Robin Gareus <robin(a)gareus.org> writes:
[...]
Heck, if you're worried about this, you can't
even surf the web to begin
with. A simple firefox http request sends a lot more private information
about the user. See
https://panopticlick.eff.org/
True -- I'd probably be digressing from Linux Audio to get into this,
but I think the most privacy-invading thing on any modern desktop is any
"thick" browsers like Firefox or Chrom(ium) that support AJAX,
JavaScript, video-in-a-browser, and the whole nine yards that we've come
to expect as part of our World Wide Web experience. (Basically, if it's
fully functional on Facebook, it's "thick" enough for what I'm talking
about.)
Heavy browsers like this are basically poorly written OS's that run
under your real OS desktop as an application. They have full read/write
access to every file in your home directory, can launch their own
programs, install their own packages, and have enough C++ code to hide
elephants and giraffes. Heck, you can play video games inside them. In
some cases, they may actually be bigger than your real OS. (These days,
Firefox is enormous.)
People used to complain that Emacs, as text editors go, was a rediculous
monstrosity, because it featured basically a whole OS with a package
system and an interpreted language inside your editor. Compared to
Firefox and Chrome, Emacs is a well written, well behaved, very secure
environment that uses very little memory and plays well with everything.
Shows how far down the toilet we've gone that we can now say that about
"Eight-Megs-Always-Constantly-Swapping" Emacs, and yearn for the days of
its relative secure efficiency. When you browse the Internet with a
heavy browser though, you take your life in your own hands, and most of
us do it several times every day on our "secure" Linux desktops. That's
the real exploitation path for most users. They don't need your root
password. They don't need an obscure buffer overflow in some library
you never think about. They just need you surfing the web in your
big-as-a-whale web browser.
--
+ Brent A. Busby + "We've all heard that a million monkeys
+ Sr. UNIX Systems Admin + banging on a million typewriters will
+ University of Chicago + eventually reproduce the entire works of
+ James Franck Institute + Shakespeare. Now, thanks to the Internet,
+ Materials Research Ctr + we know this is not true." -Robert Wilensky