CHEF-KOCH
  • 1.73K Posts
  • 441 Comments
Joined 1Y ago
cake
Cake day: Feb 21, 2021

help-circle
rss

There are other drawbacks mentioned which you swipe under the carpet.

I also do not said they rebrand Mullvad I said that it is Firefox VPN just rebranded as Mullvad VPN under the hood.

It is a useless VPN no one need, that is the bottom line here. Years too late to cash-gab people.


  • You do not get to decide what a shitpost is and what not, this is her opinion and view on things. Please respect code of conduct of Lemmy and stop calling other peoples opinion shitposts, some just do not like crypto or understand it. Not everyone is an expert and everyone has other values. This is normal and not weird.
  • It is a blog post not an article, experienced based blog post based on her experience. She says that she is a blogger in the about page.
  • It is her opinion and experience and not to shit on Firefox.
  • People left Chrome, Opera etc. for way less than what Mozilla did.

Next time I see such smear post like this I report it.


The title does not mention anything near - Mitigation.

Your mentioned workaround is Ubuntu or more precise Kernel specific because most newer kernel already do this which can according to my link even cause issues.

Nice try

To be able to exploit this vulnerability, the attacker needs to be able to run code in the container and the container must have CAP_SYS_ADMIN privileges. Linux kernel and all major distro maintainers have released patches.

This is not desktop user specific issue, more for those who work with container, and then even have CAP_SYS_ADMIN privileges. A normal desktop does not run containers nor has such privileges that someone can exploit actively. Server or for those who work in such environment usually use mentioned products.

The vulnerability was introduced in kernel 5.1 and patched in 5.16.2. You can mitigate completely the problem by patching to the latest version. Note, all major distributions released patches.

The guide is designed for those who for example use an older 4.x LTS kernel, run such processes, under specific circumstances and are vulnerable. So it is a fix.

People speculate that desktops are meant here, when real target always was servers and people who work with lots of file-system related stuff but that is mostly also server only target. Some exceptions aside.


Always defending…

I am not interested what people want, I am interested what actual happened and what Mozilla plan to do next to get the whole picture. Difference between a fanboy and someone who is objective.

It is not a good thing what Mozilla did because even if Mozilla makes money, the CEO fires their employees. So it does not change anything except influencing negatively sections like security. They made over 500 million dollars according to last quarter results, you think they use the money to hire more people, then why fire them in the fist place. You think just because you make some money on your own results in kissing million dollar deals goodbye. You are dreaming, if you cut the deals no one will continue doing something with you or give you another change, besides there are contracts which bound you often for years to it. You simply assume that because Mozilla makes money will prevent them from not making other deals with Google, Yahoo or another bigger fish, this is baseless claim and history usually shows the opposite, greed. Bottom line is Google needs the competition otherwise they get sued for mass market monopoly by the EU and other countries. Also Mozilla makes no new products they imitate Google.

Mozilla had over 20 years now to get independent and it ended in loosing more people, more developers even people who did much work on the idea behind, an idea the leadership seems not really interested in.

Mozillas effort are too late, to slow and their leadership makes the wrong calls, the entire time. This is not even news, the community gave Mozilla tons of tons good tips for eMail service, Calendar, Search engine and Mozilla comes with crap like Pocket no one uses.

Mozilla communicated at no time, not in the beta announce, or homepage that this is basically copy and paste Mullvad cooperationship. People believed this is Mozillas own creation, servers, app, idea or whatever. This was not the case, Mullvad did played here with open cards. The community clearly expected independence, yet nothing. You contradict your own argument, you say on one side money makes them more independent, on other side this story shows, making millions of dollars does not mean they release own products, instead they collaboration with others. Why should someone in his right mind support that when there are no benefits over the original or it is even more expensive. This makes no sense.

