KarnaSubarna

joined 2 years ago
 

Summary

We have rewritten over 600 JavaScript event handlers to mitigate XSS and other injection attacks in the main Firefox user interface. This mitigation will ship in Firefox 138. However, blocking the execution of scripts in the parent process is not the end - we will expand this technique to other contexts in the near future. There is still more work to do as the UI requires JavaScript APIs with a high level of privileges. However: We still eliminated a whole class of attacks, significantly raising the bar for attackers to exploit Firefox. In fact, we hopefully just broke someone’s exploit chain.

189
submitted 2 months ago* (last edited 2 months ago) by KarnaSubarna@lemmy.ml to c/firefox@lemmy.ml
[–] KarnaSubarna@lemmy.ml 1 points 2 months ago

Did you compile the kernel by yourself, or used Mainline to install?

[–] KarnaSubarna@lemmy.ml 9 points 2 months ago (1 children)

Operated by MZLA Technologies Corporation, a subsidiary of the Mozilla Foundation, Thunderbird is an independent, community-driven project that is managed and overseen by the Thunderbird Council, which is elected by the Thunderbird community.

Source: https://en.m.wikipedia.org/wiki/Mozilla_Thunderbird

[–] KarnaSubarna@lemmy.ml 4 points 2 months ago

Yes, Gnome extensions shall be impacted once again for sure. But, at least that is not a deal breaker for me.

 

"some workloads saw improvements, overall system performance slightly declined, and binary sizes increased." So -O3 isn't paying off in the Ubuntu packaging world for now and will be reverted soon.

[–] KarnaSubarna@lemmy.ml 30 points 3 months ago

I guess it takes time to built a DE from scratch.

[–] KarnaSubarna@lemmy.ml 3 points 3 months ago (1 children)

No native support for DoH in Pi-Hole yet. Additional setup is required to enable it on Pi-Hole[1].

[1] https://docs.pi-hole.net/guides/dns/cloudflared/

[–] KarnaSubarna@lemmy.ml 7 points 3 months ago (8 children)

If Pi-Hole starts supporting DoH out-of-the-box, I'll happily switch from AdguardHome.

[–] KarnaSubarna@lemmy.ml 9 points 3 months ago (4 children)

NextDNS doesn't support unlimited DNS query for free, I think.

 

Context:

Reproducible builds ensure software can be rebuilt in an identical, bit-for-bit manner anywhere at any time using the same tools. This means that someone rebuilding the software from the same source code will get exactly the same results.

Why is this important? Because it’s a crucial aspect for supply-chain security.

Source: https://news.opensuse.org/2025/02/18/rbos-project-hits-milestone/

[–] KarnaSubarna@lemmy.ml 14 points 4 months ago

Thanks for the context!

[–] KarnaSubarna@lemmy.ml 4 points 4 months ago* (last edited 4 months ago)

Alpine has been used in Docker, and Docker is now run everywhere

This is exactly what came to my mind while reading through the article.

[–] KarnaSubarna@lemmy.ml 3 points 4 months ago (1 children)

Your home server might have the required bandwidth but not requisite the infra to support server load (hundreds of parallel connections/downloads).

Bandwidth is only one aspect of the problem.

[–] KarnaSubarna@lemmy.ml 10 points 4 months ago

That solves the media distribution related storage issue, but not the CI/CD pipeline infra issue.

view more: ‹ prev next ›