Supermariofan67

Perfect example of a (part of a) security vulnerability being fixed in a commit that doesn't immediately seem security related and would never be back ported to a ~~stable~~stale distro

The code which parses the binary MaxMind database after decompression is well guarded as of 2024 but used to look different, potentially providing more attack surface. There is also an interesting commit where a contributor makes adjustments to the gzip::decompress() function which hints at a stack overflow, as the destination buffer was changed from static allocation on the stack to dynamic allocation on the heap, though it was not exploitable due to checks before it is written to

The problem is not the RSA math itself but that it is both extremely slow and implementing it is particularly susceptible to bugs and side channel attacks https://blog.trailofbits.com/2019/07/08/fuck-rsa/

This is a standard feature on any IPv6 enabled network if you enable IPv6 Privacy Extensions

Wait till you hear about the idiots who unironically make that argument for banning Bitcoin too

Framework

Copying is not theft. Letting only massive and notoriously untransparent corporations control an emerging technology is.

Accessing printers? Resolving hostnames of internal hosts? I can't imagine having a lan without mDNS

I don't think it's quite as simple as someone just forking it. Realistically, a browser is an extremely complex piece of software that requires a lot of organizational effort to maintain, deal with security issues, etc. Pretty much every other piece of software on a similar scale I can think of (the kernel, KDE, Blender, Libreoffice) has some sort of organization behind it with at least some amount of officially paid work. All the major forks of Firefox or chromium follow quite closely to upstream for this reason (which is also why I'm skeptical of Brave's ability to maintain manifest v2 long term, despite their probably genuine best efforts to do so).

I do wish that Firefox were developed and funded by an organization specifically dedicated to developing it. This could of course happen if Mozilla dies. But that's going to require someone starting it, which is not at all a small or cheap task.

I could also see a future where Oracle or IBM buys it 😂🤡

https://en.wikipedia.org/wiki/Human_furniture

A year ago, the majority of Lemmy was vehemently in support of banning porn

It is based on the assumption that every piece of code in the entire stack from the UEFI firmware to the operating system userspace is free of vulnerabilities

Whenever I want to pirate something I just go straight to btdig. And if there's no torrent and I really need to search the web, I've had much better luck with Yandex. I figure they're more resistant to takedowns from western corporations