← Back to context

Comment by kuhsaft

7 hours ago

> The kill switches will work independently on a compromise. Why are they moot?

Kill switches only work as a security feature when you activate them before you know you're compromised. But that's impossible.

It's a reactive "security" feature not a proactive one.

> For example, if I use Firefox with NoScript, then it is not very easy.

Security vulnerabilities aren't only JS related.

https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

Adding an extension that can access all your browsing data doesn't seem very secure either.

Required permissions:

- Access browser tabs

- Access browser activity during navigation

- Access your data for all websites

5 comments

kuhsaft

Reply
fsflover  7 hours ago

Good links, thank you. I agree that my protection is not perfect in general. Fortunately I do not open random websites on my phone; I have my laptop with Qubes OS for that.

> Adding an extension that can access all your browsing data doesn't seem very secure either.

This is not just a random extension but an officially recommended one, https://support.mozilla.org/en-US/kb/recommended-extensions-.... It's also regularly verified by the community. I trust it as I trust Firefox.

  • kuhsaft  7 hours ago

    > Fortunately I do not open random websites on my phone

    That's the main use for almost everyone. You're suggesting people use a less secure device and are stating that it's more secure if they don't use it in the way it's mostly used?

    That doesn't sound like freedom. That sounds like living in paranoia. You bring up FUD in so many comments, but you seem to be living it. Ironically though, you choose to use systems that enable FUD when there are systems that let you not worry.

    There are people building secure software and hardware, so people don't have to live in fear when using their devices. That's the freedom that many people care about.

    There's the freedom to shoot yourself in the foot. Most people don't care about that.

    • fsflover  5 hours ago

      You missed that I do not recommend Librem 5 to "almost everyone". We are not on a normies forum but on HN.

      Also, I do not recommend Librem 5, when somebody asks for a secure device. I mention it, when somebody asks about alternatives to the duopoly, a possibility to have a full, general-purpose computer in a pocket allowing you to tinker with it, or wants to run GNU/Linux baremetal. Such people aren't the audience of GrapheneOS anyway.

      And I'm not against GrapheneOS. I never said it was less secure than Librem 5 for typical tasks. I only say, that if you want to have a third option, you can have it today. There will be compromises, which can be dealt with by technical users.

      2 replies →