Comments (11)
Sourceforge is blocked by uBlock's default ruleset due to their recent badware policy, and the guide recommends uBlock, so it might be a bit contradictory to link to SF. Any alternative host for the installer?
from macos-security-and-privacy-guide.
Are you sure Homebrew leaves privoxy running as root? A quick test shows the launch agent is loaded and job is run as the primary user. This point was brought up in #38. Anyway, I'm glad to add instructions for a manual installation of privoxy as well.
Thank you
from macos-security-and-privacy-guide.
You're right, it runs as the installing user not root.
Still and all, my installer creates a non-privileged, non-interative user and group to run as, offering much better security isolation and audit; should that account be compromised the attacker has access to neither an end user account nor the UI. I figured since that was the driving aim of your guide that it'd be a worthwhile improvement to use the packaged installer instead of the Homebrew recipe.
It has the side benefit of course that I can offer better support to end users since I'm intimately familiar with the supported installation package.
I hope you'll consider these good reasons to update the guide.
Cheers,
Ian
On October 29, 2015 10:56:16 AM EDT, drduh [email protected] wrote:
Are you sure Homebrew leaves privoxy running as root? A quick test
shows the launch agent is loaded and job is run as the primary user.
This point was brought up in
#38.
Anyway, I'm glad to add instructions for a manual installation of
privoxy as well.Thank you
Reply to this email directly or view it on GitHub:
#65 (comment)
from macos-security-and-privacy-guide.
Ha, ironic! How the mighty are fallen! I don't have an alternate location as yet; we have been considering a move to Github as it goes. I'll tell the other maintainers about uBlock's new rule and see if we can accelerate the process.
Thanks for the tip,
Ian
On October 29, 2015 11:30:44 AM EDT, Dominic Evans [email protected] wrote:
Sourceforge is blocked by uBlock's default ruleset due to their recent
badware
policy, and the guide recommends uBlock, so it might be a bit
contradictory to link to SF. Any alternative host for the installer?
Reply to this email directly or view it on GitHub:
#65 (comment)
from macos-security-and-privacy-guide.
Thank you for the suggestion, Ian. Let me know if you spot any other issues.
from macos-security-and-privacy-guide.
Hi again Dominic,
So there is now an alternative download URL for the official Privoxy OS
X installation packages. Please find them here:
http://silvester.org.uk/privoxy_installers/OSX/
Cheers,
Ian
On 2015-10-29 11:30, Dominic Evans wrote:
Sourceforge is blocked by uBlock's default ruleset due to their recent
badware https://duckduckgo.com/?q=sourceforge+installers+malware+mac
policy, and the guide recommends uBlock, so it might be a bit
contradictory to link to SF. Any alternative host for the installer?—
Reply to this email directly or view it on GitHub
#65 (comment).
My PGP public key
http://diem.serveftp.net:8080/IanSilvesterPGPPublicKey.asc.
from macos-security-and-privacy-guide.
Hi once again!
I've now modified that URL to:
http://silvester.org.uk/privoxy/OSX/
Also, we're planning to start offering this as an official
non-Sourceforge mirror, so the official project page at www.privoxy.org
will shortly also point here, so you can point folks in this direction
with no worries ;o)
I do hope you decide to update your guide - like I say the supported
installer is a more secure option that Homebrew, and that's the guide's
aim after all!
Cheers,
Ian
On 2015-10-31 18:18, Ian Silvester wrote:
Hi again Dominic,
So there is now an alternative download URL for the official Privoxy
OS X installation packages. Please find them here:http://silvester.org.uk/privoxy_installers/OSX/
Cheers,
Ian
On 2015-10-29 11:30, Dominic Evans wrote:
Sourceforge is blocked by uBlock's default ruleset due to their
recent badware
https://duckduckgo.com/?q=sourceforge+installers+malware+mac
policy, and the guide recommends uBlock, so it might be a bit
contradictory to link to SF. Any alternative host for the installer?—
Reply to this email directly or view it on GitHub
#65 (comment).My PGP public key
http://diem.serveftp.net:8080/IanSilvesterPGPPublicKey.asc.
My PGP public key
http://diem.serveftp.net:8080/IanSilvesterPGPPublicKey.asc.
from macos-security-and-privacy-guide.
Please have a look at the updated instructions at https://github.com/drduh/OS-X-Security-and-Privacy-Guide#http and let me know if there's any issues.
from macos-security-and-privacy-guide.
Hi Dominic,
Thanks for going ahead with the change, it's much appreciated. The only
alteration I'd suggest, for the sake of full disclosure, is to state
that the installation created by the signed package is more secure than
the Homebrew one and attracts full support from the Privoxy project.
Cheers,
Ian
On 2015-11-04 16:42, drduh wrote:
Please have a look at the updated instructions at
https://github.com/drduh/OS-X-Security-and-Privacy-Guide#http and let
me know if there's any issues.—
Reply to this email directly or view it on GitHub
#65 (comment).
My PGP public key
http://diem.serveftp.net:8080/IanSilvesterPGPPublicKey.asc.
from macos-security-and-privacy-guide.
I'm not Dominic, but have gone ahead and made your suggested clarification.
from macos-security-and-privacy-guide.
Sorry! Didn't realise there were multiple folks involved on the project.
The clarification is perfect.
Thanks again,
Ian
On 2015-11-04 16:52, drduh wrote:
I'm not Dominic, but have gone ahead and made your suggested
clarification.—
Reply to this email directly or view it on GitHub
#65 (comment).
My PGP public key
http://diem.serveftp.net:8080/IanSilvesterPGPPublicKey.asc.
from macos-security-and-privacy-guide.
Related Issues (20)
- Version Consistency Across the Guide: What's the Latest Supported? HOT 5
- Does anybody have a better rule set which includes blocking portscans etc? HOT 1
- Whom are you protecting against with DNSMASQ/DNSCRYPT HOT 2
- Mac Setups
- VLC vs browser for unvetted audio/video files HOT 13
- Wow! HOT 1
- Sectools HOT 1
- Question: Why remove the admin account from FileVault? HOT 3
- "Firmware" part is outdated / Intel-based Mac only HOT 7
- Increasing attack surface using simple virus scanner HOT 4
- Misleading information in Google Chrome section HOT 2
- Security Guide
- Add BusKill HOT 3
- please add in these features from the unistgov HOT 8
- Mac event IDs
- Update to include Brave Browser? HOT 2
- WARNING - Dangerous VPN company - Adware/Malware
- Mac_OSX_Startup.pdf no longer available HOT 1
- Soryy
- Little Snitch & Steven Black Host HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from macos-security-and-privacy-guide.