Read the article. The exploit was found by the state actors not created by them. Apple is ultimately responsible for the mishap due to the insecure design of the aforementioned feature.

Even though China partially had a hand in the creation of this flaw according to the history of the feature.

And yes, Apple has been a constant feature on the news for such privacy leaks of late. You just haven’t been paying attention.

If my memory serves me right, they do a bunch of application integrations for SMS and Phone calls.

Apple has been taking massive Ls after Ls wrt the security of their iPhones in recent times. It’s almost as if magically branding your products “private and secure” doesn’t work.

I didn’t know Authy was a Twilio product. Anyway am glad I made the move to Aegis years back.

There are no ways to beat this. They want your real number. That’s the point.

Great. Can’t wait for this update to reach mobile devices. More people need to realize how scammy these tech mega-corps are.

I host my own DNS service with AdguardHome. But there are some public DNS providers with ad-blocking filters here. Some like NextDNS will allow you to create an account and further configure your blocklists.

Ad-blocking DNS. Blocks the nuisance and saves bandwidth. Couldn’t live without it now.

Irrelevant. Some systems may be hard to compromise but most humans are not.

Pfftt. This sub is regarded.

You do realize that you are agreeing with me.

Nope, you are coping. Infact I see the meme as a failed attempt to call Google garbage (the word garbage is stylized with the famous google colours).

The incognito mode joke makes sense. Everything else is out of place.

Nope, just you, OP and whoever created the meme.

Firefox is bloated with telemetry.

You cannot really exercise your right to free speech online today without having a pseudonymous account so some elements of privacy is at least good for something.

Bad meme. Our user data cannot be compared with garbage.

But we have to think of the children.

You entirely misunderstood my argument(s). The title says “Brave appears to install VPN Services without user consent”. My comment was an exploration of this using Linux’s tools (systemctl). But nevertheless, creating a VPN network requires elevated permissions.

I was correct you need root to create systemd-wide systemd service that will run on boot , user systemd files can’t. What they can do, is run after login. Which has more or less the same effect for a single-user setup. And I did admit I was partially wrong.

The entire premise is for a package/manager to create a running/permanent service that will be started after boot AND does not require user intervention (for the avoidance of doubt, enabling the systemd service counts as intervention).

One way to do this is to create the service file and do the symlink to a folder that systemd automatically runs on boot. For both user and system systemd files you require root to make these modifications.

Another way is to create a Desktop file in the path I shared.

If you have more ways I’d be happy to hear them.

Installing a package requires root which will automatically give the package manager permission to write anywhere on the system. To create a systemd service in user that will automatically start at boot requires root, someguy here commented with the how.

However you can run any installed binary via Desktop files as a user (no root) on login by writing to ~/.config/autostart.

Maybe am ignorant but at least I understand the questions before I answer them.

You would need the power of root to do all these aforementioned things (run a VPN service).

And am not saying that Linux is immune to malware, just that it’s not out of the norm to have package managers install services crucial for operation during installation. Since Windows doesn’t have package managers, I’m gonna replace package managers with packages in this reasoning.

This is actually very close (just tested and confirmed it). I somehow stand corrected about requiring manual enablement but this is just using the package manager to do the dirty work for you.

However the program itself cannot write into those directories without root permissions. You still have to allow your package manager to do this with root permissions as mentioned.

Read my argument again.

Bruh you just ran the command to enable the ‘written’ service. Comprehension is a problem in this community.

You failed. This requires the user to run a script aka manual intervention.

Not possible to start or enable a created service without user intervention. You don’t know what you are talking about.

You still need to manually enable the service. The configuration of the service has zero effect on its activation or lifecycle.

I don’t use Windows but if you install a program that requires a service on Linux, the service will be written to your system’s services daemon awaiting your activation. I don’t see what the issue with that is.

Sure. A huge untapped market of people who don’t want anything to do with VPN ads.

You are goddamn right about that one. Though I think Youtube is being petty with this war against adblockers, none of the major browsers block Youtube ads by default afaik.

Touche. I’ll leave you to wallow in your own ignorance.

You asked for it so here’s my ‘bizarre’ take;

Mozilla is tangled up with social/political advocacy and virtue signals too hard.

Tries to censor content on Firefox. Recently saw they are introducing a ‘Fake’ Amazon reviews detector.

Even though they tell anyone who will listen that Firefox is a private browser, they push their own ads in the browser and have even tried pushing 3rd party ads (for some animation movie).

And is poorly run. Example, fired a lot of developers and shortly afterwards increased CEO pay. But most importantly, share of Firefox users have dropped over the past decades from a comfortable lead to less than 3% today.

Depends. Are you on a wanted list?

Make dummy accounts for demos. Will save you a lot of trouble in the future and teach you compartmentalization.

I’ve got a better question. Why do you love Mozilla?

Privacy cannot be a competition of which service provider we hate he most.

I hate Mozilla more than whatever Brave has been accused of in the past. Brave makes it easy to configure a private browser, this is not an opinion. There’s no browser that will ever have a monopoly on privacy.

NoScript and Cookies Auto Delete are very much needed. uBlock’s JavaScript control is extremely basic and doesn’t toggle WebGL.

As for cookies, I only set them for sites I have accounts or ones that need to remember user data in Chromium. I personally don’t use CAD but I can certainly appreciate its convenience.