If you're running on kubernetes, a simple network policy and blocking the container from using DNS will stop any compromised image from performing a data exfill.

I do this for most containers.

If the container must have web access in some form, setup a squid proxy and only whitelist safe and trusted domains that can't be exfilled to.

Which was recently replaced by Aptos!

Missing vertical taskbar is probably the most egregious omission, but it's not so much they took it away as it is they created versions of a number of Windows Explorer components in a higher-level technology without implementing half the features and shipping it with 50x the number of bugs. I at least weekly (and often daily) run into issues with taskbar icons overlapping one another, menus not coming up when clicked, the tray icons breaking, etc.

Same story with navigating the file system--the new implementation has a multitude of issues, including getting into a state where clicking files to select them only works below a certain invisible horizontal line in the window, windows not refreshing when files have been added/removed, trying to rename a file you just copied being an exercise in frustration with the view refreshing and exiting the rename state 5 - 10 seconds after the copy, the address bar breaking in about a dozen different ways... it's really frustrating software that's a full few tiers down from the quality standard set by Windows 10 and previous versions.

It's gotten slightly better since the initial Windows 11 release, but it still feels like pre-release quality software. I was hoping they'd get it up to release quality and add the important features back by the sunset of Windows 10, but it looks like Microsoft really doesn't care about the quality of the experience of using their UI.

If it were only missing the vertical taskbar as a design decision that would be one thing, but instead it's the very obvious tip of an iceberg of lack of user focus, care, quality, resourcing, and skill. They don't add it back because they know in their current state they're not going to do it well, and the money's in dreaming up new ways of force-feeding trash "news" and promotions anyway, not in helping you get things done and providing a well-functioning tool and bicycle for the mind. What if someone put the taskbar on the left side of the screen, it interfered with them seeing the clickbait brainrot of the widgets "feature", and Microsoft didn't get its average $.0003 for each interaction?

No mention of ProtonMail or Tuta.

That’s not quite the whole story. Appendix C of the XHTML 1.0 specification provides HTML compatibility guidelines:

> This appendix summarizes design guidelines for authors who wish their XHTML documents to render on existing HTML user agents.

— https://www.w3.org/TR/xhtml1/#guidelines

And RFC 2854, which defines the text/html media type, explicitly states this is permissible to label as text/html:

> The text/html media type is now defined by W3C Recommendations; the latest published version is [HTML401]. In addition, [XHTML1] defines a profile of use of XHTML which is compatible with HTML 4.01 and which may also be labeled as text/html.

— https://datatracker.ietf.org/doc/html/rfc2854#section-2

However even browsers that support XHTML rendering use their HTML parser for XHTML 1.0 documents served as text/html, even though they should really be parsing them as XHTML 1.0.

But yes, that extra slash means something entirely different to the SGML formulation of HTML (HTML 2.0 to HTML 4.01). HTML5 ditched SGML though, so SHORTTAG NET is no longer a thing.

  <h1>Hello<br />world</h1>

  [H1] Hello>world

The linked blog post about the smallest possible valid (X)HTML documents is noteworthy, if only for the fact that a surprising amount of people adamantly refuse to believe that they are valid. Even when you think you have gotten through to them with specifications and validators, a lot of people will still think “yeah, but it’s relying on error handling though”. I’m not sure why “HTML explicitly permits this” will not be tolerated as a thought and somehow transforms into “HTML doesn’t permit this but browsers are lenient”. It’s a remarkably unshakeable position. And even the people who are eventually convinced that it’s valid still think that it is technically incorrect in some unspecified way.

Launched by CERT? I can't find anywhere (CERT website, github) these are related. Do you have sources?

AFAIK it's one of those W3C versus WHATWG/browser vendor things. The spec has an algorithm, no browser actually implements it faithfully, and when browsers were still competing with each other nobody was going to break half the web to be spec compliant. The problem started decades ago (https://html5accessibility.com/stuff/2022/04/05/12-years-bey...).

I agree and I'd like to know what's your take on the Fira font family? I've configured my desktop and browser to use this font and now I can't go back. Subjectively I kind of developed a little crush on that font and I'm interested if it also has technical merit or if I'm just making things up in my mind.