![]() ![]() I can't seem to get an alleged sample to analyse (feel free to contact me at ckaiser at floodgap dawt com if you can provide one) but the source for that assertion appears to be this tweet.Ĭan that file run on a Power Mac? It appears it's indeed a PowerPC binary, but the executable format is ELF and not Mach-O, so the file can only run natively on Linux or another ELF-based operating system, not PowerPC Mac OS X (or, for that matter, Mac OS 9 and earlier). What caught my eye in the article was a report of PowerPC builds. There have been other experimental ransomware samples that have previously surfaced but this may be the first known example of a prominent operation specifically targeting Macs, and it is almost certainly not the last. Wired ran an article today (via Ars Technica) about apparent macOS-compatible builds of LockBit, a prominent encrypting ransomware suite, such as this one for Apple silicon. The next ESR (Firefox 115) comes out end of June-early July, and we'll do the usual root updates then. If you were using this for a particular site that lays out better with grid on, post the URL to issue 659 or in the comments and I'll consider adding it to the default set (or add it yourself in about:config). If you set the global pref to false, however, then CSS grid is disabled everywhere. This pref is now true, but unless the URL hostname is in the whitelist, CSS grid will still be disabled dynamically and is never enabled for chrome resources. This will change things for people who set the global pref to true, which we have never shipped in TenFourFox because of (at times significant) bugs in the implementation. The other issues on that page are unrelated to CSS grid. That's because there's a whitelist entry now in TenFourFox that allows grid automatically on (a new. preference defaults to true which is checked for by new code in the CSS parser, and there is also an entry in the problematic scripts filter to block the script that ends up blanking the page when it bugs out). After you build with the updates, you'll notice that while the page still doesn't lay out perfectly right, you can now actually read things. Go ahead and try to read that article with the current build before you pull the changes and you'll notice that the page has weirdly scrunched up elements (before a script runs and blanks the whole page with an error). CSS grid layout is a more flexible and more generalized way of putting elements on a page than the earlier tables method. Firefox 45, which is the heavily patched underpinning of TenFourFox FPR, has a partially working implementation of CSS grid as explained in this MDN article. ![]() However, there is one feature update in this patchset: a CSS grid whitelist. ![]() As always, if you find problematic fonts that need to be suppressed, post them to issue 566 or in the comments, but read this first. There is also an update to the ATSUI font blacklist. Most of these patches are security-related, including one that prevents naughty cookies which would affect us as well, though the rest are mostly crash-preventers and would require PowerPC-specific attacks to be exploitable. You'll have to do that for the new ESR when that comes out in a couple months, but I'll spare you that today. (If you're new to rolling your own TenFourFox build, these instructions still generally apply.) I've tried to limit their scope so that people with a partial build can just pull the changes ( git pull) and gmake -f client.mk build without having to "clobber" the tree (completely erase and start over). As promised, there are new changesets to pick up in the TenFourFox tree.
0 Comments
Leave a Reply. |