I’m looking for a VPN that auto-discovers other devices on the same network.

What does that mean? What are you actually trying to do?

Nobody here said it would let them see your authentication details, so I’m not sure why you’re so vigorously fighting that straw man.

Your session ID is stored in a cookie. That is what a website uses to know that you’re logged in. With a XSS attack one can steal your session and use the site as though they were you. So yes - it is “authentication details”.

Nobody here mentioned it because nobody here seems to know what they’re talking about…

Third-party cookies absolutely let them know which other sites you’ve visited. That’s their main purpose.

And they are not stopped by using a separate VM with a web browser. So…

What? No. Just… No. My god - the misunderstanding around cookies is ridiculous. I blame the EU - they put a ‘warning label’ on them an now eveyone thinks they’re just evil.

Firstly - Cookies are only allowed to be read/written by the site you requested from. If they could read all cookies that would be a MASSIVE security problem and the internet would be fundamentally unusable for business.

Secondly - This has nothing to do with tabs. Nothing. … Nothing.

Thirdly - There are “third party” cookies which happen when a site coordinates with a third party for things like advertising and allows them to track hits when their ads are displayed. This requires both sites to cooperate. But also see “firstly” as it won’t allow that third party access to, say, your authentication information.

Lastly - This still has nothing to do with tabs.

I can’t tell if you’re being facetious or not…

XSS is an attack within a site. For example - if I were to embed JavaScript in this post, and your lemmy website didn’t properly sanitize it, then it would be executed by your browser. This would let me run code on lemmy with your credentials. I could then rewrite posts, delete your account, maybe send your data to another site where I could capture your session or credentials.

It has nothing to do with any other tabs and it would be limited to lemmy and the page that executed the script. I couldn’t have that script read data from your bank on another tab, for example.

They can’t “see out” of their own tab either. Websites can only access data in the browser that they create.

This does absolutely nothing to defend against XSS.

This is the problem with paranoia-based security. You create needless overhead thinking you’re “more secure,” but you’re not. Not in any way that really matters, at least.

So it’s just paranoia then… Which makes sense as it’s way over the top.

Heck, even just creating separate system accounts and doing ‘sudo -u social firefox’ would be easier than spinning and maintaining VMs…

Seriously. Do people think the president literally keeps the country running?

But he debated well that one time! 🤬

Just use tabs they can’t access each other’s data. Or use a tab session manager. Or separate Firefox profiles.

It’s a lot of effort for the benefit you get, which is practically nothing. Especially considering there are even easier ways to get the same result

With Linux filesystem hierarchies you’re going to run into a lot of history, conventions, quasi-standards and simply deprecated implementations.

It’s a problem of “there’s no bad way to do it so all options are equally fine”. From this arose some “guidelines” about /bin and /usr/bin, /var, etc. but few strict rules.

For a long time there was no /media. In the '90s/2000’s you would mount your CD-ROM and floppies in /mnt (e.g. /mnt/cdrom, /mnt/floppy). That was awkward as we started wanting auto-mounted things and wanted to do it from user-space. So /media/username was created to allow you to mount things with your ownership.

If it’s something you want permanently mounted but not part of a pool you can put it under any location you like really. I like locations under /var as historically /var is used for things that “vary”. You could just mount it in your $HOME if it’s something you’re going to use as a user rather than with a service.

I have a “/exports” dir for NFS mounts (e.g. /export/media, /export/storage, etc.). Just keeps it tidy and in one location.

The important thing is to use a standard that works for you and makes sense. There’s not a lot of bad places to mount things. If “/mnt” makes sense for you then go for it.

Seems like a joke. 🙂

online banking shouldn’t be done whilst you’re sharing a browser with tiktok (as an example)

Why? Be specific because unless something has gone horribly wrong sites can’t access data from other sites or tabs unless they’re cooperating. In which case they do so with session data.

And you could simply have a separate Firefox profile rather than spinning up an entire virtual machine.

Depends on how you like to roll. If you enjoy waking up to a service not working then go for it.

But it very much depends on what containers you’re using and what tags you’re pulling.

Fella, you have a huge knowledge deficit for what you’re trying to do here…

Docker does make running services easier and isn’t overkill for what you’re doing. But it’s not necessary and it’s fine if you don’t want to use it.

Debian is fine as well.

You need to get some experience before you continue self-hosting. Start firing up some vms or something. If that seems like “too much work” then perhaps this hobby isn’t for you. Running servers isn’t like grabbing an app from the app store. You’re going to need to invest some time here.

‘apt purge’ does a fine job of cleaning up.

Docker has other advantages though.

Millions of database have run on hdds for decades just fine. They didn’t know what they’re talking about.

Nothing to do with it being an hdd.

This sounds ridiculous. So much work and overhead just to usea web browser?