not saying its not moving in the right direction but i feel a lot of these things that are now security defaults are a bit oversold considering a lot of people seem to rely on them being enabled and will just enable them again to the same effect. so theres not really more security.
ofc, better defaults are better theres no argument there. just feel like the whole approach of these tools to allow arbitrary code execution and remote resources by design is the really issue,.not the default settings. (ofc, i have no solution for it too!)
not saying its not moving in the right direction but i feel a lot of these things that are now security defaults are a bit oversold considering a lot of people seem to rely on them being enabled and will just enable them again to the same effect. so theres not really more security.
ofc, better defaults are better theres no argument there. just feel like the whole approach of these tools to allow arbitrary code execution and remote resources by design is the really issue,.not the default settings. (ofc, i have no solution for it too!)
[flagged]