471

Debian used to be so good. What happened!? (lemmy.world)

submitted 4 months ago by renzev@lemmy.world to c/linuxmemes@lemmy.world

94 comments fedilink hide all child comments

Firefox on Debian stable is so old that websites yell at you to upgrade to a newer browser. And last time I tried installing Debian testing (or was it debian unstable?), the installer shat itself trying to make the bootloader. After I got it to boot, apt refused to work because of a missing symlink to busybox. Why on earth do they even need busybox if the base install already comes with full gnu coreutils? I remember Debian as the distro that Just Wroks(TM), when did it all go so wrong? Is anyone else here having similar issues, or am I doing something wrong?

you are viewing a single comment's thread
view the rest of the comments

[-] efstajas@lemmy.world 24 points 4 months ago

simply reading the browser agent isnt really security

It's not for their security, but for that of genuinely clueless people that are just running an actually outdated browser that might have known and exploitable security flaws.

[-] LeFantome@programming.dev 6 points 4 months ago

It is not about security at all. They do not want to test or support old browsers. So, they set a minimum version and tell you that you need to upgrade to that.

If they only support one browser, it is going to be Chrome. Chrome has more zero-day vulnerabilities than any other project I can think of. It is not about security.

[-] SpaceCowboy@lemmy.ca 3 points 4 months ago

Yeah if it were about security they'd check the version of HTTPS, SSL, TLS and all that stuff.

[-] efstajas@lemmy.world 2 points 4 months ago* (last edited 4 months ago)

Doing that would tell you nothing about whether the browser might have un-patched, known vulnerabilities elsewhere.

[-] efstajas@lemmy.world 3 points 4 months ago* (last edited 4 months ago)

How do you know this? Of course there are lots of reasons for why they'd want to enforce minimum browser versions. But security might very well be one of them. Especially if you're a bank you probably feel bad about sending session tokens to a browser that potentially has known security vulnerabilities.

And sure, the user agent isn't a sure way to tell whether a browser is outdated, but in 95% of cases it's good enough, and people that know enough to understand the block shouldn't apply to them can bypass it easily anyway.

this post was submitted on 23 Jun 2024

471 points (88.3% liked)

linuxmemes

21197 readers

118 users here now

Hint: :q!

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules (click to expand)

1. Follow the site-wide rules

Instance-wide TOS: https://legal.lemmy.world/tos/
Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html

2. Be civil

Understand the difference between a joke and an insult.

Do not harrass or attack members of the community for any reason.

Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.

Bigotry will not be tolerated.

These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.

3. Post Linux-related content

Including Unix and BSD.

Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.

No porn. Even if you watch it on a Linux machine.

4. No recent reposts

Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

poopsmith@lemmy.world

zephyr@lemmy.world

rtxn@lemmy.world