Tootfinder

AI browsers, still far from making legacy browsers obsolete, are forcing web developers to rethink whether they are designing websites for humans or for robots (Natalie Lung/Bloomberg)

Thrilled to see more tests for real-world `aria-label` exposure:
https://www.maxdesign.com.au/articles/aria-label.html
But ARIA outlines what roles disallow `aria-label` (§5.2.8.3):

Spent the day figuring out how to create macOS "web apps" from the command line (like old-school Fluid site-specific browsers, SSBs - accessed via the "Add to Dock" button in Safari.)
Here, have my shat-out half-AI-written script for this, since I couldn't find anybody else having done this after scouring the internet high and low:

System/Scripts/create-safari-webapp.swift at main · ELLIOTTCABLE/System
dotfiles, handy scripts, and new-system configuration stuff - ELLIOTTCABLE/System

@… FYI
rxappdev/RememberWindowPositions: Remember window positions for apps in KDE Plasma 6 . Especially useful for multi-window applications such as browsers. — <https://

Is there a known solution to send a link from any non-Safari #macOS browser to Safari's Reading List? This is possible on the iPhone as part of the Share actions.
I'm mostly interested into how to do this from Chrome and Firefox based browsers.
\(^-^)/

Not Every Browser is Built on Chrome: Explore These Firefox-based Options
Think all popular browsers out there are Chromium based? Take a look at this Firefox-based options.
— by @…
🦊 https://

Not Every Browser is Built on Chrome: Explore These Firefox-based Options
Think all popular browsers out there are Chromium based? Take a look at this Firefox-based options.

WebKit browsers see telephone numbers everywhere
#WebKit

There's a video going around social media today showing an individual in Minneapolis being killed by American "ICE" personnel. In many cases, there's no content warning, and it (and other videos) will automatically play in most apps and browsers by default.
If you happen across it, or other traumatic videos, and it causes intrusive thoughts, I've seen credible sources saying that real and good advice to counter them is to play Tetris.

Just me trying to reconcile Baseline listing `<track>` as “widely available” and all browsers shown with green checks when down the page there’s an entire row of red Xes for one of the core accessibility features of `<track>`.
#HTML #accessibility

Find of the day: Horse Browser - a browser for people with #ADHD (or who like organization in general). Interesting concept. https://browser.horse (via @…

Feeling Overwhelmed by Normal Browsers? - Horse Browser
Browse naturally with Horse, the browser designed for ADHD minds that think in Trails®, not Tabs. Explore every tangent and follow your curiosity, your path back is always visible.

from my link log —
OpenWV: Open reimplementation of Google's Widevine Content Decryption Module for browsers.
https://github.com/tchebb/openwv
saved 2026-01-23 https://<…

GitHub - tchebb/openwv: Open reimplementation of Google's Widevine Content Decryption Module for browsers
Open reimplementation of Google's Widevine Content Decryption Module for browsers - tchebb/openwv

Guten Morgen,
heute ist Lesetag, denn ich habe Zeit und vor allem Lust, mal wieder alle Lesezeichen meines Browsers zu checken und nachzusehen, wo es neue Infos gibt und welche Lesezeichen ich schrotten darf. Danach gibts eine Sicherung und gut.
Sonst wird glaub ich nichts aufregendes geschehen. ;-)
Schönen Donnerstag :coffeepot: 🙂

OpenAI details efforts to secure its ChatGPT Atlas browser against prompt injection attacks, including building an "LLM-based automated attacker" (Rebecca Bellan/TechCrunch)
https://techcrunch.com/2025/12/22/openai-say…

OpenAI says AI browsers may always be vulnerable to prompt injection attacks | TechCrunch
OpenAI says prompt injections will always be a risk for AI browsers with agentic capabilities, like Atlas. But the firm is beefing up its cybersecurity with an "LLM-based automated attacker."

So it's been pointed out that steve, the #jobserver, doesn't have a #logo. Here's a first approximation. Made in #Inkscape, using lines and fonts (the apples are from Noto Sans, I think). I also have an SVG version but browsers mess it up by substituting the apples for some colorful emojis with incompatible metrics. I've added a bright background, since the actual transparent background doesn't work on black (which seems to be Mastodon default).

Back in 1991 or so, during renovations, they took down a wall in the Engineering Building and discovered a rack of Sun servers happily doing their job, apparently so well, at some point they were walled up with drywall!
I do remember uptimes in the hundreds, even thousands of days, but it's fuzzy. Lately having more than a month without kernel upgrades seems rare, and browsers rarely last a month.
If all the sysadmins in the world took their lunch hour at the same time, would civilization survive?

