Un steam fraîchement installé sur ma debian 13, après un redémarrage.

Mon pare-feu m'interroge.

Est-ce que steam a vraiment modifié mon kernell pour faire transiter des données sécurisés jusqu'à chez eux ?

#security #cybersecurity #firewall #steam #opensnitch #foss

I've seen a lot of posts lately about #LittleSnitch which has been on my radar for a while. It supports #Linux now which is great. But it's not fully opensource.

I found #opensnitch and wow it's great. Reminds me of what I consider to be "peak windows" days, early 2000s when the zonealarm firewall was popular.

#Nostalgia will getcha!

I saw that Little Snitch is now available for #Linux.

As far as I’m aware, there’s already #OpenSnitch for Linux.

#OpenSource #LittleSnitch

I installed OpenSnitch today after having seen a post about it on BlueSky (I think). It's a nice application firewall which gives you even more control over what leaves your computer.

#Firewall #ApplicationFirewall #Opensnitch

https://github.com/evilsocket/opensnitch

Wow oh wow. Any strategies for how to manage OpenSnitch on NixOS? It's a cool tool but the constant popups for everything that connects to the internet is just... a lot.

And, unfortunately, because of how nix works, each rule I allow via the popup assigns the /nix/store binary path to the rule, so I don't expect the rules to survive a rebuild.

I've already used it to strip out all of the advertising domains, and my next target is for blocking AI slop domains. For that alone is worth it.

#NixOS #Nix #Linux #OpenSnitch

So I'm the kind of wacko who has #opensnitch set up to manually filter any address my computer connects to. Despite using a base block list, browsing was absolute hell for a week until my rules covered enough ground to block most of the repeat offenders. I usually allow the domain I'm visiting and its subdomains, period.

The amount of domains one can block before a website breaks is telling. It also made me realise that with link preview enabled #Firefox and all derivatives send a request to the domain of all the links your cursors HOVERS, a.k.a brushes past which seems like a massive breach of privacy and waste of bandwidth... Note that disabling link preview requires a restart after unticking the box, which made the culprit hard to figure out at first.

Anyway, watching #Peertube is obviously quite challenging with this setup, because of the "peers" in the tube. What I don't understand is why there isn't a consistent port I can unblock, each request seem to use a random port.

Can anyone help me make sense of this please?

#foss #floss #fediverse #privacy