That actually sounds really good as long as this kill-switch is properly secured ofc. Forcing people to Update their security should honestly happen way more often.
@@no.one.2That was my thought too. It wouldn’t just be public interest either. The competition that would fight it also has significant amounts of money to lobby against it. That is if they don’t join sides. If Microsoft and Apple did the same, then we might be fucked. But I’m sure someone knows more about it than I do.
@monkaSisLife honestly since day 1, i just needed a browser where i could end my sessions without needing to use reopen last used tabs. Every session feels like a new day
@@shubhamcweb *Revelation 3:20* Behold, I stand at the door, and knock: if any man hear my voice, and open the door, I will come in to him, and will sup with him, and he with me. HEY THERE 🤗 JESUS IS CALLING YOU TODAY. Turn away from your sins, confess, forsake them and live the victorious life. God bless. Revelation 22:12-14 And, behold, I come quickly; and my reward is with me, to give every man according as his work shall be. I am Alpha and Omega, the beginning and the end, the first and the last. Blessed are they that do his commandments, that they may have right to the tree of life, and may enter in through the gates into the city.
Just letting everyone know, the "animation-timeline" property is still experimental, and is actually disabled by default in Firefox. You have to enable it manually in about:config, and practically nobody actually enables obscure CSS features like this, except maybe webdevs testing compatibility.
@@robertjenkins6132 I don't think the score goes up or down by that much based on user configuration. The exploit itself can do a lot of damage on devices that are vulnerable, and the fact that only a small number of people are actually vulnerable (most likely web developers testing the feature out, and who potentially have access to more sensitive systems) is enough to justify the rating, I assume.
"Something no one thought would happen" not all of us are this naive.Those at the highest level know every system on Earth is just a house of cards held together with duct tape and super glue...
0:48 is an example of why you should read announcements carefully. The versions in the screenshot are the ones that include the fix, not the ones you should update from. Been searching for a way to update my ESR from 128.3.1 until finding out just now that it's the safe one
some crazy mf out there will exploit the hell out of html tag, am i the ahole for not testing every single API functions in my npm against every hardware in the world? to make sure that one smart fridge in the middle of ohio won't get hacked from my code
So from what I'm hearing from the start, Chromium got hit by an exploit but nothing happened, and Firefox got hit by an exploit but something actually happened. And this all happened in the past 2 weeks of which Chrome was trying to kill a major ad blocker because it "harms Chrome". Suspicious.
AdBlock death mentioned!!! For a moment I thought that I wouldn't be able to say "Thank god I use Firefox" on this video. What a scary thought that was.
According to information shown in the video, it's fixed in .02 version. You can also see its fix announcement in 131.02 release notes. @@joaocarlosniza2934
Thank God I use a dot matrix printer. I just stream the backbone packet flow right into the printer's parallel port, and then look at the printouts of hex digits. My printer is still working through 1995, when it reaches 2024 I will be able to reply.
@@zerthur yes I understood that I saw where he was pointing, I was only pointing that out in case people panic that the exploit hasn't been fixed on the newest version
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Thank God I use a modified version of chromium that I patched and built myself in order to implement my custom AdBlock into the core of the browser so I can watch fireship uninterrupted for 24hrs at a time and become an uber developer
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
This is why I always bang my head when someone says "I don't use Chrome, I use Brave/Vivaldi/Opera" or "I don't use Firefox, I use LibreWolf/Tor"... the fact that they are based on upstream code means that some of the flaws will trickle downstream.
Bingo bango. Mulvad Browser which is created with the Tor Project team, uses Firefox, and they're fast to fix things but this doesn't mean they're not vulnerable to exploits.
People need to be smarter and use browsers on virtual systems or sacrificial computers. Accessing the internet with a browser on your main PC is asking to be hacked.
Make sure to sanitise the html before thinking about it, you might get some remote code execution in your head. Before you know it you'll be part of a botnet... ehh cult.
