This is why though I appreciate what DDG is doing, it's not informing users about the context of what these permissions are used for, leading to a lot of fear over the wrong things. The data may not even be leaving the device but the implication DDG makes is that it is.
As a side note, I prefer to use DNS66 to filter data and ads by domain, then manually set my Android app permissions as needed.
Yep. There is a metric fuckton of tampering across the board, some of which is sub specific.
It's the same kind of things they pulled with WatchRedditDie a long time ago but now it's site wide with little to no subtlety. The rules are imaginary and meaningless, more so than they already were.
Not just that but all embedded content would be infeasible if strictly enforced. It's not a Lemmy issue but part of the internet as a whole. We have browser tools for this already and it's not Lemmy's job to reinvent the wheel. The alternative platforms are so much worse by several orders of magnitude I don't understand the irrational fear here.
Some networks have those TLD blocked and banned for good reason. Hardening the browser doesn't mean anything when it's exploiting the URL specification and social engineering.
The domain is dumb, dangerous, and its use should not be encouraged. Please consult the many infosec professionals who have talked about this already.
I suspect it's not out of choice but because parts of the new UI is duct taped to the old. That said they'll still likely rip it out soon and break everything in the process, just as Spez's idol did to Twitter.
I'd like to think Typescript does a lot of heavy lifting where JS fails when it comes to web development. On the otherhand there is no fixing fundamental flaws in PHP.
Sure bad programmers write bad code, but if a language tolerates something so obviously janky via implicit unseen magic, it's just encouraging bad practices. PHP makes this worse by tweaking core behaviours in weird and wacky ways that can easily lead to security vulnerabilities.
I've been working with PHP for two years now (not by choice) but I still sometimes forget the weird behaviours these not-arrays cause. Recently I was pushing/popping entries in a queue and it fucked the indexing. I had programmed it like I would any other sane language and it wasn't until I was stepping through the bug I realised I had forgotten about this.
I hate PHP for so many more reasons. It baffles me why anyone would think it was a good idea to design it this way. Thankfully my current job involves actively burning it down and preparing for its replacement.
As a software engineer who has dealt with so many incidents resulting from the garbage coming out of salesforce. SO. MUCH. THIS.
I swear it's always in a perpetual state of duct tape no matter where I see it used.
Depends really. Nowadays publishers push out fake CGI marketing trailers and paid reviews to premptively muddy those information sources long before release. Same goes for social media (not that they were ever reliably accurate or objective anyway). There are even promises of DLC roadmaps that never materialise such as the OW2 story mode.
By the time actual independent reviewers have their embargoes lifted, the preorder sales window has closed and it wouldn't make much difference to those who already sunk money into the game. Those waiting in vain for DLC and patches are merely sacrificing their refund window.
I'm not surprised in the slightest. The politicians and managers in charge of said gov systems are usually of an age that have no idea the basics of how technology works, let alone infosec importance. It's then contracted out to the lowest bidder on deadlines that wouldn't permit proper hardening anyways. It's not even a US specific issue, Australians deal with this dumb fuckery regularly.
Then you get some piss poor public apology, someone gets thrown under a bus, and the cycle repeats ad infinatum.
As someone else who uses Tailscale behind a CGNAT, this indeed works. I use it for accessing my home server from the office for a year now. You can't quite self host anything public facing but anything on your tailnet can talk to it just fine.
Theoretically a VPS proxy into the server over the VPN could work for devices not capable of running tailscale but your mileage may vary.
Lets also not forget the massive amount of OS versions, hardware variants, resolutions, and localisations apps like Discord need to auto-adjust themselves to work with. If it fails it will absolutely need that info in the report so devs can fix it.