dantheclamman@lemmy.world to Technology@lemmy.worldEnglish · 4 months agoGoogle.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewedsimonwillison.netexternal-linkmessage-square33fedilinkarrow-up1610arrow-down110file-text
arrow-up1600arrow-down1external-linkGoogle.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewedsimonwillison.netdantheclamman@lemmy.world to Technology@lemmy.worldEnglish · 4 months agomessage-square33fedilinkfile-text
minus-squarevext01@lemmy.sdf.orglinkfedilinkEnglisharrow-up9arrow-down1·4 months agoThere’s some truth to that, but bad actors have managed to slip things through in the past. It happened recently with xz. I guess my point is that we put a lot of trust in strangers when we run any code on our systems. Open or not.
minus-squarexavier666@lemm.eelinkfedilinkEnglisharrow-up2·4 months agoTrue. We can also not run code at all and be perfectly safe. I wish there was a comparison. Number of 0days in open source and 0days in closed source for comparible projects and a measure for time to mitigate the 0days.
There’s some truth to that, but bad actors have managed to slip things through in the past. It happened recently with xz.
I guess my point is that we put a lot of trust in strangers when we run any code on our systems. Open or not.
True. We can also not run code at all and be perfectly safe.
I wish there was a comparison. Number of 0days in open source and 0days in closed source for comparible projects and a measure for time to mitigate the 0days.