Unless it is untouched by humanity it's fine... The only thing in this universe that's kinda safe is literally everything that humanity can't hold or control off in any way or capacity.
@@ultimate9056 c++ is in fact the most readable language which is why rust copies most of c++ but they decided to make it a dyslexic version that is hard to read.
The animation-timeline property is still in the experimental stage in Firefox and therefore behind a feature flag. Very unlikely to have affected many.
Yep, have to go to about:config I believe. Anyone reading this, you can check this stuff, it's also why you should be wary of the experimental flag codes.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Google has been found to be a monopoly. We need a single Governor or DA to file a lawsuit about the deprecation of MV2 being an abuse of monopoly. The lawsuit would grant us discovery and it would put the deprecation on hold for years.
For those who were worried about the "if you're using 131.0.2 you're already dead" I think that was a misread on Fireship's part as that is the version that it is fixed in
Correct. Also, you were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
I downloaded Firefox when that was announced with the intent to move but the quality of life is so bad in comparison I'm going to miss chrome when I have to move
@@turolretar I need the internet. Not even just for my job. I can't even pay taxes or do any banking without it. Energy bills, getting a new ID, paying a parking ticket,... nothing here can be done without internet. We don't even get the goddamn calendar for garbage collection days on paper anymore.
This is just a byproduct of software development. The more stuff your program/software does, the more things WILL go wrong. The dystopian part is that this keeps happening and every single human is acting like nothing happened because we are slowly being conditioned to just accept the status quo and just don't think things could be any different than they are now.
0:55 It's on October 15, 2024 or Rabi' al-Akhir 12, 1446 AH and you're watching Fireship Videos about Firefox and T0r Browser with 9.8 CLE on the Code Report Series.
Bruh this man is really using hijri, what's your birthday then? That's right you can't say a specific date because it's never the same each year, have fun being stuck in the 1400s 💀
@@Cosine_Omak His birthday would be whatever date it was in the hijri calendar. You're probably one of those programmers that introduces a date related bug, if you even are one.
Not openly and unapologetic corrupt politicians? Educated people staying in the country to create higher tech business nationally? Not needing a trip to a neighbour for good healthcare?
@@Pesikosse slovaks feel like that type of nation who would bring their political problems and their unimportant existence (inferiority complex lol) even to fireship
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Are you sure that the versions you pointed out are the affected versions? The sentenance is literally "Fixed in version Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1" So shouldn't all of them be fine?
@unknowncoder7332 i don't think so. normally if something gets fixed it also gets a new version number. so it probably was the previous versions that had the vulnerability, then they fixed these and then released the fixed versions with the numbers that op and the video mentioned.
There is conflicting information on how long they will support it or if that support will be full, but for now at least they have made it clear they aren't going to drop it in the _near_ future. It still needs to be seen what the final strategy looks like but for now, it appears that there will be continued support in some form. My personal perspective is that they should just fully commit to being a divergent branch of chrome, and stop pulling updates from Google and start implementing new features themselves.
I checked my Firefox version immediately and saw that it was 133.0a1 while vulnerability only affects those who are lower than 131.0.2, meaning I'm safe. P.S. I use Firefox Nightly, so I get faster updates but they might be unstable.
As this isn't a planned feature, having your version number being higher than the one were the fix was introduced doesn't mean anything With auto-update turned on it should be fine anyway, but it would have been better if they had put a version number for the nightly build too in that post
Regarding the ad-blocking, I use the Brave browser, which has a blocker built in. It's also configurable, so I've got it set up to block 'Shorts' on here, which I think are brain-rot.
There's also extensions for blocking different TH-cam site stuff, but you have to check permissions and then whether you trust them or can keep track of changes including ownership.
0:47 You literally said the opposite of what it says on the screen. The vulnerability was FIXED in 131.0.2, etc. By the way, thank god I am using Lynx on Amiga OS.
