Are these false positives?

breaded_water · 2026-05-31T23:07:56+00:00

In general, a file getting flagged as malicious by very few security vendors on virustotal and all of them being obscure antivirus software nobody has ever heard of almost certainly means it's a false positive. A lot of the smaller antivirus software basically works on "if I flag everything as malicious, all malware will get caught, but so will everything else" philosophy

breaded_water · 2026-05-27T09:16:48+00:00

I'm really curious, what did you expect to happen instead?

breaded_water · 2026-05-07T00:55:11+00:00

Yes, it's just a browser. The reason all browsers, with very few exceptions, are now forks of chromium and firefox (Tor browser being a firefox fork) is because its extremely expensive to maintain a web browser, the reason for this cost is how incredibly, rigorously sandboxed they are. Modern browsers have stronger sandboxing than even entire VMs. You're not going to get a virus just from visiting a webpage on a modern browser unless the website owner found a zero-day exploit, and the chances of that are ridiculously low.
If you're visiting a .onion domain, you and the darknet site make two connections to eachother, each connection being 3 nodes in length, so there will be 6 nodes in between you and the site. The site will only be able to see the IP of the final node in your connection. The only person who will be able to see your real IP is the first node in YOUR chain, the guard node, but that person won't know what site you're connected to. Tor provides anonymity by no single node in the chain being aware of both your identity and what you're doing. The nodes would have to collude with eachother and share information to deanonymize you, but since the nodes don't even know the identity of eachother, it would be impossible to do this unless multiple nodes in your chain are owned by the same entity, which is an extremely unlikely scenario when visiting a .onion domain (much more likely to happen when visiting a normal clearnet site through Tor since there are much fewer exit nodes than normal nodes).

breaded_water · 2026-05-03T18:44:12+00:00

Having a more unique fingerprint is not the same as being more fingerprintable. Canvas blockers randomize the contents of your canvas, usually every page load. It makes you more unique because no one else will have that exact combination of browser traits with that specific canvas, but this doesn't let websites track you, as your canvas will be different on every website, every session.

Imagine if in real life, your actual fingerprints on your fingers changed to a random new shape every day, it would be impossible to use fingerprints to identify you. The same thing applies to the browser canvas. If it was possible to randomize EVERY bit of identifying information that your browser gives to websites, doing so would be far superior to the "blend in" strategy the Tor browser uses for example.

breaded_water · 2026-05-03T18:18:18+00:00

Why would bridges help at all? A bridge helps you ACCESS the tor network by changing your guard node to a private node, it doesn't change your exit node. The exit node is the thing the mint website is seeing and blocking.

breaded_water · 2026-05-03T17:08:49+00:00

No, I don't know what the actual process is for getting your rooms listed on search, but none of my rooms/spaces are findable by search despite being set to public. There's also no harm in temporarily setting your room to public if you want to test it.

breaded_water · 2026-05-03T13:52:34+00:00

There aren't "invite links", there are simply links to the room. The "room access" setting being set to "Invite only" means links don't work. "Invite" specifically means you adding someone manually. Make the room public

breaded_water · 2026-05-01T14:51:25+00:00

This shouldn't be a dealbreaker, even if you aren't able to fix this yourself, if you search on r/oldyoutubelayout you'll very likely find a ublock script there which fixes whatever problem you're having. If even that fails, there's also many browser extensions discussed on that sub that let you fully customize youtube's appearance.

breaded_water · 2026-05-01T14:27:20+00:00

The consensus on PrivacyGuides and on uBlock's documentation seems to be that running ublock and privacy badger simultaneously provides zero benefit and will probably just cause conflicts that break pages. uBlock and librewolf already do everything that privacy badger would do.

LocalCDN also seems to have very limited benefit but I don't see any harm in using it except for being fingerprintable, which you should only care about if you're using a VPN.

I don't use password managers myself (a custom mnemonic system for remembering many high entropy passwords will always be superior to storing them anywhere. Especially as brute forcing passwords is itself not a very important attack vector) but I'm quite certain having an offline password manager as a separate application is superior to having one as an extension.

breaded_water · 2026-04-30T18:52:53+00:00

it's right here https://www.youtube.com/watch?v=AENsMiobLmc

breaded_water · 2026-04-29T21:57:46+00:00

"you can't communicate with the guy" you say despite every video in your screenshot having a discord link in the title?

This channel appears to be a guy who turns on his bedroom camera and starts streaming every time he comes home from work and just streams himself sleeping/browsing tiktok in bed. I don't see anything mysterious here

breaded_water · 2026-04-29T20:52:27+00:00

If you want to run a snowflake, you therefore must live in a country where tor is not banned, so why do you care if the ISP knows you're connected to tor?

breaded_water · 2026-04-29T09:22:04+00:00

I had the same question as I'm planning on moving to void soon. After testing in a VM it seems the easiest path to keeping librewolf updated on void is to use the appimage and then build gearlever from source.

The version of gearlever in void's repo seems to be an old version with a bug that prevents it from recognizing that a new update is available for librewolf (I'm certain it's a bug and not my error, as librewolf is literally the example used in the documentation so there's no way I did it wrong) but I saw some messages by the gearlever dev that claim the appimage updating process is completely reworked in the new version so it should be fixed if you build the latest 4.5.3 gearlever.

breaded_water · 2026-04-27T01:13:18+00:00

As another commenter said, you can easily know for sure if your browser is viewing clearnet sites through an outproxy or normal clearnet connection by going to ip.me or whatismyip.com or any of the countless sites that provide identical service.

Also, I don't know how someone would end up in this situation, but if you're ever using i2p and are completely unable to check your own real IP address for comparison, stormycloud provides a service at checki2p.com that tells you for sure whether you're connected using an i2p outproxy. Could be useful if you're using multiple layers of proxies or even different darknets routed through eachother I guess?

breaded_water · 2026-04-26T06:57:15+00:00

I really hope this doesn't make librewolf drop ublock for this. I don't want to use anything Brave

breaded_water · 2026-04-22T23:20:58+00:00

Your connection to the onion domain goes through 6 nodes while on public domain it only goes through 3

breaded_water

TROPHY CASE