Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
On Linux there is OpenSnitch that does its job nicely, although I experienced some occasional desktop slowdowns even after training it to open everything for trusted programs.
https://github.com/evilsocket/opensnitch
I still recall the old days of Windows when I tried Kerio Personal Firewall and realized how much software already phoned home two decades ago. That was the last wake up call that pushed me into getting rid of closed source software, possibly also hardware, especially when they connect to the internet.
> The fact that Apple itself relies on Linux for most of its servers is a pretty powerful heuristic that Linux is relatively safe [paraphrased by me]
Many world-class companies depend on Windows, so does that mean you think Windows is safe?
An individual does not have the same access to custom tools, and teams of competent people, that ensure their usage is safe.
A recent example: I was investigating using CloudFlare Functions, because I think CloudFlare has world-class security and that “serverless” product avoids many security issues I might have with other solutions. Yet one setup step suggested piping in a script from curl to shell (commonly suggested for install steps!). Even worse, https://github.com/cloudflare/wrangler2 is their CLI tool to help development, and Wrangler is based on the node ecology, which is completely insecurable IMHO (unless you are a trillion dollar company). I use a VM to provide some sandboxing, but it still leaves me feeling icky.