Thank god I download HTML CSS and JavaScript files individually, read them, then in my mind imagine what the webpage looks like
bro watches movies in a hex editor
Literally a full browser engine on your mind 😊 .
@boreal3255 bro literally has codec built-in to brain💀💀
@@boreal3255 you ever see that one where the girl 0x37 and then she 0xF2 it's so hot
*RCE's the brain*
That’s why Firefox refused to load more webpages until I updated it. They have a kill-switch in existing versions now to force patching.
when new update was released?
Did not expect to see a TH-cam legend in the fireship comments🙏
chocolate pain bro
So what you're saying is they can kill your access to web browsing at any time
That actually sounds really good as long as this kill-switch is properly secured ofc. Forcing people to Update their security should honestly happen way more often.
Nothing will stop me from using adblockers. If chrome cannot handle it, then I'm just not going to use chrome at all.
@@zzzzssss3 then not use that website.
Cue google doing everything it can to make TH-cam not work correctly on Mozilla base browsers.
@@nordoceltic7225antitrust lawsuit?
@@no.one.2That was my thought too. It wouldn’t just be public interest either. The competition that would fight it also has significant amounts of money to lobby against it. That is if they don’t join sides. If Microsoft and Apple did the same, then we might be fucked. But I’m sure someone knows more about it than I do.
i have switched to brave. love it. never going back
thank god i use edge, who needs security exploits when your browser itself is a malware
Nice to see fellow edger here…
How long is your edgeing streak?
Big brain move here
@monkaSisLife honestly since day 1, i just needed a browser where i could end my sessions without needing to use reopen last used tabs. Every session feels like a new day
@@shubhamcweb
*Revelation 3:20*
Behold, I stand at the door, and knock: if any man hear my voice, and open the door, I will come in to him, and will sup with him, and he with me.
HEY THERE 🤗 JESUS IS CALLING YOU TODAY. Turn away from your sins, confess, forsake them and live the victorious life. God bless.
Revelation 22:12-14
And, behold, I come quickly; and my reward is with me, to give every man according as his work shall be.
I am Alpha and Omega, the beginning and the end, the first and the last.
Blessed are they that do his commandments, that they may have right to the tree of life, and may enter in through the gates into the city.
Me: Thank god I only use newspapers.
Fireship: A 9.8 critical level exploit has hit Newspaper inks.
Etaoin shrdlu
hahahahahahha this is a good one
You here how printers inject yellow ink for fingerprinting paper?
Im not paranoid.
@@kehlarn6478Smart lmfaoo
they used to have mercury and other heavy metals in printing ink. yum
Just letting everyone know, the "animation-timeline" property is still experimental, and is actually disabled by default in Firefox. You have to enable it manually in about:config, and practically nobody actually enables obscure CSS features like this, except maybe webdevs testing compatibility.
Ah ok. Tbh I couldn’t care less about having something be animated, so maybe my accounts will be safe…
Damn, that is a level 9.8 critical omission that is super relevant to the story.
@@neniugravafr
How does the bug get a 9.8 score, then? Do the numbers mean anything? The Boy Who Cried Wolf?
@@robertjenkins6132 I don't think the score goes up or down by that much based on user configuration. The exploit itself can do a lot of damage on devices that are vulnerable, and the fact that only a small number of people are actually vulnerable (most likely web developers testing the feature out, and who potentially have access to more sensitive systems) is enough to justify the rating, I assume.
A 9.8 vulnerability in a CSS rule is something nobody thought would ever happen.
I did... most security leaks happen in shit nobody asked for... not in critical important stuff.
"Something no one thought would happen" not all of us are this naive.Those at the highest level know every system on Earth is just a house of cards held together with duct tape and super glue...
You guys can't seriously be whooshing this hard...
9.8 not great, but not terrible either. Like a Therac-25 chest x-ray
My irony detector burned out after reading OP’s comment
Google engineers trying to stop users leaving from their Manifest v2 removal by hacking Firefox
This
This is it man,
also I thought it was v3 now
Underrated comment🫡
is brave browser still able to block ads?
