Chrome does disable extensions when an update requires new permissions, but that won't catch malicious updates to extensions that require extensive permissions for basic functionality.
Requires the extensions to be open source, of course.
Of course, this means that if anyone ever does install a malicious certificate on my phone, I'll be none the wiser. Thanks Google!
Here is the GitHub repository if other people are interested:
But if you manage to add your cert to the global system store then Android will not issue any warning. Here's how to do it:
1 - add your cert normally, it will be stored in your personal store and Android will ask you a pin/password.
2 - With a file manager which has root access, browse to /data/misc/keychain/cacerts-added. You should see a file there. This is the certificate you just added at step 1.
3 - Move this file to /system/etc/security/cacerts
4 - Reboot the phone
5 - Now you can clear the pin/password you have set to unlock the device and there are no warnings.
I won't recommend doing this blindly as by doing this, you are actually man-in-the-middling yourself. But if you know what you are doing, this is the way.
The reason why? Malware was switching users to the dev channel to silence the warning. ¯\_(ツ)_/¯
Chrome on Linux doesn't warn yet (I just tested it) and neither does Chromium.
The cryptographic advice in this particular guide is not especially great. You can, for instance, safely ignore what it says about randomness (and, in particular, about how it interacts with FileVault's XTS block crypto). Its advice about password management is needlessly complex (if you trust Keychain, use Keychain Assistant to generate passwords, not OpenSSL --- but most of the cool kids just use 1Password, and they're right to do that).
Do you have a view on 1Password versus LastPass?
LastPass has been exploited a few times in ways that could have given up passwords. Their UX and server infrastructure seems to be a mess of php scripts, that itself doesn't have to be insecure but is a code smell. Their commercial support looks unmaintained. Both platforms support "cloud" based syncing but since 1Password's is pretty new I can't speak to it.
1Password does local encryption outside of the browser, LastPass will encrypt locally in the browser.
1Password can leverage other file transports to sync passwords, iCloud, DropBox, or any shared directory. LastPass does it all with their servers.
LastPass's web interface if compromised can have you give away the password to all your passwords. 1Password has a much smaller risk of this and would probably have to include a malicious software update.
1Password Families/Teams exists and I'm not familiar with it but it probably has a similar attack vector to LastPass's web interfaces.
You know, they both offer end to end encryption with similar attacks. Overall these companies are big targets and I'd rather keep my passwords offline or synced via side channels in a standalone app like 1Password.
PS I'd be amiss if I didn't mention dashlane https://www.dashlane.com/ I hear good things and it's passed review at a few companies who know their stuff, but that's all I know.
Tavis Ormandy found some really bad vulnerabilities in Dashlane (and 1Password).    
I don't know anything about Windows 1Password, but for macOS, I strongly recommend 1Password over any of the alternatives.
One of the first things I learned about security was not to tell the user which credential was incorrect.
Disclaimer: I'm not a security expert.
My only contribution is that I suspect that in practice almost every site leaks this info if you try hard enough, via some form of timing attack. You can get off-the-shelf "constant time string comparison" algorithms, but it's impractical to write anything much larger in a constant-time fashion, certainly nothing as complicated as a full authentication flow, especially in the light of the complexity of the systems we program on nowadays, with so many layers of caching to exploit for timing, etc. I've leaned in the direction of going for the user-friendly approach in my code, though I've only come around to that recently.
A central cloud service using closed source applications for storing passwords just seems like an easy target for assailants.
I have wondered if running 1Password through wine would introduce some not-considered attack vector, but I've yet to hear it.
I don't even know what questions to ask. Much less choose the appropriate options.
And I'd have very different answers for my work and home gear.
I believe the intent is to ensure that it's understood the list isn't a requirement, but rather the varying options and levels of secure you can have based on your wants/needs.
When asking someone to create a threat model, you can begin with a simple question: "What are you afraid someone will do to your computer?" From this, you can then begin to piece through the list and look for items that address that.
Just care about malware? Look at the scanning tools.
Fearful that some bored teens in eastern europe are goofing around with hacking shit? Look at the security and notification tools
Think Putin is sending the new FSB/KGB after you for your exfiltrated борщ recipe? Look at the disk encryption section. (and perhaps professional help)
Maybe it could use some clarification, but I think the author's intent here was to convey that the list isn't a laundry list of "do this or your computer is going to be attacked", but more that you get what is required for your needs. Many of these tools require that you adopt different computing habits than traditional computing, and not all are applicable to every single use case.
But what I miss most, is a deeper analysis of the different launchd services and agents. - Especially which ones can be disabled and what features will be impacted.
It is quite opaque, especially considering the verbose descriptions of Windows Services out of the box.
I want to disable all these, for me, useless features: handoff, geo, maps, icloud, push, commCenter, spotlight web, siri, social integration, diagnostics reporting, and many more.
