Btw how are they the only ones hopping on to XZ?? Like, everyone is switching to zstd currently.
Why do they not just ship normal packages (.deb, .rpm, etc.) or an official flatpak that functions properly?
The Flatpak is official.
But it doesn’t work properly.
How doesn’t it work properly for you?
Has no filesystem sandbox whatsoever. They just pretend it is fine, causing uBlue devs and others to think it is okay to remove native Firefox
Fixing their damn sandbox would be something truly useful.
Implementing a fork server so Flatpak AND Android Firefox can stop being fucking insecure for no reason.
Wow, they are going to zip it with a different algo. That’s fucking amazing!
Faster installation, I don’t know what I will do with all that extra time!
Plus, faster downloads, that’s even more free time.
Mozilla really know how to innovate.
Best company evvvvaaarrr
Yes, use the format that was almost backdoored a few months ago! I’m sure it has a very strong development team behind it! /s
I would call it the format that has the most eyes on it now.
My point is that it had an overworked maintainer who was easily persuaded into giving the project to someone else. I highly doubt it has gotten a solid team behind it now.
It wasn’t “easy” at all, they had to put in over 2 years of useful contributions before there was chance to insert the malware. If you’re worried just stay on an older version, it should still open new files perfectly fine.
It was easier than taking over zstd for sure
Yes, projects backed by multi-billion dollar companies do tend to be more resistant to that kind of attack.
Interesting, I always assumed they would be using a pretty optimal algorithm with their
.tar.bz2format, because they obviously benefit quite a bit from smaller downloads. Good to know that.tar.xzis actually better.XZ is quite slow for compression when single threaded. When run in parallel it uses a significant amount of RAM. It creates some of the smallest files and is fast to decompress compared to other well-compressed alternatives.
Source: https://linuxreviews.org/Comparison_of_Compression_Algorithms