Google funds Mozilla
0:48 is an example of why you should read announcements carefully.
The versions in the screenshot are the ones that include the fix, not the ones you should update from. Been searching for a way to update my ESR from 128.3.1 until finding out just now that it's the safe one
Thank God I don't use browsers at all
I prefer using Vim.
Kmeleon best browser
Can't beat Lynx.
Who needs a browser when you can download the html with curl and open it with nano
most average curl user:
A 9.8 vulnerability in CSS will bring us closer to HTML programming
this was our only shot at HTML programming and people classified it as a vulnerability 😞😞
some crazy mf out there will exploit the hell out of html tag,
am i the ahole for not testing every single API functions in my npm against every hardware in the world?
to make sure that one smart fridge in the middle of ohio won't get hacked from my code
HTML is a programming language 🗣🗣🗣📢🔊
css is Turing complete iirc, or some offshoot of it is I think
The ML in HTML now stands for machine learning OMG
Thank God I paint in caves.
Everyone knows that the only secure browser is the Nintendo DSi browser
Hell ya
outdated opera browser, very secure 💀
I mean though... Who the hell is gonna exploit the DSi browser 😭🙏
@@froggotheboibold of you to assume I don't have all my crypto wallets, passwords, and bank information saved on the DSi browser
@@froggotheboiSomeone with too much time on their hands and a because I can attitude.
The same browser that can remotely execute code on the machine lol
Thank God, I use local neighborhood gossip.
Underrated comment 😆
Your local neighborhood contained a fed all your records have been infiltrated
That's actually way more malicious.
I wish you could still just sit on the phone and hear everyone in the neighborhoods convos. Streaming services are so expensive!
🤣🤣🤣🤣🤣🤣🤣
So from what I'm hearing from the start, Chromium got hit by an exploit but nothing happened, and Firefox got hit by an exploit but something actually happened. And this all happened in the past 2 weeks of which Chrome was trying to kill a major ad blocker because it "harms Chrome".
Suspicious.
AdBlock death mentioned!!! For a moment I thought that I wouldn't be able to say "Thank god I use Firefox" on this video. What a scary thought that was.
Just use a chromium fork with manifest v2 packed in.
@@n646n why go through all that work to get an outdated chrome when other browsers like ff exist
@@n646n like Edge
@@n646n
Care to provide an example?
@@marrenirre9994 thorium
Thank God I'm using TH-cam on TempleOS
Blessed
I would pray for you but youre already holy enough.
I keep thinking one day I'll switch over to watching youtube in mpv full time because their front end is so terrible.
TempleOS doesn't have a networking stack, it can't connect to the internet. Repent sinner.
>networking in the temple with anyone besides our Lord
I can see you glowing from my house.
0:12 "Sir, a second browser has been hit" This joke format will never die... and i love it!
It's a good thing the other 21 million lines of Firefox's code don't contain anything like that.
But it only takes one bad piece of code to crumble the whole software
@@speedforce8970 But, as an open source program, it takes 1 day for such things to get caught and patched,while Chromium would be far less efficient
@@speedforce8970 it only takes one FBI agent to give away zero day vulnerability in any possibly browser or os which wasn't publicly announced yet
Clueless
@@usernametaken017indeed, but I still chuckled
I saw this video and immediately checked updates and Firefox was like "yeah, I'm on it"
same. Fixed in 131.0.2, my system was already on 131.0.3
@@GSBarlev its been fixed for 131.0.3
According to information shown in the video, it's fixed in .02 version. You can also see its fix announcement in 131.02 release notes. @@joaocarlosniza2934
Updated from 130 just now 😅
Same with Chrome lol
I chose to boycott forced advertisers. Deal with that Google.
