Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    wchen342
    @wchen342:matrix.org
    [m]
    Well considering how much resource chromium needs to build..
    networkException
    @networkexception:chat.upi.li
    [m]
    yea true
    wchen342
    @wchen342:matrix.org
    [m]
    I can't tell you details but Brave has a server farm for CI so.
    How long does it to build the Windows version on Github btw?
    networkException
    @networkexception:chat.upi.li
    [m]
    oh yea I can imagine... 21 - 26h from quickly looking at the recent 3 runs or so
    wchen342
    @wchen342:matrix.org
    [m]
    Oh that's even longer then Android..Maybe we can collectively do a bargin with Gandi.
    They provide credits for my android version, also for Bromite.
    networkException
    @networkexception:chat.upi.li
    [m]
    On what bases to they provide credits? Do you get a VM to configure or is it some locked down system?
    wchen342
    @wchen342:matrix.org
    [m]
    It's a VPS machine. They count costs on a hourly basis unlike others so you need to shutdown the machine when not using them.
    But for me they give me like $150 once and I can use it for about 5 months.
    networkException
    @networkexception:chat.upi.li
    [m]
    Ah I see
    covid-1984
    @covid-1984:matrix.org
    [m]
    What do you think is the best sandbox you can run UG in for the best protection? Perhaps have the profile folders mounted into a docker or podman environment that doesn't run as root?
    networkException
    @networkexception:chat.upi.li
    [m]
    that sounds quite complicated
    I'd just use flatpak?
    3 replies
    not too sure how strong the sandboxing is tho
    covid-1984
    @covid-1984:matrix.org
    [m]
    Idk about flatpak security
    networkException
    @networkexception:chat.upi.li
    [m]
    yea ik but that only complains about default permissions
    1 reply
    you can adjust those
    covid-1984
    @covid-1984:matrix.org
    [m]
    Nicer, I think, to run the thinnest possible container with no root privs and files selectively mounted
    But I wonder about dataloss if the docker service crashed (or something). Maybe the host is just backing up the profiles dirs for a bit to test.
    networkException
    @networkexception:chat.upi.li
    [m]
    I think the most common method is using com.github.tchx84.Flatseal to limit directory access
    jason1923
    @jason1923:matrix.org
    [m]
    hi, is there a way to disable Progressive Web App install prompts?
    covid-1984
    @covid-1984:matrix.org
    [m]
    Are there any security improvements to vanadium that could be applied to UG too?
    networkException
    @networkexception:chat.upi.li
    [m]
    I've looked through the patches quickly, seems to be mostly default settings and basic fixes
    2 replies
    covid-1984
    @covid-1984:matrix.org
    [m]
    Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
    2 replies
    covid-1984
    @covid-1984:matrix.org
    [m]
    :point_up: Edit: Would be curious to know if Eloston & wchen342 think running UG in (a well-configured) firejail or bubblewrap would provide another layer of protection (between attacker & your filesystem) in the case of chromium 0-days.
    covid-1984
    @covid-1984:matrix.org
    [m]
    https://theevilskeleton.gitlab.io/2021/02/11/response-to-flatkill-org.html -> gonna study this and look into the best config options for flatpak for running chromium, for now.
    wchen342
    @wchen342:matrix.org
    [m]
    The topic can be expanded all the way to pages, and it is not a "right vs. wrong" thing. Some very quick points being: 1. bubblewrap is better in terms of security, failjail has better usability; 2. Like flatpak, failjail needs to be set-up correctly otherwise it's a placebo; 3. Linux desktop is inherently insecure, thus Qubes. However security is usually not the first priority in the choice of using Linux; 4. It is kind of unfair to blame flatpak because packages set their own permissions; it can be improved probably with a permission whitelist like Android but that's a design choice.
    wchen342
    @wchen342:matrix.org
    [m]
    It depends on what the package maintainer did for the package. Is it rany ?
    rany
    @rany:fairydust.space
    [m]
    wchen342: I haven't hardened the permissions too much in an effort to reduce bug reports related to broken functionality. By default I allow access to the read-write access to the home directory and all devices (webcam, GPU, etc)
    You could use flatpak-override or a front-end to it like Flatseal to change that and harden it
    digital mystik
    @digital-mystik:matrix.org
    [m]
    hello this is probably a silly question but I am not a seasoned chromium user.. how can I disable the home screen shortcuts from visited websites? I could not find any pertinent settings and am not sure how its persisting
    I have site data to clear on exit.. hmm
    digital mystik
    @digital-mystik:matrix.org
    [m]
    nm, read a few of the github issues regarding it
    networkException
    @networkexception:chat.upi.li
    [m]
    You can also set a custom new tab page with the custom-ntp flag (in case there's no other way to disable them)
    Kurt Fitzner
    @VA1DER
    Hi all. I'm having issues using UG to log onto Microsoft Teams. I'm curious if this is a known issue and/or if anyone knows a config setting that might make it work.
    networkException
    @networkexception:chat.upi.li
    [m]
    Are you getting a specific error?
    Kurt Fitzner
    @VA1DER
    I'm able to log in to my account, but when it loads teams it hangs on the load until it times out and gives a generic "We've encountered a problem". When I log in from browsers that work, it flips through about a half dozen URLs that it fetches. On UGC it stops after about the second. I wondered if it had to do with the auto-https when no transport method is specified, but that's just speculation.
    networkException
    @networkexception:chat.upi.li
    [m]
    hm
    works for me on flatpak
    and auto https didn't make a difference
    Kurt Fitzner
    @VA1DER
    Thanks. I'll try it on Linux.
    Kurt Fitzner
    @VA1DER
    Doesn't work on Linux either. Same issue. Hangs with "Loading Microsoft Teams" on the bottom left and the logo in the middle until it times out.
    I can't find any good privacy-focused browser that works with my Teams. I hate having to use Chrome.
    networkException
    @networkexception:chat.upi.li
    [m]
    Well if it works for me it should also work for you really
    Do you have cookies enabled? For me it complained about that
    Kurt Fitzner
    @VA1DER
    Oh... I had to stop blocking third party cookies. Makes sense, it's a government teams portal.
    Thanks
    networkException
    @networkexception:chat.upi.li
    [m]
    I didn't think about saying that earlier because for me the error was really verbose, it even told me a list of domains to add as exceptions but I guess thats not a thing with the portal maybe