Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://freesoftwareextremist.com/objects/8573ec3e-963c-4e8f-b624-f369f0088d8f">GNU/Gabi (gabi@freesoftwareextremist.com)'s status on Monday, 17-Feb-2025 21:37:00 JST</a><a href="https://freesoftwareextremist.com/users/gabi" title="gabi@freesoftwareextremist.com"><img src="https://gnusocial.jp/avatar/315052-48-20250112143912.webp" width="48" height="48" alt="GNU/Gabi" style="position: absolute; left: 0; top: 0;">GNU/Gabi</a><div><a href="https://freesoftwareextremist.com/objects/8e8c2214-baad-4883-b32c-e52df3c93b2d" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/250890" title="sally@freesoftwareextremist.com">𝅙𝅙𝅙𝅙𝅙𝅙𝅙𝅙</a></li><li><a href="https://gnusocial.jp/user/256239" title="teto@cawfee.club">racist teto</a></li></ul></div></section><article><a href="https://freesoftwareextremist.com/users/Suiseiseki">@Suiseiseki</a> <a href="https://freesoftwareextremist.com/users/sally">@sally</a> <a href="https://cawfee.club/users/teto">@teto</a> <br>&gt;If you want privacy, you want to use Tor Browser<br>You should also disable JavaScript, do not load custom fonts, enable tracking protection, isolate requests to first-party domains, spoof referers, and block third-party requests. Make sure Geolocation and WebGL are disabled.<br><br>Remember that the WWW is extremely vulnerable. Even CSS can pose a risk. Disabling JavaScript removes many threats, but HTML and CSS can still be exploited in browser-targeted attacks. <br><br><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=574059">https://bugzilla.mozilla.org/show_bug.cgi?id=574059</a></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4580498#notice-8967589">In conversation</a><time datetime="2025-02-17T21:37:00+09:00" title="Monday, 17-Feb-2025 21:37:00 JST">about 3 months ago</time> <span>from <span><a href="https://freesoftwareextremist.com/objects/8573ec3e-963c-4e8f-b624-f369f0088d8f" rel="external" title="Sent from freesoftwareextremist.com via ActivityPub">freesoftwareextremist.com</a></span></span><a href="https://freesoftwareextremist.com/objects/8573ec3e-963c-4e8f-b624-f369f0088d8f">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: bugzilla.mozilla.org</div><h5><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=574059">574059 - (CVE-2010-2752) nsCSSValue::Array index integer overflow (can lead to remote code execution via CSS font-face) (ZDI-CAN-831)</a></h5><div></div></header><div>RESOLVED (dbaron) in Core - CSS Parsing and Computation. Last updated 2010-08-10.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
GNU/Gabi (gabi@freesoftwareextremist.com)'s status on Monday, 17-Feb-2025 21:37:00 JSTGNU/Gabi
in reply to
@Suiseiseki @sally @teto
>If you want privacy, you want to use Tor Browser
You should also disable JavaScript, do not load custom fonts, enable tracking protection, isolate requests to first-party domains, spoof referers, and block third-party requests. Make sure Geolocation and WebGL are disabled.

Remember that the WWW is extremely vulnerable. Even CSS can pose a risk. Disabling JavaScript removes many threats, but HTML and CSS can still be exploited in browser-targeted attacks.

https://bugzilla.mozilla.org/show_bug.cgi?id=574059
In conversationabout 3 months ago from freesoftwareextremist.compermalink
Attachments
1. Domain not in remote thumbnail source whitelist: bugzilla.mozilla.org
  574059 - (CVE-2010-2752) nsCSSValue::Array index integer overflow (can lead to remote code execution via CSS font-face) (ZDI-CAN-831)
  RESOLVED (dbaron) in Core - CSS Parsing and Computation. Last updated 2010-08-10.

Public

Embed Notice

HTML Code

Corresponding Notice