Thunderbird for example showed that after they went independent made much more progress without Mozilla. We got better encryption implemented, nice gui changes and so much more. Stuff that community complaint about since years, yet Moz did not listed and shit on their own community. After 2017 the app improved so much that its finally usable and stable with more security benefits. Technical independent from Mozilla with the help of new collaboration with others. Just because Mozilla gets money, means nothing for existent or new products, is the underlying point.

If mozilla is just rebranded mullvad, why does this matter?

Because the apps and servers are not the same, or how you prove it without any independent audit. Moz made changes, besides logo and name changes in the code. You cannot have it both ways, you cannot take over something or partner with someone and then believe and expect security experts have no interest to reveal if what they possible change has no impact. Trust but verify, it is that easy. Mozilla like rest does not get any extra bonuses here. People expect professionalism especially if you pay for a service that others offer for free like ProtonVPN free subscription which is for a bit basic surfing enough and masquerading more than enough.




  • You can apply the method to other solutions too, it is mentioned at the bottom. Other product work similar, they usually apply a template.
  • What you hope and what it says can differ.
  • I doubt you even read it because you answered after 2-3 minutes of posting this guidance.
  • It is not an advertisement for Kubernetes. It is an example how to deal with the CVE using AccuKnox. If you want to complain about something then maybe that the Templates that they offer do not work on every Kernel, configuration, cluster etc.
  • The example is a fix to avoid getting compromised for that specific CVE. Whenever you like it or not it is a fix.
  • CVE-2022-0185, was discovered and patched before malicious attackers released an exploit publically. If this would be a guidance for home users I would have written something like - the Linux Kernel got an update to address CVE-2022-0185.


Authors choice of title - Protect from CVE-2022-0185 - I say it is a permanent fix, so my title is more accurate. The CVE itself is part of Linux Kernel to some kernels and therefore the title is correct.


Roasted Moz enough today, will keep more in my back pocket for when next weekend.


Reasons why Mozilla VPN sucks - in a nutshell.

  • Mullvad’s app has been audited. Mozilla has no audit…





Intel and M1 Macs support 🙏…


Top 50 websites for "Video Games Consoles and Accessories" busted to list Fit-Girl Repackers

News and Image Credit - deleted user, via Telegram. Nice find btw. …



Maybe learn to get some own new ideas friend and not re-spell some BS you find on the internet.


I do not approve Wire, btw.

To quote myself…

Wire – Modern day collaboration meets the most advanced security and superior user experience. Fully open source, both client and server, and third-party audited. Metadata leakage possible / this.


Topic <- . . . . . . . . . your off-topic points <-

See the problem friend. No one gives a 💩 what they say afterwards. Trust is gone. Telemetry cannot be easily be disabled, even if you go trough about config there are some flags that are not be able to easily switch on and off. Mozilla does that for a reason. Maybe actually check your Browser. Mozilla made it much harder for everyone to simply opt-out of everything.


Gotcha.

I would just rephrase - everything Mozilla does is wrong - to - Mozilla made poor judgment calls in the past, which was the reason I created this community.


  • Title is not misleading.
  • Transparency in a discussion platform has nothing to do with what happend here. It does not matter if you leak data and then apologize afterwards, the damage is done and shows once again that trackers, telemetry and such things belong into no software. This is well-known. I said that 20 years ago, if Mozilla wants to introduce studies and telemetry they should do that in beta or test builds. What Mozilla did instead was, because of people trying to remove telemetry and disable it by default they restricted about config so that it is much harder to beginners to change specific things, claiming this was done because questionable reason such as people could do damage with it. They basically restrict and prevented, or tried to, people to change the Browser how they want, that happened afterwards because people disliked xyz and then tried to - optimize - it.
  • Mozilla has history of incidents bigger than Chrome, there is nothing to argue about. This is just another one and the next will come. What Mozilla claims afterwards with their unprofessional statement about the percentage is irrelevant because no one can reveal the truth here.
  • Leaking user data is binary, you leak or you do not leak. End of story.
  • Firefox suck big time regarding privacy, security and the claims Mozilla does are already all debunked. There are lots of articles from the competition, researchers, experts clearly saying that Mozilla is worst - by default - with default settings compared to all other Browsers. Maybe similar like Chrome vanilla. There is nothing to argue here, I already presented all of these research on my Twitter among other platforms.
  • GUI is subjective and not what the topic here is about. THIS would not be binary, and reflects taste.

