Armored: deleted

I just deleted the “armored” profile. I had used it a total of 0 times so far.

That’s the same amount I’ve used Tor Browser, but I’m still holding on to that one for the time being.

So far so

Fourth day with disposables and it has been much easier to get used to than what I imagined beforehand. It’s pretty much down to just one major issue now: I’d like to be able to open new clean disposables straight from links’ context menu, instead of having to manually open one (through the desktop environment) first and copy & pasting the link.

Firefox deceivingly offers the option of opening links in a new so-called Private window right from the context menu, but when the parent window is already Private, the new window actually inherits the session (cookies and all) which is counter-intuitive. These so-called Private windows only get a true clean start when opened from a non-Private window.

On the surface (in title at least) it looks like what I want is “Per-window Private Browsing“, but that one was apparently implemented ages ago. I couldn’t find bug reports or specifications (drafts or otherwise) matching my use-case precisely.

I could try using the “Open With” extension, but in my preliminary testing I was turned off by how difficult it was to strip its default configuration down to the bare essential of my needs: I just need my one context menu item and not one for every browser installed, and removing those it seems would entail hacking the extension. I’m not gonna bother.

In fact, I’d prefer not using extensions at all for my main profile if possible, to KISS. Having to tweak the environment to the extreme just to feel comfortable is precisely what drove me to explore disposability in the first place, and increasing complexity in implementing this aim would, in reality, go against said aim.

That’s why I’m also resisting the urge to set up a keyboard shortcut for launching new windows. It would mean going right back to having to recreate this environment everywhere else, and feeling uncomfortable without it, whereas my intention is the opposite (to feel at home anywhere with a clean browser).

I have set the profiles I’ve created to be synced via Owncloud, but I intend to recreate this environment only for locations where I spend significant amounts of time (at least days). Elsewhere I mean to just set the main profile to discard everything at shutdown, or to remember to do it myself when changing options is restricted, or when options themselves are disposable.

My other profile, the one with light armoring, has seen no real use so far. It seems to have fallen into a chasm of uselessness between “I want disposability” and “I want the hardest anonymity available”.

Judging by a metering app’s graphs the average CPU and memory usage has fallen dramatically with this new environment, compared to my previous one with a Chromium window with multiple tabs pinned plus a bunch of ephemeral ones at any given time. This could be down to Firefox being lighter on the CPU & RAM, or perhaps utilizing them less effectively, compared to Chromium.

Then again it’s more likely to be just an effect of the fact that I no longer keep all those web apps running when I’m not actually using them. Either way it’s good for the environment and my electric bill.

Armored

Today’s ops: set up disposable profiles for Firefox. Chromium has better support for them out-of-the-box (--temp-profile), but I found Firefox’s profile management still comes to me straight from muscle memory despite using Chromium exclusively for years now. I didn’t even try to figure out if Chromium’s default configuration is adjustable, and for practical disposability it would have to be, because the temp profile clumsily always opens two slightly buggy tabs (sometimes the address bar eats the first thing entered into it).

The nice customizability of Firefox instead even lent itself to multiple levels of security: for the default profile I kept most bells and whistles from default configuration, whereas for the second one I installed NoScript, HTTPS Everywhere and Privacy Badger. And beyond those there’s still Tor Browser.

On the negative side, Firefox is still noticeably slower to start than Chromium. It was one of the main reasons for my switch all those years back and they obviously still haven’t caught up, which is a bummer. I was aware of this beforehand though, and the delay isn’t too bad, at least on my i7-3770 and SSD.

Also, as mentioned, ditched flash, finally, and for good, hopefully. Lately I’ve only been putting it off because I still have to support it at my parents’, but since I already upgraded out of the LTS they’re using, I may as well use a VM for reproducing any issues they may still encounter before I upgrade them to the next LTS next summer.

Theme choice (Twenty Fifteen, for now) and my threat model for the blog

I’m trying to stick with Twenty Fifteen for now. I would guess using the default theme would serve the “trying not to stand out” ethos best, but don’t take my word for it. Indeed, don’t take my word for anything, because this is a log of learning as I go.

Also, I’m not sure how well “not standing out” on the publishing end fits within the threat model. Certainly my threat model for this blog does not account for its hosting service. My baseline assumption here is a benevolent, not critically anonymity-savvy host (myself). I should also take into account the provider of my underlying infrastructure, whose benevolence I trust slightly less than my own.

But as I said, this is a learning log, not an attempt to simulate anonymous publishing. Additionally I’m using this blog to get a feel for the difficulties in blogging when using an anonymizing service and a browser tuned for it. Like how I keep forgetting to save these drafts now that auto-save doesn’t work.

WordPress works quite well without JavaScript

WordPress works quite well without JavaScript. Post editor customization seems like the biggest feature lacking at first, and unfortunately the default layout is quite cluttered. Auto-save also does not work, so it’s back to old-school manually-save-often.

Edit: Change post format from Aside to Status. Asides now seem to have titles, but statuses supposedly don’t.

Blade Runner

Miksi joudun aina vain enemmän ja enemmän kompensoimaan julkaisijoiden tekemiä huononnuksia webselailussa? Web on nykyään pelkkä kuppainen horo, ei enää ollenkaan huvita pelehtiä sen kanssa kun riskit ovat iloihin nähden niin isot että on pukeuduttava kokovartalokumiin ennen kuin uskaltaa alkaa millekään.

Pelkkä mainostenesto ei enää läheskään riitä tekemään turvallista niin yksinkertaisesta tapahtumasta kuin artikkelin lukemisen pitäisi olla, vaan lisäksi pitää olla erillisiä jäljityksenestimiä ja vielä sittenkin sisällön edessä on kaiken maailman popuplätkä-perkeleitä (“tilaa sitä! tilaa tätä! liity facebumbler-fanitykkääjäksi ja instatviittaa tämä! ja anna sähköpostiosoitteesi spämmättäväksi!!!1!”). Vitutuksen maksimoimiseksi kaikkiaan kymmenen kappaleen mittainen sisältö (jonka olisi voinut tiivistää kolmeen) jaetaan viidelle eri sivulle.

Olen tosissani alkanut miettiä, pitäisikö alkaa vapaustaistelijaksi joka käy yleisessä webissä ainoastaan kertakäyttöprofiilien turvin ja eristää sieltä noutamansa sisällön omille, äärimmäisen pelkistetyille sivuilleen itse tuotettuina tiivistelminä, eikä enää koskaan missään linkitä suoraan alkuperäisiin, sanitoimattomiin lähteisiin.