Thank God I use a dot matrix printer. I just stream the backbone packet flow right into the printer's parallel port, and then look at the printouts of hex digits. My printer is still working through 1995, when it reaches 2024 I will be able to reply.
bro wtf
see you in 3024
0:46 you're wrong - these versions FIX the issues, so if one is using these versions they are safe.
yes but if you look up Mozilla Foundation Security Advisory 2024-53, you'll see that the current version, 131.0.3 is also fixed
You misunderstood. The infographic points to "vulnerability fixed"
@@zerthur yes I understood that I saw where he was pointing, I was only pointing that out in case people panic that the exploit hasn't been fixed on the newest version
so... is 131.0.3 safe?
@@atsizbalik yes because it is after 131.0.2
The moment chrome kills adblock is the moment I kill chrome on my computer and bury it
thank god I only use cuneiform clay tablets
10.0 CVE: Water
𐎧𐏁𐎨𐎠 𐎶𐎠𐎴𐎡𐏁𐎶
This guy's never heard of tablet decompiling. Clay dust is a killer.
Cracks your clay
I use Inca tie beads. Far more convenient.
Website: fixed in [lists versions]
This guy: "if you're on one of these versions, you're already dead"
Bruh
Haha, this
Yeah i panicked for no reason because of this. Then read the text carefully and audibly bruh'd.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
yea i had to rewatch that part a couple times to clear confusion
Thank God I send the link to every webpage I want to visit to the printing shop and then get a paper print without opening a browser myself
Thank God I use a modified version of chromium that I patched and built myself in order to implement my custom AdBlock into the core of the browser so I can watch fireship uninterrupted for 24hrs at a time and become an uber developer
Do you also do developing through Lyft, or only Uber?
Can you open source it 🥺
@@theseangle May want to look at Brave
@N3G4T3
You can only develop for Uber or Lyft. But he can develop for DoorDash and Uber.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Thank god I use the Samsung Smart Fridge.
Currently replying to this with my wifi-enabled sous vide machine.
Currently replying using biscuit
Sent from Kohler Smart Toilet.
hahaha .. !🤣
@@tealdolphin3721 Funniest comment for this video award goes to you, sir!
The CIA: yes let your data flow through me.
Thank god, I call the website admin, ask him to recite the html, javascript and css then, write them on my local machine and render them in my mind.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Thank god I only watch youtube through a telescope looking through my neighbor's window.
😂😂😂😂😂
This implies that you broke into your neighbors home just so that you could leave this comment... 🤔
@@patrickm.2155you clearly never heard of telepathy
@@patrickm.2155he will replay when he gets out of jail
1:34 SLOVAKIA MENTIONED 🗣🗣
0:12 is dam funny, feels almost wrong
The turns have tabled
Sir, a second 9/11 joke has hit a Fireship video
dude I didn't even noticed that
It was smoothly done.
Video that is from: Behind the scenes: In Sarasota classroom, Bush learns of Sept. 11th attack
This is why I always bang my head when someone says "I don't use Chrome, I use Brave/Vivaldi/Opera" or "I don't use Firefox, I use LibreWolf/Tor"... the fact that they are based on upstream code means that some of the flaws will trickle downstream.
Bingo bango. Mulvad Browser which is created with the Tor Project team, uses Firefox, and they're fast to fix things but this doesn't mean they're not vulnerable to exploits.
People need to be smarter and use browsers on virtual systems or sacrificial computers. Accessing the internet with a browser on your main PC is asking to be hacked.
@@leonthayne no it isn't. That's a nuts thing to say lol
I prefer that rather than being at the mercy of evil companies like google. Any sane person knows that.
Opera uses Chromium?
Yikes! 😬 Just when you thought you were safe behind layers of privacy, the hackers find a new backdoor.
Thank god i use curl and simulate the html and css in my head
Curl had a major CVE not that long ago tho
you can pipe "curl" output with "html2text" tool and is pretty decent (?)
