Yep, we get it.
MSFT baaad!
Back in February 2018, Google's Project Zero went public with a Microsoft Edge bug that Redmond couldn't fix in time for its next patch release. Now, the Google researcher - Ivan Fratric - has provided a detailed technical explanation of the problem and says Microsoft's fix might not be adequate. Fratric discovered that an …
Funny thing is, just a couple days ago I came across a posting on the es-discuss@mozilla.org maillist where one of the regulars paid a compliment to Allen Wirfs-Brock at Microsoft, saying he might be the only one of those experts to have all of current ECMAScript in his head. (helps that he's been editor of last two/three/four spec editions)
Very possibly the majority of people at Microsoft are better than "worth a damn", individually. It's a shame they are embedded so deep in the quicksand at the sewer outfall.
What is the problem then? MS appears to just not care about security. They have more on the line yet Google finds all the major security vulnerabilities. Google found Shellshock, Meltdown, Cloudbleed, Spectre, Heartbleed and a bunch of other ones. Spectre and Meltdown found by multiple.
It just does not seem like MS is doing their part. Google created Chromebooks which are far more secure than Windows. Then they add GNU/Linux using a super secure method using containers and a VM and MS put it right into the OS which is going to be far less secure.
"And their products utter shite. Tried to use edge technology other day, lasted less than a day before tearing my hair out. Back to chrome."
I use Edge here without issues. It's noticeably faster than Chrome and uses fewer resources. Since Ghostery and U-Block Origin are available it's quite a passable browser solution.
Also notice how the evil MS aren't wasting their time picking holes in Chrome, they seem happy to let any vulnerabilities in Chrome persist.
Is that because they've now risen above this petty point scoring? Or because they know there are some humdingers in there and they're waiting for the shit to hit the fan.....?
"I'd like to personally thank Microsoft for the close relationship I maintain with my parents, going round to fix broken Microsoft stuff is the primary reason for 90% of my visits"
The answer to that one is to install the new "Windows" that is immune to CryptoLocker, virii, trojans, etc - Linux Mint Mate. Just watch the requests for help exponentially diminish.
Seconded.
Trouble is that there's now too much Web stuff that relies on it. If we lose Javascript (and Meltdown came pretty close to causing that) the likes of Google are in deep trouble. I can't see them advocating a precautionary change of direction which is a pity, because they own Chrome...
"Trouble is that there's now too much Web stuff that relies on it"
Yes, this can be a problem, so my approach isn't quite as absolute as I indicated in my comment. What I do is use a plugin to let me manage what Javascript gets to execute. By default, none does. If I hit a website that breaks because of this, I typically just move on and ignore that website. If the site is actually important, then I take the time to figure out which specific scripts need to be allowed in order to accomplish what I need to accomplish there.
In practice, there really aren't that many sites that simply break with Javascript, though. Usually, it just breaks some specific functionality, and usually that's not functionality I need in order to do what I need to do.
One of my systems just got the 1803 update and as I logged in I was asked if I wanted to allow slurping or if I wanted to allow slurping... the interface was using a tactic I first encountered with the win32.hybris worm, though back then I could kill it in task manager, no luck with Redmond's beast, I had to give consent to slurping or I could not access my computer to perform the downgrade! Ok, yes, I have backups, I could create a bootable USB device with the desired version, format C:, install Windows again, and restore from backups without giving consent ... but if I logged into the computer, it was mainly because, well, hello, I wanted to use it ... guess I should have rebooted into Linux ...
This is enough, I am seeking legal advice!
Now the Edge angle ... when I got through the multiple choice questions, I was greeted with this abomination which is Edge* displaying a page for the intellectually defiscient full of click bait content, ala The Sun, Daily Mirror, Telegraph, CNN, Fox News etc - note that Firefox is my default browser.
Almost every time I go to microsoft.com, I have to click away a nag for Edge, it was already weird to set my default browser because the only option looked like Edge, there is a clickable area to choose an alternative, but it "looks" disabled. Maybe I need to bring that to the attention of the ECJ as well ...
* this might have been my fault, not sure, because I clicked a few things in the slurping dialog, you never know where Redmond would hide the opt-out ... but no opt-out there was this time ...
First it was Gifs, tiny images that substituted for bullets characters in fonts and the like, not the bigger pictures people actually viewed. The internet crawled with them. then the bandwidth was worse than it is today and people noticed much more then we do now, but the proliferation of.js (Java script) is in plague proportion and it's rigged to prevent normal function of the browser unless the server can dump a whole load of crap into your computer to do things you don't need and to duplicate stuff you browser could do years ago.
Cease and Desist this java crap, I don't need it, I don't want it, I mostly browse without it. most websites work brilliantly without it. it does nothing for their operation or compatibility, that a well designed site can do without it. Server code runs a shopper site anyway design them like a mail order catalog.
Cease and Desist this java crap,