saibotk boosted

11% of downloads from npm have a critical known vulnerability so pretending JS isn't happening is going to lead to a major security incident at a big company really quite soon. This will hurt JavaScript in general, not just that company.

Show thread
saibotk boosted

Too few people are aware of JavaScript browser fingerprinting libraries: valve.github.io/fingerprintjs2 and beaverbird.com/ are just two examples of OSS ones. What @kdzwinel@twitter.com says: your browser’s private mode is _not_ private. #Privacy
RT @kdzwinel@twitter.com 🎵 Private mode is not private 🎵

Mastodon

The original server operated by the Mastodon gGmbH non-profit