It's interesting to me that so many of us are regular smartphone users now, and we all use them in such different ways.
Figured I'd look at my phone's most used apps as I've never paid much attention to it before. Out of the 55 apps I've used in the last 6 days, yeah, my top 6 aren't a surprise to me at all. 🤣
So annoying. There is a 1 pixel discrepancy between Safari and Chrome's vertical centering of this font and I can't get the text to appear exactly the same. I've been dealing with pixel discrepancies in cross-browser web development for years, but still can't handle it lol.
Do you work in #webdev? I want you to order an old phone from ebay right now. Like a Samsung Galaxy S4 or something. Go visit your website with it. Did you have a good experience? Well, 1 in every 10 visitors has that experience. Fix your shit.
The #webperf lab tools that allow using Chrome < 109 are valuable in explaining to customers what their #LCP hacks were doing before the "low-entropy" / BPP update and how they have been rendered inoperable since April 4th.
Mastodon often fails to show up-to-date context and information on posts from remote instances. Substitoot is a browser extension that fixes this.
Now also available for Chrome! Note: the current published Chrome build has a dumb bug where it doesn't start up properly, so please open the "settings" yourself to set it up! The fix is in review.
This is a great series of articles by security researcher Mike Kuketz that documents the data transmission behavior of popular web browsers on their default settings, examining the type of connections they make and what data they "phone home" with:
Great, it looks like whatever they changed in Chrome no longer trusts Kitten’s¹ local certificate authority (installed and trusted by the system trust store, as you’d do in a spit enterprise).
Applies to previously trusted and working certificates too.
(The directly related module is Auto Encrypt Localhost²)
Going to look into it today and see if I can’t find a workaround.
Right, well, first the good news: It doesn’t look like anything has changed in how Chrom(ium) handles certificates installed in the system trust store.
Now the bad news: I have no idea why the certificate authority that was previously trusted on my main development machine is now showing up as untrusted. Could a Fedora Silverblue update have broken it? Will keep looking into it.
Re last: I read a message where a person was seriously calling #Chrome a bad browser because it didn't support JAWS 15 and Windows XP (and the current version was JAWS 2021, I believe).
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #16/2023 is out! It includes, but not only:
-EvilExtractor #malware activity spikes in Europe and the U.S.
-North Korean #3CX Hackers Also Hit Critical Infrastructure Orgs
-China building cyberweapons to hijack enemy satellites, says US leak
-#GitHub Announces New Security Improvements
-Air Force Unit in Document Leaks Case Loses Intel Mission
-Russian hackers exfiltrated data from from #Capita over a week before outage
-#Lazarus hackers now push Linux malware via fake job offers
-3CX Software Supply Chain Compromise Initiated by a Prior Software Supply Chain Compromise; Suspected North Korean Actor Responsible
-#Fortra shares findings on #GoAnywhere MFT zero-day attacks
-#Google TAG Warns of Russian Hackers Conducting Phishing Attacks in #Ukraine
-Google patches another actively exploited #Chrome zero-day
-#Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs
-#Goldoson#Android Malware Infects Over 100 Million Google Play Store Downloads
-Takedown of GitHub Repositories Disrupts RedLine Malware Operations
-Microsoft has shifted to a new naming taxonomy for threat actors
-#YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
-#Apple’s high security mode blocked NSO #spyware, researchers say
-#Trigona#Ransomware Attacking MS-SQL Servers
-#WhatsApp and other encrypted messaging apps unite against UK law plan
-Mom Says Daughter's Voice Was Cloned with AI in $1 Million Kidnapping #Hoax
-#LockBit ransomware encryptors found targeting Mac devices
📚 This week's recommended book is "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software" by Michael Sikorski and Andrew Honig.
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
Does anyone know if there is any way in #Chrome to get #elk to open two different #Mastodon accounts in different tabs in the same Chrome window? When I open two tabs, go to my main account and then on the other tab my secondary account, the first tab changes to match the second. It's not awful, just would be kind of neat to have them side by side as tabs. #help#question
I've been trying to implement the #shareTarget API in my #PWA for years now and I'm so close to being able to accept files from a share (at least from #Chrome#Android) that I can taste it!!!
In manifest.json I set my method to "POST" and enctype to "multipart/form-data", but when I share to my app it just GETs the page with no POST or even querystring params.
I could try disabling the GET response and see what happens...
Weird... #Calckey works fine in Firefox on my desktop, but not in #Chrome. I'd blame versions of browsers and OSs, but everything else – i.e. #Mastodon – all load just fine in Chrome. 🤔
Zadziwia mnie jak bardzo różni się podejście #Google i #Mozilla w kwestii wtyczek do przeglądarek. Podczas tworzenia rozszerzenia do #Chrome okazało się, że wiele internetowych poradników i porad jest nieaktualnych, ponieważ Google jakiś czas temu przestało obsługiwać #ManifestV2 (czyli taki plik tłumaczące przeglądarce jakie uprawnienia potrzebuje rozszerzenie, jak się nazywa itd.) w silniku #Chromium i należy tworzyć rozszerzenia już formacie w #ManifestV3.
Zupełnie inaczej sytuacja wygląda w przypadku #MozillaFirefox – jak tylko załadowałem wtyczkę do sklepu, pojawił się komunikat, że moja wtyczka jest oparta o Manifest V3, a zalecane jest korzystanie z Manifest V2, ponieważ starsze wersje #Firefox nie obsługują V3, gdyż jest to stosunkowo nowość
The energy saver mode i #chrome should set the save-data hint so that websites also help to save energy....
The data-saver mode on Chrome for Android (RIP) was relatively popular. When it was removed, requests with save-data:on, dropped to almost 0.
I suppose this is one of the reasons why not many sites use HTML <datalist> element. This affects some Android browsers where the datalist overlaps on top of the keyboard (and sometimes just stuck there).
On latest Chrome Android, it shows a horizontal list above the keyboard, same like iOS Mobile Safari.
Thorium’s JXL patch is now BSD. This more permissive license will allow basically any Chromium-based browser to implement JPEG-XL support, as the hard work has been done for them.