If you liked LineageOS without gapps, than I highly recommend DivestOS. It is a soft-fork of LineageOS with significant security hardening and removal of proprietary binary blobs.

Avoid installing extensions as they break browser site isolation (bad for security). Extensions have a lot more access than a website does in the browser.

VPNs are illegal in China.

Massgrave (known widely for their Windows and Office activation scripts) provides download links as well, useful if you use a VPN since Microsoft blocks you from downloading.

Directory link: https://massgrave.dev/genuine-installation-media

Since it is source available, it isnt open source and therefore closed source.

Edit: we obviously have different definitions. I did not mean to argue over semantics. I would personally never trust a browser with proprietary code, even it is source available.

You can disable that. Here are two links that disable that. Add it to Firefox or Chromium through the settings.

Simple, only disables AI answers: https://duckduckgo.com/?kbe=0&q=%s

Long, disables AI answers and ads: https://duckduckgo.com/?kak=-1&kax=-1&kbe=0&k1=-1&q=%s

Steps to create a custom DDG search config:

• Visit: https://duckduckgo.com/settings
• Select the settings you want, for example dark mode.
• Click the “Show Bookmarklet and Settings Data” button.
• Copy the link, using my dark mode scenario would yield the URL https://duckduckgo.com/?kae=d
• Edit the URL by adding &q=%s to the end, which acts as a placeholder for the browser to replace with your actual search query. Using my example https://duckduckgo.com/?kae=d&q=%s
• Last step is add it to your browser. May differ between browsers, but generally look in the search engines tab of the settings.

Source available is closed source by the OSI definition, which is what is widely used and understood. The “closed” in closed source doesnt only refer to source visibility but also the freedoms upheld by open source.

Your comment I was replying to said “I don’t know where you are reading that Vivaldi is closed source. The source code is right here: https://vivaldi.com/source/”. I was responding to that with Vivaldi’s statement about how the browser is closed source.

In your original comment you illude to it being neither open or closed source, which is not true either since it is closed source. Maybe you meant source available? I didnt read anywhere saying that.

Brave added affiliate links to URLs. While I agree this is quite shady, it is not much different from how Vivaldi makes money. Also Vivaldi is not open source and doesnt come close to Brave or Librewolf in privacy tests. Vivaldi’s fingerprinting protections are incomplete (it seems they stopped at canvas randomization?), it features a weak built-in content blocker, and has an insecure default config (JS JIT and WASM are enabled). I would compare it to default ungoogled chromium + basic adblocker. Vivaldi is no where close to Librewolf or Brave in terms of adblocking, anti-fingerprinting, and browser security hardening. Vivaldi is a neat browser, but a privacy one? I don’t think so.

EDIT: Here are some links. Privacytests.org is a precomputed comparison table, the other two sites are fingerprinting sites which give a better idea of how much must be protected for adequate anti-fingerprinting.

Independent browser Privacy tests: https://privacytests.org/
CreepJS fingerprinting site: https://abrahamjuliot.github.io/creepjs/
Firefox Arkenfox fingerprinting test site: https://arkenfox.github.io/TZP/tzp.html

Vivaldi is closed source, they say so on their website. I don’t like the CEO of Brave, neither do I like the crypto nonesense, but arguing that Vivaldi is better for privacy (let alone vanilla chrome) is incredibly incorrect. Brave actually does a decent job of anti-fingerprinting and has strong site isolation. I prefer Cromite because it isnt associated with Brave or any crypto.

Browser comparison table by the developer of DivestOS: https://divestos.org/pages/browsers

I would never use Vivaldi just because it is closed source, doesnt add proper fingerprinting protections, and does not provide a secure default config. Cromite and Brave are better options (for me).

I like to judge software based on its actually merit and not on the theoretical possibility it is vulnerable. It very well could be vulnerable, but without auditing it we are just speculating, which in the real world means nothing. Every project starts somewhere, without community, followers, and “5 years of support”. I am not saying I would trust this software in a security critical situation, just that your speculation means nothing.

And? It lowers the attack surface of Immich. Attack surface is about the surface, whatever an attacker can use to get leverage. This acts as an intermediate between Immich and a public viewer, controlling how a threat actor can access a private Immich server. It helps reduce external attack surface while increasing overall system complexity. Since the project is small, it is easy to audit the code.

Is there any good reason to use Vivaldi? Nice to see more scripts from you. I have been thinking about making some scripts to automate the deployment of Bubblejail profiles for different apps. I don’t run nearly anything without sandboxing, and Bubblejail does not interfer with the Chromium sandbox.

Magic Earth isnt FOSS though, which was specifically requested by OP

It would be easy. Just install Waydroid and install an android app on the Android system. Look at Waydroid official install guide and maybe watch a video.

It shouldn’t be too taxing on the Pi 4 or 5, Waydroid runs an LXC container with x86_64 LineageOS. It works well, but requires Wayland.

Lol

It does not use adblock plus lists directly. The lists are hosted by Cromite. uBlock Origin is not available for any android chromium browser (other than kiwi I guess). The adblocker works well from my tests. I recommend adding filterlists from https://divested.dev/pages/dnsbl

Universal Blue and Wayblue offer most of the desktop environments available for Linux.