Comment by capitainenemo

17 days ago

... update. after reading the comments in the rust migration security bug, I saw they mentioned "only building in nightly for now"

I grabbed the nightly firefox, flipped the jxl switch, and it does indeed render fine, so I guess the rust implementation is functioning, just not enabled in stable.

... also, I see no evidence that it was ever enabled in the stable builds, even for the C++ version, so I'm guessing Zen just turned it on. Which... is fine, but maybe not very cautious.

3 comments

capitainenemo

Reply
awestroke  17 days ago

zen browser is pretty much vibe coded

  • nar001  17 days ago

    Do you have any proof/more about this? I've never heard this claim and I'd like to know more

    • awestroke  16 days ago

      1. Zen Browser had remote debugging enabled by default and disabled the security prompt for it. Extreme incompetence or malice? https://github.com/zen-browser/desktop/pull/927

      2. Social trackers are selectively allowed, unsigned extensions are enabled by default, and Enhanced Tracking Protection isn't fully implemented.

      There's just a theme of incompetence, trying to cover it up and just in general being clueless about security.