this post was submitted on 23 Mar 2025
173 points (76.3% liked)

Technology

68066 readers
3819 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
173
I've tried nearly every browser out there and these are my top 6 (none are Chrome) (www.zdnet.com)
submitted 1 week ago by kirk781@discuss.tchncs.de to c/technology@lemmy.world
157 comments fedilink hide all child comments
 

The title is err, not correct because the top 2 alternatives Opera and Arc are based on Chromium engine. I have seen tons of people swear by Arc, but I am seriously asking (since as a Linux user I can't use it), how much good can a browser be in this day and age if ultimately it's ad blocking breaks and it will since Manifest v2 will go soon(unless Arc folks have a solution for it)

The rest alternatives are Firefox, Zen (FF fork but honestly Atleast this was something new I learned from this article) and Tor (which is weird since it is not meant for normal web browsing and using it will not only be slow but put additional strain on the nodes, correct me if I am wrong).

you are viewing a single comment's thread
view the rest of the comments
[–] jimi_henrik@lemmy.world 1 points 1 week ago (2 children)

It's not a backdoor, it just enabled Firefox's remote debugging tool by default

Just? I'm sorry but that's just a terrible mistake to make, especially for a browser that people use to surf the world wild web. I don't know if you've ever used a remote debugger (I do), but depending on the debugger, it can be a very powerful tool, you can do a lot of things with it. I don't think calling it a backdoor is a massive exaggeration. I don't doubt the developer's good intention, but this issue shouldn't be dismissed as an insignificant issue.

To add insult to the injury, it didn't even prompt the user for it.

Zen is as secure as firefox is.

Unless you tweak the default Firefox settings in the code base, e.g. https://github.com/zen-browser/desktop/blob/dev/src/browser/app/profile/zen-browser.js#L258 (allow unsigned extensions by default).

[–] L_Acacia@lemmy.ml 1 points 6 days ago

xpinstall.signature.required was set back to true, seems like complaining works well

[–] L_Acacia@lemmy.ml 3 points 1 week ago* (last edited 1 week ago)

It was enabled due that zen was still a toy project and we needed people to easily open the debugger for easier bug fixing. This was due because zen was not in a daily drivable state and didn't gain any sort of popularity yet As the dev says in the PR almost nobody was using the browser at that point. To be able to interact with the debugging server you would need to have a port open on your firewall and router. And you would need to manually start the dev server. The problem in the PR is it was not prompting the user when launching the debug server and user could turn on the debugger without touching about:config flags.

The second part is more questioning, though not exploitable without the user clicking 2 times on a security warnings. I just checked their github to see if there is an issue/pr on the subject and there is none. Might be worth making one.