Safari is a lot more strict about cookies than Chromium or Firefox, it will straight up drop or ignore (or, occasionally, truncate) cookies that the other two will happily accept.

I had hoped when writing this article that Google would look at Safari and see that it was always strict about feel comfortable about changing to be the same. But doing so now would unfortunately break too many things for too many users.

Thanks for pointing that out -- I've updated the article and given you credit down at the bottom. Let me know if you'd prefer something other than "kibwen."

An unspecified "implementation detail" is essentially another way of saying that it doesn't work.

I've ported my account on ActivityPub a couple time, and it's a horrendous experience -- not only do I lose all my posts and have to manually move a ton of bits, but the server you port from continues to believe you have an account and doesn't like to show you direct links on there anymore.

The latter could probably be easily solved, the former needs to be built into the spec or it will continue to be broken.

100% agree with everything in your post. I don't see how it contradicts anything I've said though.

> the former needs to be built into the spec or it will continue to be broken.

Absolutely, but ActivityPub doesn't preclude that. There's no reason for that proposed feature to be incompatible with the spec., or to have to exist in an implementation that is incompatible with ActivityPub.

Fwiw Mastodon, the most popular ActivityPub implementation, is (as is often the case with open standards) not actually fully compliant with the spec. They implement features they need as they need & propose them. This is obviously a potential source of integration pains, but as long the intent to be compatible is still there, it's still a better situation.

and I believe CalcKey? is adding account content migration, which is why Eugen is suddenly talking about account migration again.

Platform keys are only required to be v2, as far as my understanding goes.

Yeah that's the minimum since Android 11 for system apps targeting API level 30+.

this is a terrible time of year for interviewing, most places won’t be adding headcount until january.

I recall the 'pandemic hiring spree' on my team did not start until Jan-Feb 2021. After that it took basically the whole year to complete. That company was famous for its speed and scale of pandemic hiring sprees.

To anyone who is job hunting now and finding a slow market: things will change, we will get through this.

(I work on GeckoView at Mozilla.)

about:config prefs are not "broken," but many of them work much differently in GeckoView than they work in desktop.

Setting some prefs to the wrong value could completely disconnect Gecko from the embedding app.

I guess we just have different definitions of what "broken" means, since disconnecting Gecko sounds fairly broken to me. :)

X25519 is the mechanism for using Curve25519. Software that uses OpenSSL all uses “X25519” and so it would be needlessly confusing to use other verbiage despite being more technically correct.

Both uBlock Origin and Tree Style Tabs (as well as Tab Center Redux, which I prefer) are already compatible with Firefox 57.

Tree Style Tabs was a recent update, so OP may have missed that.

You can do the same in Firefox. It's under Tools -> Web Developer -> Browser Toolbox.

Connections to the Mozilla Telemetry server are done over HTTPS, so all an interceptor would know is that you are sending Telemetry and not what that Telemetry is.

OK, fair enough. Then an adversary inside Mozilla that can intercept the data. I mean, the NSA is inside Mozilla, right? It'd be foolish, in my opinion, to assume that they're not. Such a juicy target, and all.