Nonsense video, underlying problem is monopolies and private companies who develop the standards, not what browser you use.

If the standards are fully open, transparent and not concerning then it would make no difference if you use chrome and firefox because everyone would use same basis.

Also chromium team is not purchased or owned by Google, most volunteers are normal people, developers or security researchers that code on it in their free time. You can fork, modify the source as you please but that does not change the argumentation about web standards and how build or control them.

I understand that you are upset, because annoying ads are always bad. However, I think if that is optional via opt-in it maybe, maybe can help smaller developers assuming the ads are well placed.

I use Brave + ads enabled and I do not mind a small mini popup. Sometimes I see some news because of that which I reshare, so it actually helps me. What I want to say is, that when ads are well placed and not annoying or malwaretised I see not much issue to place them in an app as long it is not privacy invasive, I think that is the real challenge here. Because ads have a history of malwaretising. Brave fights this by filtering ads trough their proxy, there is a review for every new ad provider. I see here the issue with a normal unfiltered app, imagine your 8 years old kid gets a XXX ad or clicks on malware stuff.

THAT is what I am worried about.

Why, even FOSS needs support. See OBS Studio, Wikipedia etc. Without supports good projects go to waste.

• Developers can decide to introduce it in their apps or not. I am sure not every QT developer will adopt this.
• People will be able to opt-in, opt-out. I am pretty sure they provide us with an option.
• Most people do not donate, so an additional income thing could help.
• The other option would be crypto.

We are not talking about MS who introduce ads in Explorer which need some ad-blocking, hosts or registry hacks. Linux is more transparent and there will be options to control this.

Do I like it, nope. But it is better than alternatives to shutdown project because lack of funding or struggling to expand because only few people are willingly to donate.

PrivacyClowns are amateurs.

Skip them and follow me, you learn much more within 1 week or money back… kek. I do not censor legit submissions, never have, and never will.

Mirrored your post 🤗.

We have already systems to notify users.

• Most IT Professionals are aware that Kerberos, SMB and Co. is a hole for issues, it is nothing new to them.
• We have social media, Reddit or your linked HN Website, what makes you think people are faster submitting new stuff to GitHub, well there is no difference, if you post it on Twitter, GitHub or what, people need to find that first.
• We already have CVE databases you can look up for years.
• On huge events, even TV news will do.
• People exploit the moment the ghost is out of the bottle, it is all about preventation as well as management. News alone is not enough.
• Notify users about each new attack and leak will result that people care less because they feel helpless and think … oh okay, just another daily attack.
• Log4j was over-hyped, like most things, most software that normal people use like Browser were never affected, using a hyped problem as example how slow something is, is seriously no real argument because IT-Professionals need time to review the findings before coming to conclusions.
• High reputation software such as Thunderbird are less to be affected, because they patch things first, they have huge user-base. You see this in every changelog when they fix security issues.
• Saying that SMS or what is maybe expensive is weird, if you target professionals, no professional will reg via SMS or in other words his phone number. Typical use case is RSS which is cheap.
• There are 0-days sold on the black market that are being used for months, you never hear from them and they have much bigger impact, usually because people who code them keep their source closed or even if they sell them, people have no interest to pay a lot of money and then leak it for free to the public, in most scenarios, there are white-hats of course, they abuse it. The argumentation that just because something is out for hours is unprofessional. Google, MS etc. have disclose time between 60 and 90 DAYS before they do something.

I like that you try to do something, but it would be better joining existent solutions instead of creating another services that might vanish into the void like half of the rest who tried. GitHub is also pretty unchill regarding malware, if you post something that can directly used to exploit GitHub or others, they will close your repo without any warning in advance.

If your target are admins then consider making this more clear, otherwise people will use this information and use it to exploit others.

Bugalert does not look so hot …