configurable, and swaymsg+jq bash scripts can go a long way. Hoping we'll see more development in lightweight DEs as well- Wayland is pretty great, and sway could use with some more features. also nice username :D
Absolutely! I haven't had any problems setting up dependencies for various projects and have only needed overlays a few times. Sometimes USE flags can be tricky but most things are pretty well documented
Encourages hardware-based optimization and kernel specialization
Out-of-box security configurations supported by the organization (SELinux, hardening)
Excellent package and dependency management with a wide variety of up-to-date software
I use Terminus (ter-112n) for TTY, Source Code Pro for terminal emulators, and DejaVu, Liberation, and Noto for others