115

Are all the weird 'Pocket' articles on firefox as bleak for you? (hexbear.net)

submitted 2 years ago by cryptymythy@hexbear.net to c/chapotraphouse@hexbear.net

38 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] glans@hexbear.net 3 points 2 years ago

What are u talking about. Alexandrite runs in a web browser. Idk these others but the premise is insane so not checking.

U should at least get a browser like w3 or elinks if u r gonna be weirdo like this.

Dont go around posting that ppl should prefer clients vs web bc most clients ppl have r 1000% worse for privacy and tracking than web version of same site. Someone will read this and think fb app is better than fb in browser which at least can be configed to send less tracking.

[+] PaX@hexbear.net 1 points 2 years ago* (last edited 3 months ago)

[deleted]

[-] glans@hexbear.net 2 points 2 years ago

The premise is wrong because

99.9999% of "clients" are way worse than any browser for same service

so just throwing such advice around is wildly irresponsible. Examples given were

alexandrite for desktop - does not exist and if it did it would be what, an electron app?

Gemini - impossible or unweildy to use web browser anyway. gemini is a revamped gopher. You can access gemini via a web proxy but i doubt that is substantially worse than using a client https://geminiprotocol.net/clients.html either a proxy or client could contain malicious or sloppy code

neon modem - a github project with 9 contributors https://github.com/mrusme/neonmodem. it is a TUI interface for an itty bitty nichy part of the web. Cool to find out there is a tui for lemmy i will try it because i am a total weirdo not a normal person. It took me years to learn enough to be able much less willing to try a tui for fun.

So we have zero examples. Better but still not great example would have been reddit with 3PA prior to the API changes. Or mail cient vs webmail. Or usenet vs forums. Or bittorrent streaming vs netflix. Ytdlp vs youtube. Rss vs most other options.

Web is universal and low barrier. If you want to move to clients for everything youd have to rework every kind of function done on the web. Personally i like using special FLOSS clients when i can (like the lemmy client i am using right now) but i dont want it for everything. And a lot of the coziness with volunteer small groups of devs would vanish with any degree of popularity. A lot of the vulnerabilities that persist are pervasive to the internet and need systemic solutions like net neutrality and enforcement of regulations. Same problems could easily reproduce themselves with the proposed solution. Security thru obscruity sux.

[-] glans@hexbear.net 1 points 2 years ago* (last edited 2 years ago)

@PaX & @EatPotatoes I tried neonmodem. Was eventually able to login to hexbear.

username and password stored plain text wtf

who needs spyware with such abysmal security?
you are much better off with a web browser
no mention of this in the installer, the --help, the readme, the application
I only found it because I was trying to troubleshoot another bug so I looked in the config file
PR open since June 2023; no work since July
another PR by different user attempting to solve the same problem but it was closed due to existing (still today unmerged) PR
The devs are aware since many months. Have not even bothered in any way to alert users.
Lack of notice demonstrates total lack of concern for users which I'm sure is manifested in lots of other ways

Lots of people share computers, they have unencrypted hdds, they have auto cloud backup etc. Hopefully no need to describe all reasons why plain text credential storage is Bad.

Like the advice to prefer clients over web, this project in its current state is plain irresponsible.

Clear from the github/website that this is intended primarily to adhere to devs' aesthetic tastes and nothing more.