Oh yeah I wasn’t trying to say this wasn’t interesting, just trying to make sure people didn’t get the wrong idea of what it meant.

Right, so for the vast majority of users, their Firefox instances won’t actually be running this, correct?

Is this a step towards implementing Google’s same extension restrictions in FF, setting themselves up as the primary arbiter of adblock tools?

I wouldn’t expect that:

Firefox, however, will continue supporting both blockingWebRequest and declarativeNetRequest — giving developers more flexibility and keeping powerful privacy tools available to users

https://blog.mozilla.org/en/firefox/firefox-manifest-v3-adblockers/

and

And even if we re-evaluate this decision at some point down the road, we anticipate providing a notice of at least 12 months for developers to adjust accordingly and not feel rushed.

https://blog.mozilla.org/addons/2024/03/13/manifest-v3-manifest-v2-march-2024-update/

So even if that would change (which I’d be very surprised by), it wouldn’t happen for another twelve months, so plenty of time for outrage then.

Haha, I don’t think anyone’s talking about killing uBO, and I’m fairly sure gorhill wouldn’t do that, unless he grew tired of maintaining it.

(They could remove the APIs it uses, like Chromium did to some extent, but Mozilla has publicly committed to not doing that.)

The mentioned bug: https://bugzilla.mozilla.org/show_bug.cgi?id=2013888

Titled: “add a prototype…”

Description:

This’ll be pref-controlled and disabled by default, but will enable some fun playing around, foxfooding, and further development.

So doesn’t sound like it’s “landing” in the sense that your Firefox instance will actually be running this (yet), I think? Though maybe the prototyping was successful.

Yeah I think that’s fair. As far as I know, it’s also mostly been used for detection, not patching, and possibly it’ll be better at exploiting than at patching.

I’m on Nightly, so it might not be in release yet, but I have “Open Link in Split View” in my context menu when I right-click a link, so if it’s not there yet, it’s coming.

Het staat er ook vrij indirect 😅️

No there was actually something in there about avada kedavra being bad for the soul (or something like that), though I’m not sure if that specific bit applied just to the spell or to killing in general.

I don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293

The author seems to put a lot of stock in the whole “the blue team has access to these AI tools that the red team doesn’t currently have access to” argument

I didn’t read it like that. I think the point was that the red team had an edge over the blue team (by being able to spend a lot of effort on a single exploit), so when both teams have access to these same tools, it’ll be more of an equal fight.

Hij was niet anoniem, hij heet Pieter van Oordt. Nog moediger natuurlijk.

Blij dat we @[email protected] in de Kamer hebben kunnen houden!

Looks like there’s a lot happening there too: https://infosec.exchange/@tomrittervg/116443139069130293

Well, and after vertical tabs, tab groups, a free browser-wide VPN, …

It’s related to Firefox, and Firefox VPN is a Firefox feature. It does not apply to Mozilla VPN, which links to a separate policy from its home page, which indeed does mention Mullvad.

And no, you never consciously initiated a service agreement with Fastly, and so its policy doesn’t apply. The policy of the service you choose to use applies, this doesn’t have to be difficult.

I’m not going to crawl through the notices now, but e.g. the Firefox Privacy Policy says:

To perform the purposes listed above, we work with partners, service providers, suppliers and contractors. We have contractual protections in place, so that the entities receiving personal data are contractually obligated to handle the data in accordance with Mozilla’s instructions. Learn more.

This includes Fastly (see also the Learn more link). That is the policy that applies, not Fastly’s own policy.

Je moet de subsidie voor huiseigenaren (de hypotheekrenteaftrek) toch ergens van betalen he…

I don’t think Fastly’s Privacy Policy is relevant here, as you’re not entering into an agreement with Fastly. The Firefox VPN FAQ states:

We collect technical data needed to provide, maintain, and ensure the performance and stability of the service, as well as interaction data to understand usage of the feature and help guide improvements. For example, we may log whether a connection succeeded or failed, or record that 2 GB of data was used on a certain day.

Importantly, VPN never logs the websites you visit or the content of your communications.

Other than that, I think it’s the Firefox Privacy Policy that you should be looking at.

Also worth noting is that, when I review Privacy Policies, I distinguish between sharing data to provide the service I’m signing up for, with the only allowed use being providing that service, and sharing data for other purposes. The former is basically unavoidable for any online service, whereas the latter is often shady.

Daar hebben kleine bedrijven die dingen moeten vervoeren in kluswagens niet zo veel aan, en dan gaat een kleiner deel van dat geld naar de mensen die echt krap bij kas zitten.

Ik vind dit pakket maatregelen niet eens zo slecht klinken. Maar ik was vooral bang dat ze weer een brandstofaccijnsverlaging gingen doen die ze niet meer zouden kunnen afschaffen, dus mijn verwachtingen waren ook niet heel hoog.