Better just make Curl urself (might be vulnerable)
@@jacobsan thank god i use my own tcp socket and send the packets myself
Make sure to sanitise the html before thinking about it, you might get some remote code execution in your head. Before you know it you'll be part of a botnet... ehh cult.
I just wanted to start cleaning my room, but this notification is of course more important lol
same here🤣
Excuses
@@EchterAlsFake Don't forget to type in that you stopped the act of cleaning the room or else you might create a vulnerability
@@usernametaken017 😂
Your majesty second critical exploit has hit the second browser
Thank god I use carrier pidgeons.
You gotta look out for rigged pigeons though
you mean DRONES?
My falcons say hi 🙋
I think you missed CVE-1200BC where an exploit was found in which you can just fire an arrow at them to get all the data in plaintext
Sir, your pigeon got a lot of viruses.
I wish my college professor would've used that cat/dog picture to describe dangling pointers
Me, who's on version 131.0.3: Ha!
People who find some exploits in it: Ha!
Nothing is "SAFE" in this universe!
Unless it is untouched by humanity it's fine... The only thing in this universe that's kinda safe is literally everything that humanity can't hold or control off in any way or capacity.
@@josephbryanasuncion4904 Hoooo boy, wait until you find out about natural disasters!
This is because the compromising the browser is the golden egg for hackers.
@@theKashConnoisseurnatural disasters are disastrous to living things and infrastructure. To the universe at large, it's just another Tuesday
@@charlesmartin1972 for universe at large, disaster does not even have a meaning.
2:36 In C you don't need to cast anything that returns void pointer, malloc returns void pointer so you don't need t cast it to an integer pointer!
He had one job... 😂
You see this all the time. It's the signature of a secret C++ coder invading a C codebase.
@@jbird4478or maybe a person who values readability?
@@KokurorokukoC++ and readable don't belong in the same sentence
@@ultimate9056 c++ is in fact the most readable language which is why rust copies most of c++ but they decided to make it a dyslexic version that is hard to read.
Thank God I use Firefox and CCleaner
Thank god i use Chrome... Oh wait
Uninstall it
He just got an ad, leave him alone
@@TimoWenz nah, this is our chance to talk crap about him while he's being ad-walled and can't defend himself😈
@@sanjaymaurya5520 | The joke flew over your head.
"want a break from the ads? if you tap now to watch this video, you'll receive 30 seconds of uninterrupted watch time"
The animation-timeline property is still in the experimental stage in Firefox and therefore behind a feature flag. Very unlikely to have affected many.
Yep, have to go to about:config I believe. Anyone reading this, you can check this stuff, it's also why you should be wary of the experimental flag codes.
Thank god I haven't updated firefox since 2014.
Slovakia mentioned, lets gooo
The Best country in EU!! lets gooo
Romania best💪
eset rootkit mentioned
tiež som bol prekvapený
@@TheVektast Ale zas, odtiaľ potiaľ. O tomto sa ani nesranduje 🤣
The turns have tabled😂
Tomorrow today will be yesterday.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Whoever put vincent from pulpfiction in your video edit is a genius.
Google has been found to be a monopoly. We need a single Governor or DA to file a lawsuit about the deprecation of MV2 being an abuse of monopoly. The lawsuit would grant us discovery and it would put the deprecation on hold for years.
the govt will bow to this big fat company and liking their ass to help them gather all human data
0:33 "What did I tell you about the dangling pointers man!!!" ...is the first thought that came to mind when I heard this.
SBAHJ?
Thank god I downloaded the internet so I can print out every page webpage ever
Thank god I use Netscape Navigator.
Firefox IS Netscape Navigator in disguise.
@@nanonymous9139 Firefox deviated so much from that. SeaMonkey hasn't really deviated.
@@nanonymous9139Is it really? I feel so proud of the little guy.
Didn't expect zen to be mentioned. Been using it for a month now and I'm never going back.
its a bit buggy but it's pretty good, I've been using it for around 3 weeks
I didn't expect to switch fully but I cant find a reason to open Firefox the last 2 weeks lol. This browser is good.
librewolf >
Thank God I use carrier pigeons instead of the internet
Thank god I'm using socket()/write()/read() to browse the web.
