@firefox STOP. UPDATING.

The browser was done TEN YEARS AGO. There is literally ZERO FUCKING JUSTIFICATION for you pushing updates EVERY GODDAMN DAY.

Fucking KNOCK IT OFF. WE DON’T WANT YOUR AI FUCKING GARBAGE.

This is why you’re losing to a fucking fork.

You were supposed to be defenders of the faith, not fucking corporate whore sellouts like Google.

#fuckfirefox #librewolfwins

  • tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    14
    ·
    6 days ago

    I’m sure that whatever platform you’re on lets you not update if you want.

    I wouldn’t advise that from a security standpoint, but if you’re set on it…

    • gwl [he/him]
      link
      fedilink
      arrow-up
      10
      ·
      6 days ago

      They’re not pissed at lack of updates really, but at features that feel anti-consumer, such as always-on telemetry and opt-out AI

        • @Omodi @gwl all you people in this side thread are completely missing the point. and you’re not contributing anything here. No one wants your “Im sure there’s a way to block update notifications” BS responses There isn’t. And that’s not the point.

          I don’t want to do your maintenance. I don’t want to read Firefox update release notes. I DON’T WANT TO FIND WORKAROUNDS FOR MY SOFTWARE.

          The POINT is developers don’t understand consent OR security if they think the end user update solves security.

        • tal@lemmy.today
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 days ago

          It sounds like he doesn’t want update notifications. I’m sure that that’s possible, but I’ve no idea what sort of update notification he’s upset about. Could be from some kind of package manager, Firefox itself, whatever. He might also have a nightly build version installed or something, when he could benefit from extended support version.

      • @gwl @tal No, wrong. I’m literally tired of being asked every goddamn day to update. When I told you “NO” I MEANT FUCKING NO.

        All that other tripe is annoying too, but what I really want is for fucking coders to learn what consent actually means.

  • muusemuuse@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    6 days ago

    No? Firefox is way behind and even if it wasn’t, the browser is an enormous attack surface so they have to keep improving security.

        • @muusemuuse The security excuse for constant updates is a lie. There are not constant security patches that need to be fixed. The “risk” is extremely low, and is not reduced much by your browser checking a security certificate to see if the fraudulent website has paid google this month or not. THey update to put privacy and security violations on my machine - because that’s all AI is, a security NIGHTMARE. .

          • @muusemuuse Furthermore, I go to the same three websites every fucking day, not wandering the far depths of the darknet in search of snuff films and infected jpgs. There is NO RISK that requires daily or even weekly updates to a piece of software that is essentially an image viewer. And if there is, they DID IT WRONG. Browsers were done being developed ten years ago, and there are no “new features” worth a damn.

            • Blisterexe@lemmy.zip
              link
              fedilink
              arrow-up
              1
              ·
              5 days ago

              As an amateur web dev I can say stuff like jpegXL which allows for smaller and higher quality images is cool, and regardless browsers let websites run arbitrary javascript code, so it’s naturally insecure.

              • @Blisterexe Admittedly, most don’t run java anymore, or do they? And see that’s really the point for me: these security limitations are inherent to the build, and if you’d wanted security, you would have done it differently, not be relying on conning users into updating “for their own good” by dangling new features. It’s an inherently stupid, cheap, and insecure way to design a system to operate.

                • Blisterexe@lemmy.zip
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  edit-2
                  5 days ago

                  Javascript isn’t java, to be clear, and I think I need to clarify how websites work because it’s not obvious and I think

                  Basically early websites were just html, basically just a way of having documents and links to other documents. Very quickly they added css for styling and, later, javascript so that people could add more advanced functions in websites. Assuming you’re using the mastodon web client, you wouldn’t have been able to write your comment without javascript.

                  So the site sends html, css and javascript files to your computer, and your browser draws the page on your screen by following the instructions, then executes the javascript. This is a horrible way of doing things, because (1) web standards aren’t standard, browsers can support any feature they want in any way they want, so websites can work fine on one browser and not on another, and google can add any feature to chrome that websites will support that mozilla is forced to also implement, otherwise those websites will be broken. And (2) running random code with no user input is a horribly insecure way of doing things.

                  Nobody can change this, because it’s a every website is made for it and every browser is made for it. There are alternatives but you can’t access anything meaningful from it.

                  This means that Mozilla has to constantly update the browser to fix vulnerabilities, because the way the web works in inherently insecure and nobody can do anything about it, and the standards it supports constantly change for reason out of their control. Every browser auto-updates for the same reason. Mozilla changes the UI and implement AI at the same time because they’re scared normies will drop the browser and use something else (read: chrome) if they don’t.

                  If you don’t want a browser that skips all that and doesn’t support running random code then you can use something like netsurf, but it won’t run every website. Otherwise you can use a browser like librewolf that doesn’t add antifeatures.

                  Not saying you should use firefox, just that I hope you can see why they do what they do.

            • @muusemuuse Furthermore, if security is pushed all the way down to the user level, and we expect users to do the work to keep the internet secure, then the internet IS BROKEN AND BADLY DESIGNED. Security is the province of OS’s, ISPs, and networks, not individual instance users. If the last line of defense is ME< THEY DID IT WRONG.

              • ilinamorato@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                2 days ago

                Yes, the internet is broken and badly designed. Because no one designed it, not in its current form. It’s a patchwork of barely-compatible technologies being held together by a collective delusion.

                On one hand, though, this is your most reasonable argument of all of them: security shouldn’t fall on you as the last line of defense. Ironically, though, it most undermines your overall point, because the reason browsers continue updating is specifically to remove more security responsibilities from you. Since the attack surfaces continue changing, the security assertions have to continue changing too.

                Sure, those three sites you go to every day are safe and trustworthy right now, and the network you access them from is uncompromised right now, but Microsoft had a supply chain attack just a couple of months ago. It’s very possible that those trustworthy sites might be compromised tomorrow, and if you’re still running an old browser with a known exploit, they could successfully target you.

                But hey, you say, I’m pretty savvy. I’m not going to click anything stupid, or allow anything to download that I don’t expect. Well, first of all, they updated the browser to ask you before downloading anything (they just did it a long time ago). But more importantly, what about a kid who is browsing the Web for the first time today? If they see a link offering them free Robux or whatever, they’re not going to recognize it as sketchy. So they need those improved malware protections.

                Remember, half of the people in the world are dumber than average.

              • muusemuuse@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                4
                ·
                6 days ago

                You are demonstrably wrong with literally every damn post here so I’m just going to assume you are mentally ill and move on.