FYI, they added a lot more formats to the list after that.
Preferred
1. Platform-independent, character-based formats are preferred over native or binary formats as long as data is complete, and retains full detail and precision. Preferred formats include well-developed, widely adopted, de facto marketplace standards, e.g.
a. Formats using well known schemas with public validation tool available
b. Line-oriented, e.g. TSV, CSV, fixed-width
c. Platform-independent open formats, e.g. .db, .db3, .sqlite, .sqlite3
2. Any proprietary format that is a de facto standard for a profession or supported by multiple tools (e.g. Excel .xls or .xlsx, Shapefile)
3. Character Encoding, in descending order of preference:
a. UTF-8, UTF-16 (with BOM),
b. US-ASCII or ISO 8859-1
c. Other named encoding
---
Acceptable
For data (in order of preference):
1. Non-proprietary, publicly documented formats endorsed as standards by a professional community or government agency, e.g. CDF, HDF
2. Text-based data formats with available schema
For aggregation or transfer:
1. ZIP, RAR, tar, 7z with no encryption, password or other protection mechanisms.
The more severe problem is that Google installs model weight files on a per-user basis, meaning Chrome occupies 4 more GB of space for every OS user on your device.
The company I work at has several environments and hundreds of VDI users in each environment. Chrome is the default browser in all of them. By my rough napkin math, this one small change by Google will eat up at least 15 terabytes of new disk space in total. (I sure hope we are using deduplication at the physical storage layer...)
4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks (and in the future even PhD level intelligence) for free?
Oh, the horror!!!
Wait, let me pay my HVAC guy $500 he deserved because he came all the way from his home to replace a fuse
It doesn't make sense to apply wholesale prices for mass storage. People are running Chrome on specific devices that they already own. Storage is not fungible in this way.
As the saying goes, gp didn't pay $500 to have the fuse replaced, he paid $500 for the training and experience that was required to know that the fuse had to be replaced.
> 4GB, $0.10 (whatever the HD price) that is the equivalent of a High School level intelligent brain that can perform many cognitive tasks for free?
This is better than my current solution of an actual human with masters degreed intelligence performing all my cognitive tasks for free how? I mean, i'm the first to admit i'm extremely lazy and even i'm over here like "really??"
This logic is perfectly aligned with the Chromium threat model. Once an attacker gains administrator access, it is game over by definition.
I doubt this is an Edge-specific issue. Microsoft has no interest in making their browser less secure than its upstream.
> Why aren‘t physically-local attacks in Chrome’s threat model?
> We consider these attacks outside Chrome's threat model, because there is no way for Chrome (or any application) to defend against a malicious user who has managed to log into your device as you, or who can run software with the privileges of your operating system user account. Such an attacker can modify executables and DLLs, change environment variables like PATH, change configuration files, read any data your user account owns, email it to themselves, and so on. Such an attacker has total control over your device, and nothing Chrome can do would provide a serious guarantee of defense. This problem is not special to Chrome — all applications must trust the physically-local user.
It's a very standard defense-in-depth technique to put secrets between guard pages and only make the secret page readable when needed. That way any inadvertent access, be it programming error or exploit, simply causes a segfault, unless it's raced with a valid access (in a multithreaded or shm context) or the exploit explicitly changed the permission bits. Most memory disclosure vulnerabilities don't allow you to do that.
That being said any single password, when used, passes through so many layers and components that it's likely impossible to even just wipe the contaminated memory locations. But that's fine, the password database is opened for most of the browser's lifetime, any given password actively being used is a rare event in comparison.
It absolutely ain't Edge-specific. Firefox (AFAICT) also keeps stored passwords in clear-text unless encrypted with a passphrase (which is not the default on desktop; on Android there's a fingerprint/PIN check to access them, but I don't know offhand if there's any encryption involved with that).
Really this is true of most credentials stored within applications; unless you're providing a decryption key on open (whether explicitly or on OS-level login using some keychain mechanism), the stored credentials are probably plaintext.
Or unless you need to reenter password/offer fingerprint after certain amount of time. Which, I think, should be the actual standard, and typically is with the apps like Bitwarden.
