Skip to content

Firefox is fine. The people running it are not

Technology
206 106 118
  • Judge briefly pauses 23andMe bankruptcy sale amid California's appeal

    Technology technology
    1
    22 Stimmen
    1 Beiträge
    4 Aufrufe
    Niemand hat geantwortet
  • Canadian telecom hacked by suspected China state group

    Technology technology
    3
    1
    57 Stimmen
    3 Beiträge
    21 Aufrufe
    M
    While this news is both expected and unsettling, I'm pretty keen on how our gov has this info available to the public. And the site itself - such a vast resource for security info, tools, etc. Not all of our gov nor all departments are something to behold, but our cyber teams are top notch. And holy shit: https://github.com/CybercentreCanada
  • 216 Stimmen
    13 Beiträge
    55 Aufrufe
    J
    It’s DEI’s fault!
  • Firefox is dead to me – and I'm not the only one who is fed up

    Technology technology
    55
    1
    45 Stimmen
    55 Beiträge
    187 Aufrufe
    F
    Never had issue with Firefox in my day to day use, sites load fine, uBlock stops all the annoyances and thankfully youtube works well for me.
  • 27 Stimmen
    14 Beiträge
    7 Aufrufe
    R
    Tech execs when the shortage hits: I just had a brilliant idea! Let's just give untrained junior vibe-coding engineers the power of senior engineers, and even more AI tools. Problem solved forever, bonus please!
  • Bookmark keywords, again (Firefox)

    Technology technology
    3
    4 Stimmen
    3 Beiträge
    25 Aufrufe
    bokehphilia@lemmy.mlB
    This is terrible news. I also have a keyboard-centric workflow and also make heavy use of keyword bookmarks. I too use custom bookmarklets containing JavaScript that I can invoke with a few key strokes for multiple uses including: 1: Auto-expanding all nested Reddit comments on posts with many comments on desktop. 2: Downloading videos from certain web sites. 3: Playing a play-by-forum online board game. 4: Helping expand and aid in downloading images from a certain host. 5: Sending X (Twitter) URLs in the browser bar to Nitter or TWStalker. And all these without touching the mouse! It's really disappointing to read that Firefox could be taking so much capability in the browser away.
  • New Cars Don't All Come With Dipsticks Anymore, Here's Why

    Technology technology
    22
    1
    2 Stimmen
    22 Beiträge
    91 Aufrufe
    L
    The U660F transmission in my wife's 2015 Highlander doesn't have a dipstick. Luckily that transmission is solid and easy to service anyway, you just need a skinny funnel to fill it.
  • 1 Stimmen
    8 Beiträge
    37 Aufrufe
    L
    I think the principle could be applied to scan outside of the machine. It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack. There's no reason it can't make requests to 10.10.10.1:{port} as well. Of course you'd need to guess the netmask of the network address range first, but this isn't that hard. In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range. If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers. From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on. I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.