It has been a very annoying experience of seemingly unrelated parts of the OS breaking when Disabling anything, - and log spamming of unsuccessful attempts of using it.
It is a tool and should not push policy through arbitrary limitations. But it seems we are caught in a war of lock-in ecosystem providers. Kind of a more realistic version of the much used picture of corporation-states or societies in sci-fi.
Apart from this, hypothetically I might not only an end-user but also an admin who has to implement certain policies. The argument is never sound, there is always an economic or practical tradeoff and you are stuck somewhere and have to make it work and yours.
I have my *nix shell with software from macports as well.
I just don't have the motivation or time anymore to make linux fit my personal computer needs, it always ends up in rabbit holes of tangles to accomplish many things and when you are actually trying to accomplish something unrelated to playing with it.
macOS itself is actually designed in a very modular way if you look at the message based integration of components via XPC and "do one thing" daemons.
I have accepted that I must forfeit some personal preferences in the Apple ecosystem, but I choose to draw the line with not being able to disable intrusive and privacy related features/components.
A similar complaint can be made about Windows, which is more monolithic in its design in my view, but it offers (as mentioned in my top-level comment) proper descriptions and a UI to disable services. Also there are many tools like Win10Privacy and such available which disable a lot, without making the system to constantly misbehave.
"trains on time" - While I appreciate the metaphor, when considered carefully, it is more likely linux and the pragmatic approach that makes the "trains run on time" in many fields. (embedded and server-side)
The only platform that does this is iOS, which embeds an ideology that forces developers to lock down their apps even against their own wishes, and hence prevents the use of GPLv3 licensed code.
Meanwhile, the major Linux distros include all types of licenses, including proprietary.
Linux and the BSDs are traditionally far in the other direction: extreme flexibility and customisability, but you really do have to configure things before you can start working. Windows is somewhere in the middle but (IMHO unfortunately) moving towards the Mac side.
On what basis are you saying that?
That way we can find out what is gamed, or passd, or what the hell is pancake.apple.com for.
If your adversary is a 3 letter agency you'd better use no computer at all. If they can't subvert the OS (witch I doubt) they'll subvert the hardware (hello Intel ME).
I don't do most of this. I'm waiting until I decide to wipe my Mac and have plenty of time to play with it. (which is going to be when exactly? Not sure.)
Clone a copy of your drive (use something like super duper) and then simply boot from the cloned drive. The clone drive can be another physical drive (attached via USB) or just use disk utility to create a separate partition and clone a copy there.
I had a laptop of mine retrieved by the police from a big rubbish bin. The screen was broken, it did boot up though. Another time I had the broken screen after being hit by a car. These things happen and I am always sure I can get in even if keyboard/screen/mouse isn't an option. It is more useful for me to be able to somehow access my machine even if broken, I imagine there will be circumstances of that.
When the police retrieved my laptop I wasn't exactly worried about my obvious login password or whether I had locked down that mysql port sufficiently. The thief wasn't even literate so those extreme security measures wouldn't have helped.
the chain of trust is solid up until make and configure happen, at that point any number of things could happen so it's a question of whether or not you trust whatever scripts its running.
unless homebrew has some sort of enforcement on what that script can do it could do anything. This is why its a really good thing that homebrew does not require root.
Anything from our Homebrew/core (i.e. wget) uses the macOS sandbox to prevent writes outside of permitted locations.
Seems like MacOS does the reasonable thing and prompts for the firmware password if you use a different disk.
Google mostly shows you guides from merchants trying to get you buy AV licenses.
Keep in mind this is a very rigorous script and modifies Windows10 beyond recognition. Infact it kind of makes Win10 appear and function more like Windows8
The one I've found: http://hardenwindows10forsecurity.com/index.html
Unlike widely used and security-critical open source projects, right? Like, say, OpenSSL?
("All hardware sucks. All software sucks." This is at least as true these days as it was back on alt.sysadmin.recovery in the '90s)
Care to show your data and analysis?
It can be (and arguably is) true that "proprietary software is inherently insecure" - without requiring an opposite statement like "open source software is inherently secure" to also hold. (The wording in context _does_ strongly suggest that was the implied premise of the implied premise tho.)
You also seem to discount the possibility of _intentional_ vulnerabilities (from the user's perspective) being included in the software by its developer.
Similarly, the security community has discussed the possibility of intentional vulnerabilities in opensource software for decades. Sure, someone would probably notice if you submitted secret-nsa-exploit.patch but it's unclear that someone would notice if e.g. you submitted a Heartbleed-style bug, not to mention something the NSA's dual curve backdoor.
To be clear, I've been working with open-source software since the mid-90s. I think the model has a lot to offer but it's not magic. Lazy fanboy activism doesn't do anything but lower your credibility and help the companies which are arguing that open-source isn't safe to use (or isn't safe to use without paying them to manage it).