>> Microsoft has no interest in making their browser less secure than its upstream.
Microsoft has every interest in spending as little money as possible on edge, just enough to keep people swalling the tripe. User privacy is not a thing at MS and hasnt been for decades. Plaintext passwords in a MS product is just another monday. It will take decades more to convince me they have changed.
Look, Ihate Microsoft too but Edge is just Chrome with a different skin, so they'd have to have gone out of their way (and spent money paying engineers) to make Edge less secure than Chrome/ium.
The whole point of them using chromium shows how little they care.
The old edge wasn't used much no but that wasn't due to its engine. Most people don't even know what a browser engine is.
They just didn't want to bother making a browser. But they want to benefit from the marketing advantages of having a browser so now they just lift along with chrome.
I think they do care, but they care about relevance, not browser monoculture. Doesn't matter how good Trident was, no one was ever going to use it. Even Firefox is barely hanging on, and the only reason Safari is still somewhat relevant is because it's the only choice on iOS.
And my relevance I mean their bread and butter, enterprise, not consumers. Edge is what lets MS give enterprise IT departments maximum control without the grumbling of "we'd rather have Chrome" from the end users.
Well that's the thing. I don't think anybody didn't use Edge because it was a different engine. The majority of users have no idea that edge is just chrome now.
It's just when they moved to chromium they also stepped up the marketing around it and all the lock-in in Windows and that's really what got people to use it. Basically the same thing they did to make IE a monopoly.
They also really heavily pushed companies to start using it. Every time we had a call with a MS consultant and we shared a screen they had to bitch about us not using edge, as if they were on commission or something. Eventually they manipulated our leadership into mandating edge to all employees. It's totally locked down now too, it's terrible for the users.
But my point is, they could have done this with the trident version of edge too. I've never heard anyone complain about compatibility. Whenever people didn't want to use edge it was because of a (totally justified) distrust of Microsoft. We should never give control over the internet to them again after what they did with IE (making it a monopoly through illegal means and then leaving it to wither away full of security holes). But unfortunately at work they have got them to remove all other browsers :(
I don't think so. Oracle isn’t a consumer-facing company and doesn't really care about that sector. SWT and Swing will likely remain as ugly as they are for the next century, regardless of their popularity.
Microsoft, Google, and Apple have invested millions to polish their GUI solutions because that’s where their revenue comes from.
I don't think that will work. How many of us did contribute a simple patch to LibreOffice, Firefox, or GNOME?
At least this statement doesn't hold for LibreOffice. Their Online version, including "simple" HTML/CSS components, was archived because of a lack of maintainers. For their main project, the vast majority of contributions in the last release were made by former ecosystem partners (Collabora) or TDF staff. Volunteers only did a fraction of the work [1].
The difference is that LibreOffice, Firefox, and GNOME are really really technically complicated.
Document file formats are a fucking nightmare, especially the Microsoft ones, and needing perfect compatibility with them spanning a generation is hell on earth.
Firefox is a similar scenario but for the web and decades of "it works on the dominant browser but the dominant browser refuses to follow the spec".
And GNOME is a matter of varying levels of direct hardware support/integration and app compatibility across basically the entire personal desktop computer and laptop eras.
Each of those has a compatibility scope that's absolutely massive.
Comparatively Tangled is a greenfield project with no compatibility requirements other than "support git" and "don't break compatibility with itself".
GitHub Actions doesn't have a lock file, so your repo is still prone to transitive attacks if the SHA-locked actions you use also happen to use other composite actions by tags, which could be compromised in the future.
Yes, it's maddening. Especially since it's a fair amount of effort to move to commit SHA pinning and establish a good maintenance/monitoring process around it; if I knew it would be adopted quickly, I could argue that people should just wait and accept temporary risk.
It would be cool if CI could inject a platform-wide lockfile into every remote download or lookup made by your scripts. So if you pull a container or git tag, the CI platform would automatically ensure that the exact digest downloaded is controlled by a lock file that you can inspect, check in, etc.
reply