Okay I hate the “grid view” so much that I actually figured it out. You have to add “pref_key_tab_view_grid” in fenix_preferences.xml and set it to false.

Between that and realizing that you can configure it to show visited links in a different colour like normal, Ironfox is my new favourite android browser. Maybe the only acceptable one I’ve found. The tab settings thing not working is not unique to it, strangely. Maybe something weird about my phone?

You are not authorized to access bug 2038575

Wow, they finally fixed “other issue in the JavaScript Engine component.” Good job everyone. I wonder what it was.

Probably. All modern web browsers continue to be a disaster for security. It remains the case that if someone gets access to your user account through a browser rce or any other route you have to assume they can probably install a rootkit as well.

That is exactly wrong. It has always relatively much easier to get root if you have local user access, compared to getting local user access when you’re not meant to have it. Not just on Linux, but on most systems in general.

If you’re running a water treatment control system, now might be a good time to check if its UI is exposed to the Internet with nothing but the secret password 11111 protecting it.

In the past, I was a user of bad passwords. Anything I didn’t care about I’d just pick an easy one. Probably 60% of the passwords I created, I did not care at all about and would’ve been perfectly okay with someone cracking them if they’d wanted to.

I have since changed my ways and use good passwords now. I want nothing to do with biometric data collection and hope that it never becomes normal. Everyone without some kind of brain problems that prevent it should create and remember one good password — the one for their password manager.

Those licenses are not free or open source, and thus it is not relevant to this community.

it only has about 2000 downloads, so proceed with caution

It’s got a github link, the repo is owned by someone who looks legit, it’s existed for a while, and there probably aren’t enough users to tempt anyone into selling it to bad actors. In my view that makes it look about as trustworthy as any unfamiliar extension can, without actually inspecting the source code.

The fork seems to have been around since 2023. Did the spyware version get removed only recently?

At this point, after so many design updates, my tab bar is restyled with css, my window manager knows that the browser is always fullscreen and never gives it a title bar, except when it does but then it’s just the plain normal system one, all the extra toolbars and widgets that can be removed have been removed, and I absolutely never see the “new tab” page. I’m not going to care if the back/forward/reload buttons look slightly different. Here’s hoping I don’t even notice this one…

You’ll notice in the image above that web page content isn’t flush to the sides of the browser window, nor does it extend up to the tab bar. Instead, web content sits ‘framed’ within a rounded container

WTF Mozilla are you fucking kidding me

The conclusion is correct but you need to show your work a little more.

Have you thought of trying MCTS? It’s a pretty easy algorithm to understand and was good enough to get computers playing Go up to the level where they could offer beginner to intermediate human players a satisfying game.

I suppose her attention is naturally focused on encryption, but the result of an untrustworthy operating system is not specific to it: Security in general becomes impossible.

First remote root exploit by simply putting “-froot” in the right place I’ve seen since like 1994.

My guess is that it’s not the specific user agent, it’s twitter doing something stupid with the intention of trying to open that link in its app which since you don’t have it then falls back to the system default web browser.

There’s a “redirector” extension which can be configured to replace links to “x” dot com with “xcancel” dot com if you really need to go there more than once for some reason.

What’s said at The Verge is simply “he says he could begin to block ad blockers in Firefox” as a way to bring in more revenue, but that it would be “off-mission.” That does not indicate that he, or Mozilla, are going to be likely to attempt such a thing. It does indicate that he seriously overestimates his own power and that he’s thinking like an ad company CEO, but it’s not an actual threat to shut down ad-blockers. Well, probably not — we don’t know exactly how he phrased whatever he said. I would hope that his colleagues have since explained to their CEO that “by the way, no you can’t actually do that, it’s not even possible.” It would not bring in more revenue. It would very quickly reduce revenue to zero.

Some of the things they are doing are self-destructive enough, without imagining such implausible ones.

Vivaldi is not free software and is therefore not worthy of consideration as a replacement for Firefox.

Regular, non-expert internet users find it fun, or even amusing, to play gacha games. And yet the sentiment about a potential new gacha game panel built into Firefox has been overwhelmingly negative. While sophisticated gamer aesthetes find those creations gauche or even offensive, other cultures find them perfectly addictive.

Most of the people that see gacha games as a valuable use of their time on this earth belong to demographics that are dismissed by all you internet weirdos. It’s an incredibly mainstream experience now. Regular people have no problem collecting trading cards, making the numbers go up, and spending money on in-game purchases. If Firefox wants to keep up with the times it needs a built-in gacha game so that it can protect the privacy of all the billions of people who will see it and understand that Firefox is the web browser and gacha game platform made for them.

If a website is going to break because it doesn’t know how many cores my CPU has, I prefer that website to be broken.

Whichever kernel debian bookworm has, the patch for this has most likely been applied to it. The larger risk is to organizations running ancient versions of RHEL or something that never get updated, e.g. because some hardware they need uses a shitty proprietary driver that supports only very specific kernel versions.

Edit: You can confirm that it’s been fixed in Debian here. Looks like it was patched for bullseye systems still running kernel 5.10 in June 2024.

“Hacktivist” apparently now means “for-hire saboteurs working for Russia.”