`0.0.0.0`.

On the one hand, convincing write-up and arguments.

On the other, I find it more plausible that CIA would cultivate this image than them actually having lost the art and game of spycraft.

> Guess what will happen then?

All metrics up! Will fit nicely in my promo packet.

Yes!

At least for now. Tried many browsers and Mullvad Browser and Konform Browser are the only two that I managed to beat them with. They both enforce bundled set of fonts like Tor Browser. Firefox and other forks are fingerprintable via variations in font rendering due to system fontconf or fonts differing.

This is only a thing for Chrome. You trust Google to protect user privacy towards websites in 2026..?

Firefox-based browsers not affected.

Hmm I opened linkedin in Firefox and ublock origin showed it blocked 4 items... then switched away and back and the counter was up to 12.

Is that enough blocking, I wonder?

Firefox uses randomised IDs for installed extensions, so the method highlighted won't work on Firefox. That's not to say they aren't trying other methods on Firefox.

Attack surface is narrower on Firefox. WebExtensions without DOM-visible traces cannot be detected.

I can foresee new subreddit rule: 'Stop complaining "This is turning into the orange site". Just report the slop.'

How the tables turn.

Sounds great until trivy images get compromised, like last week.

Hence why you source data from multiple vendors I'd say. Rather than putting all eggs in one basket

Or those people can (fund) separate repackaging and redistribution with more stringent and formalized review process.

Maybe not all users should pull all packages straight from what devs are pushing.

There's no reason we can't have "node package distributions" like we have Linux distributions. Maybe we should stop expecting devs and maintainers and Microsoft to take responsibility for our supply-chain.

A business or government can (should) separately package, review, and audit code without involving upstream developers or maintainers at all.