Ultimately, the problem is much bigger than /etc/machine-id since there are dozens of hardware IDs on any PC that can be used by malicious telemetry to silently to uniquely identify and track you, and the only solution to this problem currently is to make sure you really trust any software you use.

Systemd, in particular, acts a lot like malware for Linux because if you try to reset your machine-id a long list of stuff that breaks in in it. You could make a cron script to reset /etc/machine-id every day, but machine-id is so deep in the stack that you’d also have to reboot to ensure it’s updated.

  • sudoer777@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 hour ago

    Running browsers safely in a Linux container/sandbox is not straightforward, for instance Flatpak blocks unprivileged namespaces which breaks the browser’s own sandboxing so it’s recommended to avoid Flatpak browsers.

    • hirihit640@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      57 minutes ago

      Tbh I haven’t kept up with that issue for a while now. I’m guessing it still isn’t addressed. I usually disable JS anyways so that mitigates almost all attacks. But I have installed browsers in Distrobox before, installing the browser as a system package instead of a Flatpak. Do you know how the sandboxing works in that case?

      • sudoer777@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        47 minutes ago

        Not sure, although I just did some searches and it appears that Distrobox uses rootless Podman which supports nested unprivileged namespaces. And if it broke the saneboxing there probably would have been an error when you tried to run it.