Surprised that it took this long. The old app has been on life support for a long time.

Doesn't make sense to support two control applications. The one with better built-in marketing was always going to be the clear winner.

Monday...

I was using Lynx and thankfully the haven't implemented Web Serial / USB shennanigans otherwise it'd eat my mouse.

"Unlike Flipper Zero" is a pretty big understatement, they feel like very different classes of devices. The open everything dual ARM machine + RP2350 microcontroller with GPIO in a battery powered portable form factor very interesting. Guessing there's going to be a price premium for this type of swiss army knife, but I think they proved with the Zero that they can deliver to unique markets like this.

I'll say that I'm interested, where I had little interest in the Zero. It's different than the rest of my collection random of project hardware (Arduinos, ESP32s, and Pis). An all-in-one project toy that fits in a pocket seems pretty nifty.

I have a hard time reading talking about classes of "browsers" not really meaning or including the engines. So then I didn't jump into the weeds about engines in my comment (and if we want to get into the weeds, Blink isn't the Chrome JS engine that's V8). But yes, the engines are of course the harder part.

This is why I do all of my browsing from Lynx

You aren't going to find me disagreeing with you on that point.

Just the second point is that if you had the extension and the app open, you'd be screwed. So by the time there's any announcement, avoidance is already moot and the package already removed from the extension store. Any extension right now is vulnerable to the same attack.

There's a ton of things, most of them incremental improvements that make it either easier to work with, faster, prettier, or safer. WebAssembly, CSS Grid / Flexbox implementations, CSS variables, WebRTC, the list goes on...

Even when they start to fail, they'll still find dollars for the lobbying that keeps the system broken.

The issue id is 40062121 and the latest one is 515156127. So they weren't adding it, but just accidentally marked the a 4+ year old original S1 vuln as public.

Hard to find an explanation besides just being a very embarrassing oopsie daisy. Lucky the researcher was watching it and excited to show off their work.

Just don't install it from the optional Extensions package repo (which seems to basically be their approved downstream of EPEL).

With Intuit it would be hard to get worse, but I am not holding my breath.

It wasn't a statement on the power of AI nor that a FOSS command client that can talk to multiple agents rather than something like Claude isn't nifty. But that every announcement needs to have AI in it, to the point that AI is mentioned more often than earnings on earnings calls.

And that in this case, adding a community developed application that already has an rpm package to their extra packages repo isn't exactly noteworthy.

Inconceivable.

Well in context this article, looks like you could hook up goose to Qualys' data through this community MCP server..