this post was submitted on 08 Aug 2024
20 points (95.5% liked)
Pulse of Truth
400 readers
62 users here now
Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
founded 10 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
anything those of us on linux should do in the meantime, or is this solely left up to which browser one uses?
Reading the article from the researchers it looks like these requests are specifically made using JavaScript, so maybe disable it? Maybe there’s a way to block JavaScript from making any requests of 0.0.0.0? Or start using a Chromium browser? It’s going to start rolling out as a trial beginning with version 128 and expected to be shipping by version 133. There’s been an open bug report for this in Firefox since 2006 but there’s been a debate about whether it was really an issue or not so it was closed and reopened several times and it sounds like they might have to add support for a whole new protocol that’s only a proposal and not a W3C standard or even on the standards track. I’m guessing this might not be fixed in Firefox very quickly.
If I use a browser based on Firefox (like Waterfox, Librewolf, or Ghostery) would that browser need to wait for Mozilla to fix it and inherit their fix, or could they address it in their own version of Firefox?