Privacy on the Internet is important because privacy risks range from the gathering of statistics on users to more malicious acts such as the spreading of spyware and the exploitation of various forms of bugs (software faults). Many companies, such as Google, track which websites people visit and then use the information, for instance by sending advertising based on one’s web browsing history. Sometimes prices on products are changed on the same website, depending on tracking information, and two people may view the exact same product on the exact same website yet be presented with very different prices.
Considering the amount of conflict of interests and scare with using browser, I think the only, least risky way is to use someone else’s internet to browse or to use TUI browser.
Then again, a non-programmer (i.e. me) would be having difficulties in removing privacy and security threats. For each exploit patched, I’d reckon there would have been dozen more circulating around the dark net. It’s a worry that has been looming behind my head. I think one of the more important aspects of security is to know what you are up against. It’s far easier to be secure on the internet if your goal is defined as “not being hacked by script kiddies” rather than broadly defining “government-agency sponsored, state-level threat” stuff.
As long as you’re not a billionaire, I think the minimum steps to undertake is to limit your use of the internet. Kinda scary for a layman like me to see the internet and see everywhere that each click can get you hacked. Again, that sort of stuff would most likely apply to high value targets anyways… which I am not.
The safety of TUI browsers is a bit overrated; most don’t do any sandboxing of content whatsoever and are run in an unsandboxed environment. Both of these are important for a piece of software that only exists to parse untrusted content from the most hostile environment known (the Web).
Check a CVE database mirror for your favorite TUI browser; if it has a nontrivial number of users, it’ll have some vulns to its name. Especially noteworthy is Elinks, which I absolutely don’t recommend using.
Personally: to read webpage from the terminal, I pipe
curl
orrdrview
output intow3m
that’s sandboxed using bubblewrap (bwrap(1)
); I wrote this script to simplify it. I use that script to preview HTML emails as well. The sandboxed w3m is forbidden from performing a variety of tasks, including connecting to the network;curl
handles that.Tangential: rdrview is a CLI tool that implements Mozilla’s Readability algorithm. It uses libseccomp for sandboxing on Linux and Pledge to do so on OpenBSD. Piping its HTML output into
w3m-sandbox
makes for a great text-extraction workflow.