Honestly considering it
You should also look into using connect(), preferably before those writes and reads
Thank god I didn’t watch the video and the problem doesn’t exist.
4:25 there's a discord notification ... got me
?
I barely heard that after rewatching, nice catch! 😅
1:23 Do you mean to say that I as the browser user am not able to see the incoming network requests?
Where can i find that animation at 3:08 ? I am laughing my ass off. They have upside down cows walking down a bike chain, and a colander
Thank god I use the Wii U web browser.
For those who were worried about the "if you're using 131.0.2 you're already dead" I think that was a misread on Fireship's part as that is the version that it is fixed in
Correct. Also, you were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
Man, i use 115.16.1 esr version for windows 7. Does that mean hackers already got my info even if I didn't used pc for last month?
Wow, thanks for introducing Zen, it's such a cool browser!
Nice Zen shoutout 👍 it's an awesome project.
The exploit is not "bad" enough to escape the browser's sandbox. Another severe vulnerability would have to be used for a user-level RCE.
Not a coincidence this happens right when chrome is ending all adblockers with their new manifest, not a coincidence at all...
How do people even find this stuff to exploit.
people paid by Google.
@@victorbitencourt9481to find and use this exploit for as long as possible before hobbiest do and report it.
Too much free time
The latter of the two comments before me
They already knew
Last week - Thank god I use Firefox...
This week - Oh god I use Firefox...
0:08 "the turns have tabled". 😂
I'm dropping chrome if they block ad blockers
I dropped chrome as soon as they announced it. Happy to continue using Firefox, dangling pointers and all
Chrome is for debugging Android apps. ☠️☠️
Once you're at it ditch windows as well
I downloaded Firefox when that was announced with the intent to move but the quality of life is so bad in comparison I'm going to miss chrome when I have to move
welcome to years ago
I feel like every video were getting closer and closer to a dystopian future where no one is safe and nothing is sacred
The funny thing is once you close the internet all of this goes away, like it never happened
@@turolretarthey will advertise in the night sky when they get the chance
@@turolretar I need the internet. Not even just for my job. I can't even pay taxes or do any banking without it. Energy bills, getting a new ID, paying a parking ticket,... nothing here can be done without internet. We don't even get the goddamn calendar for garbage collection days on paper anymore.
This is a reasonable reaction to have when you find out about 1 (one) error among millions of lines of code.
This is just a byproduct of software development. The more stuff your program/software does, the more things WILL go wrong. The dystopian part is that this keeps happening and every single human is acting like nothing happened because we are slowly being conditioned to just accept the status quo and just don't think things could be any different than they are now.
Thank God I use Dead Sea Scrolls.
25 seconds away is crazy
Thank God i use Grub Command Shell. I am highly unaffected by these stupidities
stupidities? In these parts we call these stupidities, Operating Systems
Updated mine even before the video finished. Thanks!
Canary in the coal mine for ladybird is when andreas quits.
0:55 It's on October 15, 2024 or Rabi' al-Akhir 12, 1446 AH and you're watching Fireship Videos about Firefox and T0r Browser with 9.8 CLE on the Code Report Series.
Up
Bruh this man is really using hijri, what's your birthday then? That's right you can't say a specific date because it's never the same each year, have fun being stuck in the 1400s 💀
Nonsense calendar
@@Cosine_Omak His birthday would be whatever date it was in the hijri calendar. You're probably one of those programmers that introduces a date related bug, if you even are one.
lol some people really gotta go out of their way to insult a calendar
Thank god I use smoke signals
ESET METIONED!!! SLOVAKIA MENTIONED!!! what more could a proud slovak want
RAHH 🗣️🗣️🗣️🗣️WHAT THE HELL IS A GOVERNMENT FREE OF CORRUPTION🗣️🗣️
i love eset
@@Pesikosse I do agree we have some major problems that need fixing but lets not focus on that
Not openly and unapologetic corrupt politicians? Educated people staying in the country to create higher tech business nationally? Not needing a trip to a neighbour for good healthcare?
