HackerTrans
TopNewTrendsCommentsPastAskShowJobs

zgk7iqea

no profile record

comments

zgk7iqea
·8 months ago·discuss
Don't cursor and vscode also have this problem?
zgk7iqea
·8 months ago·discuss
Is phone number enumeration now considered a vulnerability? Really?
zgk7iqea
·8 months ago·discuss
the age of subscriptions. what, you don't want to subscribe?
zgk7iqea
·8 months ago·discuss
theres a clippy lint for that
zgk7iqea
·8 months ago·discuss
https://archive.is/3WZx5
zgk7iqea
·8 months ago·discuss
Mozilla is an advertising company too. In terms of breakage, Im talking about more fundamental things like missing APIs and wrong rendering.
zgk7iqea
·8 months ago·discuss
it is an architecture problem, too. LLMs simply aren't capable of AGI
zgk7iqea
·8 months ago·discuss
Firefox is dead. You need an insurmountable amount of configuration to even make it bearable and there is non-user respecting settings and telemetry everywhere. Ads, too. It's not something you can recommend, every site is broken and Mozilla rather likes to spend it's money on [1] discouraging human translators and [2] giving people free coffee on "Browser Raves" in Berlin instead. It's a shadow of its former self.

[1] https://support.mozilla.org/en-US/forums/contributors/717446

[2] https://www.instagram.com/p/DPn_Re5AAkN/
zgk7iqea
·8 months ago·discuss
it's the same kind of "workflow optimization" that notion and obsidian users suffer from. You spend so much time making your tools more productive but don't get any actual work done.
zgk7iqea
·8 months ago·discuss
better spend your time well
zgk7iqea
·8 months ago·discuss
Firefox should commit more to correctly implement web standards - not even gradients render correctly. A lot of the users are oddballs with strange configurations that break everything. No wonder devs optimize for chrome.
zgk7iqea
·8 months ago·discuss
This is just as user friendly as the rest of the firefox configuration. I can't recommend it to anyone in good faith anymore.
zgk7iqea
·8 months ago·discuss
google is a customer of fflabs and has enrolled them in summer of code. They also provide free fuzzing. ffmpeg is a foss, gpl-licensed project. nobody has any obligation to contribute, thus it isn't exploitation.
zgk7iqea
·8 months ago·discuss
Very interesting, thanks.

One point from one of the linked threads I find particularly puzzling:

> I think the issue with XSLT isn't necessarily the size of the attack surface, it's the lack of attention and usage.

> I.e. nearly 100% of sites use JS, while 1/10000 of those use XSLT. So all of the engineering energy (rightfully) goes to JS, not XSLT.

XSLT is a finished standard. Not everything needs to evolve. If the implementation works and is safe, what speaks against keeping it?
zgk7iqea
·8 months ago·discuss
Why not just write an XSLT implementation in JS/WASM, or compile the existing one to WASM? This is the same approach that Firefox uses for PDFs and Ruffle for Flash. That way it is still supported by the browser and sandboxed.
zgk7iqea
·10 months ago·discuss
Non appropriate language
zgk7iqea
·11 months ago·discuss
we all know the real solution is replying with a wrong answer so that people correct you