Same like in every other browser, google, duckduckgo, bing etc.

The decision to make them the default and then pre-configure them is based on statistics, they estimated what people use. And this is google, bing etc. This is why every bigger Browser uses them. There are also variables like cooperation, sponsoring etc.


Yeah as shown marked in the screenshot Chrome will get buttons or other options to delete and restore search providers.

This change was made because people deleted search providers and there was no easy or official solution to bring everything back except creating a new profile or mess with some config files.


View pointers.

  • No one spreads hate here. It would also against code of conduct. Admin here is a bit harsh with the description, but it is his opinion.
  • No need to defend or argue here, take as-is.
  • You already down-voted. How about staying on topic, instead you defend, saying it is unfair. I say it is fair.
  • This is serious and not absurd.

How is spreading information, legitimate one unfair, we all need to deal with criticism. People criticizing Chrome, Brave, Vivaldi, Firefox is not an exception. Especially if it is wrongfully advertised in basically every sub as - privacy friendly and respecting.

By default, what most people use, Mozilla Firefox purely sucks, you can cry all day long about this, will not change a thing.

Have a good one.



Movie Script Directory

They comply with DMCA requests so I guess it is okay to list the clear URL. …



Relevant Chromium issue ticket is here. …


Reproducible builds soon. …




Free price plan. Good enough if you just want to share small things for short amount of time. …



…wirft der Kommission indirekt sogar vor, schlicht illegal mit SMS- und Kurznachrichten umzugehen. »Kurznachrichten fallen eindeutig unter das EU-Transparenzgesetz, weshalb relevante Nachrichten archiviert werden sollten«, sagt O’Reilly.

Sehe ich ähnlich, in der Politik sollten öffentliche Nachrichten auf öffentlichen Geräten die der Steuerzahler bezahlt, wir reden nicht von privaten Geräten, dafür genutzt werden Transparenz zu schaffen, daher sollte man auch alles archivieren und am besten öffentlich bereit stellen.

Was Leute auf Ihren privaten Geräten machen ist deren Sache, allerdings sollte hier privates vom geschäftlichen getrennt werden. Wenn hier klare Spielregeln herrschen gibt es auch im nachhinein weniger Zoff da man hier schneller nachvollziehen kann was wirklich kommuniziert wurde schließlich hat der Steuerzahler ein recht mitzubestimmen und zu erfahren was Sache ist, da es uns schließlich alle betrifft.


Reddit changed the policy last year, officially they still tolerate alt-accounts but most subs ban or restrict showing your content unless manually approved by mods.

I handle it so that alt-accounts under specific karma level and account age are hidden and I approve posts manually. In bigger subs they just never review comments, so the chance that your comments are hidden increase. If you then continue posting things you might trigger the bot to flag your account.

This reduces 98 percent of clowns. I think most subreddits use automoderator to do similar things, otherwise moderating huge subreddits is very hard.

Reddit gave basically subreddit mods more power to handle bots, alts etc.


Action and lawsuits, everyone got minimum one, basically

If any action has been taken, then why is printer ink still so expensive?

There are multiple reason, it is not just one reason

  • Producing specific color is research as well as resource intensive, we have shortages and so.
  • Patent and licensing. If you spend millions of dollars on that you want your money back.
  • If you get sued and loose, you still want you money back right. So there is the answer, if someone sued me and I assume I loose I want my money for it back. It is all about profit. Same like Sony does not make money with the consoles, they make the cash with the expensive games and equipment you need to buy. Selling supplies needed to print or play a game is a nice cash-gab to get money.
  • People switch to laser printer. The manufacturer controls the technology and the prices.