@@Pesikosse slovaks feel like that type of nation who would bring their political problems and their unimportant existence (inferiority complex lol) even to fireship
Buddy I was in bed ready to sleep. This man made my boot up my pc and check my FF version. Thank god FF auto updated.
Same, mine was already at .02 but I updated it to .03 just to be safe lol.
You were only vulnerable in Firefox if you enabled "animation-timeline" property in about:config, which is disabled by default as an experimental feature 😂 Giant omission swooshed over every commenter here.
I use Brave browser and even if it gets hacked... still no ads on youtube and that alone makes it worth it.
Thank goodness I use the Telebit T1SA T1000 2400-9600 Multi-Speed Dial-Up Modem.
anyone else looking for "i use firefox" comments in that other video?
Thank God I use an Atari 800 with a 300 baud modem.
Are you sure that the versions you pointed out are the affected versions?
The sentenance is literally "Fixed in version Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1"
So shouldn't all of them be fine?
it meant that they had the vulnerabilities. Then they fixed it.
@unknowncoder7332 i don't think so. normally if something gets fixed it also gets a new version number. so it probably was the previous versions that had the vulnerability, then they fixed these and then released the fixed versions with the numbers that op and the video mentioned.
@@janeeisklar1443 Thanks for pointing out.
I use 115.16.1 esr version because I'm still using win 7. Am i still in danger?
And that's why I love Brave. And yes, even tho it's chromium based, it supports manifest v2.
There is conflicting information on how long they will support it or if that support will be full, but for now at least they have made it clear they aren't going to drop it in the _near_ future. It still needs to be seen what the final strategy looks like but for now, it appears that there will be continued support in some form.
My personal perspective is that they should just fully commit to being a divergent branch of chrome, and stop pulling updates from Google and start implementing new features themselves.
Thank God i only use the internet for TH-cam!
3:30
Wait... tails OS running on Firefox?
Was the merge handled by a kid named Miles by any chance?
0:12 now that's what you call a meem
Thank god i still use books to browse information
Thank god I use Internet Explorer
The god you thank is Nurgle, right?
@@az8560 nah, Khorne.
@@az8560 no, it's the cancer from Eri from My Hero Academia. -Anime Fan
Shit, I outed myself.
@@az8560 It is probably the Catholic God.
I write my own browser in scratch
Open source? More like self sourced.
Smoothest ad transition. Bravo
I checked my Firefox version immediately and saw that it was 133.0a1 while vulnerability only affects those who are lower than 131.0.2, meaning I'm safe.
P.S. I use Firefox Nightly, so I get faster updates but they might be unstable.
As this isn't a planned feature, having your version number being higher than the one were the fix was introduced doesn't mean anything
With auto-update turned on it should be fine anyway, but it would have been better if they had put a version number for the nightly build too in that post
Regarding the ad-blocking, I use the Brave browser, which has a blocker built in. It's also configurable, so I've got it set up to block 'Shorts' on here, which I think are brain-rot.
SAME
There's also extensions for blocking different TH-cam site stuff, but you have to check permissions and then whether you trust them or can keep track of changes including ownership.
Brave is Chromium based. They said they plan to keep supporting Adblock for now, but there’s no way to know how long that’ll continue to be the case.
@@Axqu7227 probably will switch to whatever Firefox is based off (I think it's called gecko) if the ban really happens
watching ads hurts me physically but I do it anyway to fool the thought police
Zen Browser mentioned 🗣
0:47 You literally said the opposite of what it says on the screen. The vulnerability was FIXED in 131.0.2, etc. By the way, thank god I am using Lynx on Amiga OS.
That's what he said