California law regulating web browsers could have national data privacy impact, experts say https://therecord.media/california-web-browser-law-national-implications

https://justthebrowser.com/
"Just the Browser helps you remove AI features, telemetry data reporting, sponsored content, product integrations, and other annoyances from desktop web browsers. The goal is to give you just the browser and nothing else, using hidden settings in web browsers intended for com…

The Atlanta Journal-Constitution, which had about 75K digital-only subscribers and 40K print subscribers, ends its print edition after 157 years (Kay Powell/Atlanta Magazine)
https://www.atlantamagazine.com/news-cultu

An obituary for the AJC's print edition, from its legendary obituary writer
The Atlanta Journal-Constitution print edition, 157, dies on December 31, 2025, succumbing to burgeoning digital news coverage. No service is planned. The paper’s survivors will include 40,000 Atlanta Journal-Constitution print subscribers. In lieu of flowers, readers are asked to refresh their browsers.

Check out today's Metacurity to stay up-to-date on the critical infosec developments you should know, including
--The interim head of CISA uploaded sensitive documents to ChatGPT,
--Koreans to be notified of possible data breaches,
--Operations at Russian security systems outfit were disrupted by a cyberattack,
--EU-India security deal omits hackers-for-hire,
--Threat actors exploit a high-severity vulnerability in WinRAR,
--Mustang Panda can steal logi…

The interim head of CISA uploaded sensitive documents to ChatGPT
Koreans to be notified of possible data breaches, Operations at Russian security systems outfit were disrupted by a cyberattack, EU-India security deal omits hackers-for-hire, Threat actors exploit a high-severity vulnerability in WinRAR, Mustang Panda can steal login data from browsers, much more

Ok, something other than politics for a minute. Browsers.
I started daily driving Gnome Web around the time the new Mozilla CEO announced the AI-heavy focus for the company going forward. I'm not having any problems with WebKit as a rendering engine, but I think the interface leaves a bit to be desired for my uses. Here's my complaints.
- The interface takes up too much screen real estate on small laptop screens
- Bookmarks are currently not even working for me
…

He visto esta comparativa de navegadores y me parece sublime https://lemmy.sdf.org/post/30262814

RE: https://mastodon.social/@firefoxwebdevs/115933745141491485
Periodic reminder that despite relentless Chrome propaganda, a lot of innovation in web browsers comes from Mozilla and Apple.

@… is just the way you want it, but they can still improve 🖖 When one adds a new persona (instead of using 3 different browsers like I did so far), vivaldi thinks I'm a new user and starts to bombard me with their "newsletter" introduction mail. Fortunately, disabling is one click. But a nice challenge: How can they find out that you already exis…

I’m done with my #Mac storage cleanup.
I deleted:
- cache for two Adobe apps that have been uninstalled months ago (After Effects and InDesign)
- cache and apps for two browsers I haven’t used in months (Chrome and Arc)
- cache for a Mail account that I haven’t opened in years
As a result, I cleared 227Gb of local storage and deleted 370,000 files.
Kind of crazy how much bloat accumulated from so few apps.

Yup
https://mastodon.social/@counternotions/115607078621499587

Want to get rid of unwanted stuff in your webbrowser - like telemetry or #ai
There's a git project for FF, Chrome and Edge and a website:
https://github.com/corbindavenport/jus

Just a web #browser, please
https://www.heise.de/en/news/Just-a-web-browser-please-11143198.html

If anyone is curious about when the other browsers update, I (well my bot) has got you covered:
https://social.vivaldi.net/@browserversiontracker

We are running out of browsers which are useable …
Mozilla's New CEO Bets #Firefox's Future on #AI - Slashdot

If all iOS browsers are based on the Webkit (or whatever that Apple mandatory underlying tech is named) shouldn’t they respect the Screen time limits?
Or is this just another of Apple’s half-assed solutions?

