fsebugoutzone.org:9999

       Post AOhAEvtYJdUguIs3nc by Ozzy@social.linux.pizza
 (DIR) More posts by Ozzy@social.linux.pizza
 (DIR) Post #AOh5xqw76D9YmwfXXc by LWN@fosstodon.org
       2022-10-18T14:12:12Z
       
       1 likes, 2 repeats
       
       Firefox 106 released https://lwn.net/Articles/911563/ #LWN
       
 (DIR) Post #AOh6cKCrh0MB9SnqUK by xerz@fedi.xerz.one
       2022-10-18T14:19:55.869122Z
       
       0 likes, 0 repeats
       
       @LWN &gt; Swipe-to-navigate (two fingers on a touchpad swiped left or right to perform history back or forward) now works for Linux users on Wayland.FINALLY
       
 (DIR) Post #AOh6fuDEHQYZgsgGsS by xerz@fedi.xerz.one
       2022-10-18T14:20:34.690829Z
       
       0 likes, 0 repeats
       
       @LWN I seriously cannot think of anything good missing from Firefox (that hasn’t been proposed as a standard yet) rn
       
 (DIR) Post #AOh6hoQ4mwwkItbCHg by xerz@fedi.xerz.one
       2022-10-18T14:20:54.959702Z
       
       0 likes, 0 repeats
       
       @LWN I seriously cannot think of anything good missing from Firefox (that has been proposed as a standard) rn
       
 (DIR) Post #AOhAEvtYJdUguIs3nc by Ozzy@social.linux.pizza
       2022-10-18T14:59:45Z
       
       0 likes, 0 repeats
       
       @LWN still color themes :) who uses those anymore 😆
       
 (DIR) Post #AOhICn8ogrygoOV64e by Seirdy@pleroma.envs.net
       2022-10-18T16:15:58.621801Z
       
       1 likes, 0 repeats
       
       @xerz @LWN Oh I can think of a bunch of standards FF could use:Security:CSP hashes for external resourcesCSP trusted typesCSP “webrtc” directiveCSP “navigate-to” directiveDANE (will probably never be supported by browsers)CSP pinning (the spec is dead and i am salty about it)Expect-Staple (was an experiment in Chromium but was scrapped; I can’t figure out why)A full rollout of CRLiteUpgrading from site isolation to origin isolationThe origin-agent-cluster headerAccessibility:WAI-ARIA 1.3 (WIP)CSS Speech/Aural modulesreduced contrast media queriesOther:JPEG-XLtail call optimizationWeb feeds (RSS, Atom, maybe WebSub) (removed from FF)more CSS Fragmentation and GPCM (relevant for paged media)I can also think of a bunch of not-standards that FF could use regarding security but that’d be a much longer discussion.
       
 (DIR) Post #AOhICtIbnNNLuV80Aa by Seirdy@pleroma.envs.net
       2022-10-18T16:26:31.064889Z
       
       0 likes, 0 repeats
       
       @xerz @LWN basically FF needs way more resources than it currently has. The not-standards it needs (actually effective ROP mitigations, something like CFI, namespace isolation for Fission, maybe a virtual memory cage) are as important as the security standards I just listed and Mozilla probably won’t get a chance implement most of this for several years. Most of these features are in Chromium, some in Safari.But more important than all of that is the Tor Uplift. For the past four weeks the Tor Browser has been on an EOL version of Firefox ESR.We need a third engine to succeed but I’m not optimistic about FF’s future.
       
 (DIR) Post #AOhINGB3acOVlHXYAa by xerz@fedi.xerz.one
       2022-10-18T16:31:38.945162Z
       
       0 likes, 0 repeats
       
       @Seirdy @LWN I tend to agree, although I did note that I was talking about standards and by that I also meant existing ones :blobcatderpy: web reader support confuses me because I don’t know if that should be part of the browser itself or an extension, and I don’t know how JPEG-XL compares to AVIF and how well adopted it is, everything else seems more or less fine tho
       
 (DIR) Post #AOhIVLdlA82V1Np2xs by xerz@fedi.xerz.one
       2022-10-18T16:33:07.246539Z
       
       0 likes, 0 repeats
       
       @Seirdy @LWN oh yeah, what happened to Tor Browser? I’ve just been using a custom Firefox profile for the last few years…
       
 (DIR) Post #AOhpTYsAI5qXy8Jeym by Seirdy@pleroma.envs.net
       2022-10-18T18:19:10.670725Z
       
       1 likes, 0 repeats
       
       @xerz @LWN They have an alpha version based on the newer 102 ESR release, but porting patches to a new version with a year&#39;s worth of changes is always a lot of work. The Tor Uplift was supposed to incorporate these changes upstream so the Tor Browser could track the stable branch instead of ESR but the most important part (actual Tor support) hasn&#39;t landed. And that would honestly be the most beneficial to Firefox users since it&#39;d mean DNS-over-Tor, bypassing most restricted networks.A bunch of v102 CVEs were backported to the v91-based Tor Browser recently, but I imagine it&#39;s accumulated a few zero days by now. I wouldn&#39;t recommend using the Tor Browser outside an amnesiac Whonix towards the end of its ESR upstream&#39;s release cycle, and definitely in &quot;Safest&quot; mode.