you realize modern browsers have millions of lines and over a decade (or two!) of legacy code running that are under constant scrutiny by actors who spend all their time finding exploits in binary executables, right?
you realize your operating system also ships system updates on a regular, often daily basis, right?
“How is a security hole in the thing people use to do their banking a problem for the user?”
If you think it’s just a matter of writing a completely fresh browser every few years to remove legacy code, then I invite you to do so and prove us all wrong. I’ll be looking forward to it, along with all of the new security holes you open by using new, untested code all the time.
In the meantime, feel free to use an ESR version of whatever browser you prefer a slower update cycle while still being supported for any major security findings.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
would you rather they leave security holes open exposing your computer to bad things?
You know there’s another option besides not passing security holes to the users and then patching them later right?
you realize modern browsers have millions of lines and over a decade (or two!) of legacy code running that are under constant scrutiny by actors who spend all their time finding exploits in binary executables, right?
you realize your operating system also ships system updates on a regular, often daily basis, right?
How is any of that the user’s problem
If you think it’s just a matter of writing a completely fresh browser every few years to remove legacy code, then I invite you to do so and prove us all wrong. I’ll be looking forward to it, along with all of the new security holes you open by using new, untested code all the time.
In the meantime, feel free to use an ESR version of whatever browser you prefer a slower update cycle while still being supported for any major security findings.
This is a common excuse for a lot of box checking nonsense and we both know it.