Use After Free Use After Free Use After Free Use After Free Use After Free Use After Free Use After Free.
I would be more satisfied if they gave a proper explanation of what these could have lead to rather than being "well maybe 0.001% chance to exploit this". They did vaguely go over how "two" exploits managed to drop a file, but how impactful is that? Dropping a file in abcd with custom contents in some folder relative to the user profile is not that impactful other than corrupting data or poisoning cache, injecting some javascript. Now reading session data from other sites, that I would find interesting.
You should generally assume that in a web browser any memory corruption bug can, when combined with enough other bugs and a lot of clever engineering, be turned into arbitrary code execution on your computer.
The most important bit being the difficulty, AI finding 21 easily exploitable bugs is a lot more interesting than 21 that you need all the planets to align to work.
You're right, I didn't know about what that "..." meant. It's kind of obvious what I meant though: "I don't know why all of these have ..." I've added that information to the post.
The greyed out options have no point because 99.99% of the links I click are already clean. Like so many of the other privacy enhancing options, just provide an option to "clean links automatically."
Link "cleaning" will sometimes just break a link entirely since it's a heuristic-based thing that removes query parameters that appear to be nonfunctional tracking parameters. Doing it by default would be setting up users for the occasional very bad experience.
Did you really make a blog post to tell the world that you don't know some things? That's not usual. If that is true, the only conclusion is that you should learn those things, and I'm not sure what I am supposed to get from reading it.
I think, or at least the way it reads to me is that you believe Firefox devs are wrong. This is what it looks like you meant. You believe the "..." is wrong to be there, and it should be removed. Which I do not agree with, and in any case we should first consider the "..." conventional meaning and only then we can maybe get to the conclusion that it should be removed. That it should be removed because you don't know why it is there is not reasonable, not to me.
In my humble opinion you should reflect a bit more on what you actually meant to say by this and also other points in the post.
> The greyed out options have no point because 99.99% of the links I click are already clean.
Frankly that's nonsense. They obviously have a point, and the fact you disagree with the point is something completely different. Firefox isn't specifically made for you. I appreciate the greyed out options in general, it helps me know they are there and that they may become available under some conditions.
I wonder if Microsoft actually likes running their free email service still. They wiped a ton of old Hotmail and Live.com emails some years ago (and then allowed new people to register those deleted names). I imagine they don't get much out of it anymore.
"Summary of changes to the Microsoft Services Agreement – June 15, 2021 [...] In the Outlook and Office Services sections, we’ve removed the Outlook.com section to clarify that an email address or username is not recycled into our system or assigned to another user."
It's wild to me they ever started doing this in the first place. And in 2013 no less, it isn't like the hijacking risk was some far off concept at that point.
It's certainly not free to run and maybe it doesn't really make sense for Microsoft to run Outlook.com anymore, except that it's an easy way to motivate people to having a Microsoft account.
Outlook.com certainly has to show up as an expense, one that Microsoft would like to reduce. When you look at what other providers charge for a single email account, it's hard to see Microsoft making money of Outlook.com. There's obviously something to be said for scale, but still, it must cost them something.
>It's certainly not free to run and maybe it doesn't really make sense for Microsoft to run Outlook.com anymore, except that it's an easy way to motivate people to having a Microsoft account.
it also funnels people into using exchange for work. more like a "marketing expense".
They wiped all the emails from my 25 year old Hotmail account. Pretty weak. I refuse to use Microsoft products except if forced, and do my best to evangelize this position.
I realize it's been "written" by an LLM, but the content could have been written by someone I know. It's eerie how this person thinks exactly the same way. It's never their fault, always the others', and they are always obviously right and no amount of arguing can change their mind.
"Write an essay about struggling to change a software org that doesn't want to change. Make me the hero. Post it at 1am so it looks like I was up late suffering with the burden of what I know."
This is not a politically correct thing to say but there is a class of neurodiverse software developers who display these characteristics and I suspect the author belongs to this group.
Yes, that's why it's great. They have the best of everything around and have imo perfected it. It's difficult to think of certain foods that are actually unique to any "country", tbh.
In addition to completely disabling AI, I found the following setting extremely convinent to disable in about:config. They clutter up my right-click on a link or on text selection.
Also forgot `browser.ml.chat.menu`, `browser.ml.linkPreview.enabled`. If only there was a way to get rid of "Email image", and "Set image as desktop background".
Try modifying a webpage’s source to open with <html mozdisallowselectionprint>. If that works, you can make that universal using any page-mod plugin (though not necessarily the userstyle CSS-only ones). I’m mobile-only tonight so I can’t test myself, but derived from:
`dom.text_fragments.enabled` to remove "Copy link to highlight" on right-click. Yes, it can be useful, but I never use it and the very rare occasion of needing to use it when opening a page, I can just search it myself.
`privacy.query_stripping.strip_on_share.enabled` to remove "Copy clean link". I would rather it just did that clean link thing automatically, but I don't actually care about clean links -- it's just annoying having two "copy link" next to each other (especially with one which is greyed out 99% of the time!)
It strips query params used for tracking. Has it never bothered you when you click share on Instagram or YouTube and it inserts a unique-to-you "share ID" in the URL? I was burned by this once, now every time I copy a share URL from a social media platform I first paste it into my text editor and remove all of the privacy invasive tracking cruft.
As an aside I think it's only matter of time before this is done without query params and instead each share link is generated just for you.
I wish we could also disable "Send via email" when right clicking a picture, I constantly misclick and userChrome.css does not work for the context menu on macOS since it's natively rendered...
Please consider reading.