smdh @ more Firefox BS.

“Firefox was created in 2002 under the codename ‘Phoenix’ by members of the Mozilla community who desired a standalone browser rather than the Mozilla Application Suite bundle.”

Remember those halcyon Phoenix days? I do.

They were all too short lived.

Now even Firefox forks such as @librewolf seem to be sitting on their thumbs, thinking maybe it’s sufficient to merely option out offending lines of code.

Have decades of return to libc exploits meant nothing to developers?!

If you aren’t going to branch to the code, don’t leave it in the source! It is an attack surface laying dormant whether you realize it or not.

Is it more work? Sure.

Do the work!

LibreSSL didn’t rip out tens of thousands of lines from OpenSSL without good reasons.

The dividends have been appreciable.

    • ティージェーグレェ@sfba.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      3 months ago

      @velox_vulnus as an unpaid volunteer maintainer of libre/free open source software myself, I only wish that meant I never had to deal with complaints!

      I am not even sure how many hours (mine & others’) were wasted adding a legacy_dsa variant to MacPorts’ OpenSSH after the 9.8p1 release.

      Even though DSA is going to be deprecated entirely in 2025 & announcements warning against it are much older.

      Who the hell said anything about me feeling entitled?

      Obviously someone has to do the work.

      You seem to be off your rocker if you think that just because a project disclaims donations that absolves them of criticism.

      I’ve never encountered anything that didn’t have room for improvement.