N.E.P.T.R

You can use both through the browser, which is the safest way of doing things because the browser sandboxes the web apps, isolating them from your system. If you prefer an app for Messenger, look on Flathub, though I advise against it. The two apps I found for Messenger are Franz and Ferdium (a fork of Franz with more features).

To mitigate the privacy risks:

• Firefox with uBlock Origin (or Librewolf)
• Avoid sharing anything sensitive.

Nothing much you can do sadly.

I just realized your comment shows a Cromite AppImage? Where do you get that from?

I had heard of AM, and I actually stumbled upon your tool before. Thank you for the tool. I wish AppImage was updated to include sandboxing by default.

Yes, i understand that Flatpak weakens browser sandboxes, i was talking about the risk of a Flatpak which has access to user home and therefore could for example access $HOME/.firefox and steal session cookies.

Also I based my assessment of use FUSE2 for normal AppImages on the security hardening used by Secureblue, mentioned here under the section “Filling known security holes”

AppImages have no sandboxing as you said. They also rely on the deprecated SUID-root binary FUSE2. AppImages are bad for security but they are convenient. A malicious AppImage could for example connect to org.freedesktop.secrets and access your keychain, or run a script that places a script called “sudo” in $HOME/.local/share/bin that is preferred over the real sudo and logs a password, or encrypt your files in a ransomware attack, or exfiltrate your session cookies from Firefox or Chromium browsers.

Flatpaks on the other hand are sandboxed. IIRC Flatpaks can’t access other Flaptak’s data folders in $HOME/.var/app (maybe even if home access is given?), but if given access to the “home” permission they can read and write to anywhere else in the user home, so stealing session cookies from a browser or ransomware could still be possible given the right permission. Modern apps that are designed to work as Flatpaks can use the xdg-desktop-portal to access only specific files/dirs upon user request, but it is only temporary access to a file. All the ways a Flatpak can access the system are defined by its permissions, so by giving more/dangerous permissions (such as devices or full filesystem access) a malicious app can possibly escape the sandbox and access arbitrary permissions. The worst permission an app can have is access to session bus for org.freedesktop.Flatpak, which allows it to arbitrary permissions, host command execution, and access to Flatpak configuration.

Maybe a setup FIDO2 LUKS unlocking, but that requires a security key: https://www.privacyguides.org/en/security-keys/

While I do find GOS drama a bit annoying, they aren’t wrong about the lacking security of many AOSP forks. iode and /e/OS have a history late patches for security vulnerabilities in both the OS (https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history) and for the forked apps they bundle with it. Each Android monthly and Chromium patches usually contains dozens High Risk CVEs, so taking a month or 2 is unacceptable. Neither are good for privacy or security.

See a comparison between some Android ROMs here, especially noting the update speed section: https://eylenburg.github.io/android_comparison.htm

You could setup LUKS TPM unlocking.

To be more clear, antivirus in general are mostly scams because they are advertised to do much more than they are actually capable (especially proprietary ones that act as spyware such as Norton or Avast, which have been caught selling user data). Hash based antivirus solutions (such as ClamAV) aren’t effective either because they rely on “badness enumeration”, in which you try to determine all the bad samples (through a sample list(s)) and alert or delete them when detected. This isn’t a good solution because a threat actor only has to add for example a single whitespace character into the code and it will produce a wildly different hash (which has not been sampled before). Badness enumeration is shit way to deal with real problems, much better is an allowlist approach, such as a permission system where to minimize the access given and soften the security until the app runs.

TLDR: Antivirus bad at job of stopping malware, and sandboxed apps good for security of your device.

An antivirus is mostly unnecessary when care is taken to not install or use untrusted software. If you install everything as a Flatpak (and modify some of the default permissions), you can avoid allowing software to gain much access to her computer.

While I think people suggesting Linux is immune to malware is stupid, for reasons such as it is “too secure” or “too niche” to be effected by malware, anti malware is like a bandaid to a gaping wound. If you have malware, it is already too late and you should first unplug the device from the network and any connected devices, backup any important data, and fresh reinstall by overwriting the infected install.

If you still think you need some way to defend against malware, use the VirusTotal website, or a native Flatpak called Lenspect, to upload and scan files (such as an executable binary). Lenspect requires no permissions other than network access, so it is safe and the only risk is if you input a file containing personal data it will be uploaded to VirusTotal.

Though to stress again, antivirus is a bandaid! The real solution is to be smart about what you install and only take stuff from trusted sources. Try to make sure everything is a Flatpak and avoid apps with excessive permissions, which weaken the security of the sandbox.

Yes, which is why i very much like what GrapheneOS does with Storage and Contacts Scopes.

Android doesn’t expose any app data and requires a permission for accessing storage (unlike Linux).