m0xEE @m0xee@librem.one

@DigitalJacobin
…and recommending you to install their own browser. Then there is this: https://www.eff.org/deeplinks/2022/03/you-should-not-trust-russias-new-trusted-root-ca
Russian government organisations and state-owned enterprises can no longer legally renew their certificates — so they have just made their own CA. Obviously it enables, among other things, MITM attacks.
Sooner or later a lot of websites used by Russians will stop opening in Firefox — what would Mozilla do, comply with this one too and ship this CA with Firefox?
@MartinBe

@DigitalJacobin
This seems reasonable, but I've never seen this line of thinking actually work — instead of standing your ground and sending the right message, you just start giving up your liberties bit by bit — Russia knows how to boil the frog slow very well.
This might buy some time, but they would still start forcing people off Firefox sooner or later.
Yandex' websites which are used by a lot of Russians are already giving you warning about Firefox no longer being supported…

@MartinBe

@kaia
> 1%
🤬TRIGGERED🤬
Under socialism OnlyFans models would be state-funded 🫠

On the bright side: now that Element Web is gone I don't have any reasons to keep WebRTC and WebAssembly enabled — good riddance! 😁

@mangeurdenuage @kaia @Mitsu
Caters to the male demographic! ☝️
(doesn't tell them they should just die) 🤭

@gemlog
Not only they didn't, it turned out they are in the thick of it — developing things that we, who attempt to stay away from all that commotion, use! 😱
How soon are we going to get to "no, you can't call me from that last year phone of yours"? 😂

@newt @captainepoch
> Somewhat better than JVM
In turn, that one was better than ActiveX.
Yep, often the case: the only justification for using some modern broken shit is that it's slightly better than old horribly broken shit 😂

@threat
But that's perfect time to buy ammo!

(from vending machine or whatever other supplier you have 😏)

@kitkat
…I was safe because I had support for WebP disabled😁
AND they have made it non-optional right after this was discovered. One of the major reasons why I started building Firefox myself was to bring the preference to disable WebP back.
That's the problem — no one has problem with updates when they are security updates, but they often come with feature updates: support for new things that no one asked for or changes in the UI — at times rather serious ones, which might ruin your workflows.

@kitkat
Not always possible — there are old machines, there are uncommon architectures. Developers of forks have even less resources than Mozilla does and can't afford supporting those.
Besides, it turned out that not updating is actually quite fine — all the recent major vulnerabilities did not affect old versions, be it xz/liblzma — everyone rolled back to old version as first response; recent openssh one that didn't affect 8.4p1.
Even the critical libwepb vulnerability, which affected FF…

@gemlog
My set of UI hacks breaking aside — even in perfect conditions, I don't even want to be updating my web browser that often!
They are not only introducing the tiny unwanted UI changes, they are messing with underlying Web APIs all the time in these minor updates — this is pure madness!
Don't like the updated UI? Well, your loss! You have to use it — can't not update because other stuff will stop working.

@gemlog
Yeah, same here, I also have high hopes for Servo! And I do my best not to rely on web things.

This case is illustrative of how broken modern web development is! I even imagine being able to swallow the "this browser is year old" take, problem is — apparently, it's also broken on my machines running Firefox 124 — which was released… this March!!! 🤪

@scops
Yep, I have Nheko on my only Windows machine, Schildi on my Android phone — also doesn't have the problem as underlying JS frameworks haven't been updated yet.
And I use gomuks my other machines, most of them anyway — really like the TUI experience.

But Element was still indispensible for more advanced stuff that you didn't have to do often, but at times still did — like managing sessions of exporting room keys.
It would be sad if this doesn't get resolved 😩

@drahardja
So easy!
Yet, this seems unthinkable to absolute most companies, they will offer you everything in the arsenal: from OTPs to having to set a new password after having logged in from a different IP address once — and no, of course your can't use your old one the one that is complex and yet you remember it well.
But not forcing you to enter your real name and other such things seems completely out of the question.

OMG, it's not just me and it's… disgusting:
https://github.com/element-hq/element-web/issues/27684
Apparently, their policy is to only support two latest releases of Firefox and Chrome, so the fact that it had worked for me is just a coincidence!
The "that browsed is a year old already" line is simply priceless!
The most fun part is that this update coincided with the new FF ESR, so their solution is: just install the new ad-ridden FF — or Chrome even, what is your problem?😤
Oh my, this is such a trainwreck!
#element #matrix

Does app.element.io still work in Firefox?
At first I thought they were blocking the IP-address range of VPN nodes that I'm using, but now that I've tried switching to a different one, I think something else is at play here.
It doesn't give me any meaningful error — it just looks like a blank page, the only error I see in the console is:
Uncaught TypeError: Intl.Segmenter is not a constructor
node_modules bundle.js:2
Webpack 21

Could this be it? 🤔

@Hyolobrika
People who ignore the messaging platforms themselves have left the chat… Or rather never entered it 🤣