Just the Browser helps you remove AI features, telemetry data reporting, sponsored content, product integrations, and other annoyances from desktop web browsers. The goal is to give you "just the browser" and nothing else, using hidden settings in web browsers intended for companies and other organizations.
https://justthebrowser.com/

Each week, Metacurity is pleased to offer our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush.
Check out this week's selection, which includes
--Kids turn from cybercrime to real-world violent thefts,
--How retailers profit from crypto ATM scams,
--Integrated web browsers are insecure out of the box,
--An MIT railroad club led to modern-day hackers,…

Best infosec-related long reads for the weeks of 12/13/25, 12/30/25, and 1/3/26
Kids turn from cybercrime to real-world violent thefts, How retailers profit from crypto ATM scams, Integrated web browsers are insecure out of the box, An MIT railroad club led to modern-day hackers, AI coding tools are susceptible to attacks, LLM guardrails are inherently exploitable

Is there an easy way for devices to automatically get certificates on a network?
I have various local sites I want to put https on to shut browsers up but don't really want to have to go around every device and install a certificate if possible.
If anyone has any ideas, it'll be very helpful!
#https

This looks very useful but I‘m reluctant to share this. Every computer tip that is just „open an admin terminal and enter this command that executes stuff right from a github URL“ is dangerous. Even if that one is OK - it teaches people that this kind of thing is not a super red flag for malware exploits. https://toot.communi…

Die Instanz https://bayerwald.social läuft jetzt mit Softwareversion v4.5.1
https://github.com/mastodon/mastodon/r

Release v4.5.1 · mastodon/mastodon
This is a patch release for 4.5. Check out the 4.5.0 release notes for information. Changelog Fixes Fix Cmd/Ctrl + Enter not submitting Alt text modal on some browsers (#36866 by @diondiondion) Fi...

Nur. Ein. Browser. 🤬
Als wenn sie eine einzige Fachanwendung haben, deren Komplexität auch nur im Ansatz an ein Tausendstel dieses Browsers heran reichen würde.
(Quelle: https://heise.de/-11088687)

IIRC, Shadcn is a Vercel gig, so of course it’s both spaghetti code and wrong.
“The Incredible Overcomplexity of the Shadcn Radio Button”
https://paulmakeswebsites.com/writing/shadcn-radio-button/

The Incredible Overcomplexity of the Shadcn Radio Button
Radio buttons are built into web browsers. Why are we using a UI library that wraps another UI library that rebuilds radio buttons from scratch? Why does rendering a radio button require multiple dependencies and several kilobytes of JavaScript? How did we make a built-in browser control so complicated?

Security company Koi finds browser extensions with 8M total installs that collected users' conversations with AI chatbots and sold them for marketing use (Dan Goodin/Ars Technica)
https://arstechnica.com/security/2025/1…

Browser extensions with 8 million users collect extended AI conversations
The extensions, available for Chromium browsers, harvest full AI conversations over months.

One thing which is annoying about Vivaldi and also Firefox and presumably also all the other Android web browsers is the way the "Add To Homescreen" button works on pages like Mastodon which are Progressive Web Apps.
If you add the shortcut to the homescreen then it opens as a WPA which means the browser stuff is all gone and hidden. No back button. No way to bookmark. No way to launch a link in a new browser window etc.
Ought to be two separate buttons for "Add a link to the homepage" vs "Add this app as an app to the homepage" but there isn't.
You can get around this by turning on airplane mode and adding a link to the error page to the homescreeen, which then works as a link to the website in the browser, not a WPA app, when you're online again.
I did this to the links I use with Vivaldi before I realized it's proprietary and so will not do.
Trying to rebuild them as Firefox links again and sadly something is broken now. Won't add the error page. Tells me the pixel launcher is crashing.
So I can't have the old web bookmark links to pages in WPA apps. Boo. 😦

But in all seriousness, take it with a pinch of salt and check with the vendor directly if you really care. Checking this stuff is hard.
Honestly, at best I can really only say, "I *think* the others have not updated but I may be wrong."
Also expect bias when I talk about competitors [and expect the same from representatives of other browsers].

from my link log —
Can I use HTTPS RRs?
https://www.netmeister.org/blog/https-caniuse.html
saved 2025-12-12 https://dotat.at/…

Can I use HTTPS RRs?
A quick summary of which browsers support RFC9460 HTTPS DNS records and to what extent as of December 2025.

Don't miss today's Metacurity for a concise round-up of the most critical infosec developments you should know, including
--UK's NCSC warns of Russian-aligned hacktivist groups,
--UK and China enter a forum to discuss cyberattacks,
--Makina Finance lost $4.2m in an exploit,
--Ingram Micro report ransomware attack affecting 42k,
--Minnesota DHS breach affected 304k,
--SK Telecom appeals $91m fine,
--NexShield malvertising campaign crashes b…

UK's NCSC warns of Russian-aligned hacktivist groups
UK and China enter a forum to discuss cyberattacks, Makina Finance lost $4.2m in an exploit, Ingram Micro report ransomware attack affecting 42k, Minnesota DHS breach affected 304k, SK Telecom appeals $91m fine, NexShield malvertising campaign crashes browsers, much more

What the fuck is with web sites/ browsers asking for local network device access lately