![](https://linux.community/api/v3/image_proxy?url=https%3A%2F%2Flemmy.sdf.org%2Fpictrs%2Fimage%2Fec6a393d-8add-4914-ac98-ef53deecc74a.png)
![](https://linux.community/api/v3/image_proxy?url=https%3A%2F%2Flemmy.ml%2Fpictrs%2Fimage%2Fq98XK4sKtw.png)
Firefox on flathub is an official one, that’s not what this warning is.
Firefox on flathub is an official one, that’s not what this warning is.
Clicking the potentially unsafe item lists the exact permissions.
It can access hardware devices, like your webcam or game controller. Likely --device=all in flatpak speak but I haven’t looked.
Neither has its own extension repository, so maintaining support enables side loading but isn’t all that useful for normal people or those who want their extensions to be up to date.
Brave shields work better than the built-in protection in Vivaldi, so it’s less of an issue there but still frustrating.
Yes, and they don’t develop Firefox (legally can’t) since they made a for-profit entity for that purpose.
The Mozilla Corporation does not accept donations.
Poorly written article with little substance but a zinger of a headline. Think they’re trying to take advantage of announcements of Intel and TPM security flaws in the past to get more clicks.
This is a UEFI firmware issue that can be patched by BIOS vendors. It is an issue at a very low level, but not an issue with Intel or the TPM.
The exploit is in the UEFI firmware code for handling the TPM and used for privilege escalation in that firmware, “TPM won’t save you” doesn’t really make sense because no shit. The vulnerability doesn’t mean the TPM unseals its contents though, and I’m curious if the exploit modifies the PCR values enough that OS security could trigger (Bitlocker recovery and whatever). Wouldn’t help if the malicious software was already there though.
“Breaking userspace” is often considered a bug even if the code doing so is working as intended. Deleting user data because they bundle a config file deep in the directory tree for a completely different use case was not intended behavior even if one of them is defensive about the logic.
Nope. Everyone who uses Nair needs to feel the chemical burns at least once. I’m pretty sure it says not to use it on sensitive bits though.
Firefox just pulled the browser out of it to focus on one thing, Thunderbird did the same with communications. Seamonkey still does it all.
Assuming manifest v3, it shouldn’t break. However, some extensions will stop working. Vivaldi doesn’t have its own extension repository so they will be phased out there just like in Chrome.
Even if they do question, it’s not like they are in a safe environment to do so openly. They have to be prepared to give up community, friends, family, potentially their physical safety, and a worldview that says exactly who to be and how to live to be living a good life. That’s a huge step.
I know for a fact there are religious people going through the motions because the alternative is too frightening, just like people stay in bad marriages.
He’s trying to be a little Poettering.
I always think it’s crazy when employees of companies with paying customers act like such jackasses in public.
I think it was probably dropped to be more like other Linux distributions. The BSDs put a ton of stuff in rc.conf.
I thought surely some distribution had messed up by using this temporary files generator for /home, but that configuration is actually a file bundled with systemd and the purge would take effect even if the distribution was creating /home as part of the install (ignoring the tmpfiles config), which they pretty much all do. So yeah, any defense I had towards the dev is gone there.
I thought the same, surely some distribution messed up.
They didn’t. Systemd ships this file as /usr/lib/tmpfiles.d/home.conf. That is a valid configuration directory, the lowest priority, and not just an example.
Basically it would only take effect in certain scenarios, and in most distributions it is doing nothing. Except when someone ran purge and it cleared files it had no hand in creating.
So yeah, this was actually a big issue.
The flatpak packaging tutorial has you build a cli app, so anyone building one is likely aware.
The real issue is invoking the commands. If you install a snap of top, you run top and it opens. If you installed a flatpak it wouldn’t be added to your PATH and even if you added the exports directory to your PATH you would need to remember to run org.gnu.top. Nobody wants to run some random flatpak run command all the time or create aliases for everything, so “flatpak isn’t for cli” becomes the mantra.
In an ideal world a flatpak could register the cli commands it wants to present to the user, and some alternatives system could manage which flatpak gets which command if there were collisions.
My only real problem is I still use windows more than full screen, barely ever use workspaces, and those are two workflows they really want someone to use.
You sort of left out a lot of context with that statistic that the article did include. Apple gets significantly fewer requests because the data they have is far less useful, that is generally a plus.
Cellular location data from the provider generally requires a warrant unless there are exigent circumstances. There has been a lot of controversy recently about warrants being granted that are too broad, the “every phone in this wide area” thing, but they are still warrants being granted by courts vs direct access.
That sort of “tell me every phone in the vicinity of this location” is the sort of request that Google typically has the data to fulfill and Apple generally does not (though the cell provider might).
That is a clickable menu that explains exactly what the permissions are.