this post was submitted on 06 May 2026

119 points (100.0% liked)

Technology

6748 readers

616 users here now

News community around technology, social media platforms, information technology and governmental policy surrounding it.

What doesn't fit here?

The core of the story has to be technology focused.

If article mentions "AI" in a sentence and then talks about business economics that doesn't make it tech news.
Gaming is too many layers removed from technology. There are many dedicated communities that are a better fit for it.
Transporation is too many layers removed from technology. EVs while use many cool technologies have many dedicated communities that are a better fit for it.
Entertainment is too many layers removed from technology. While sometimes it can fit here, business or cultural aspects of it are a better fit for dedicated communities.
Cybersecurity. While it heavily focuses on technology, most of the time it's too technical for most people who are not already invested in it. Should be posted in a dedicated communities unless it has broader connection to other tech areas.

Post guidelines

Title format

Post title should mirror the news source title. If you don't like the title of article, look for an alternative source instead of editorializing it.

URL format

Post URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.

[Opinion] prefix

Opinion (op-ed) articles must use [Opinion] prefix before the title. Opinion articles refer to articles that their publisher doesn't explictly endorse.

Country prefix

Country prefix can be added to the title with a separator (|, :, etc.) if the news is from a local publisher who doesn't clearly mention the country.

Rules

1. English only

Title and associated content has to be in English.

2. Use original link

Post URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.

3. Respectful communication

All communication has to be respectful of differing opinions, viewpoints, and experiences.

4. Inclusivity

Everyone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.

5. Ad hominem attacks

Any kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.

6. Off-topic tangents

Stay on topic. Keep it relevant.

7. Instance rules may apply

If something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

!globalnews@lemmy.zip
!interestingshare@lemmy.zip

Icon attribution | Banner attribution

If someone is interested in moderating this community, message @brikox@lemmy.zip.

founded 2 years ago

MODERATORS

BrikoX@lemmy.zip

119

Edge may reportedly leak all your passwords easily and Microsoft says it's "by design" (www.neowin.net)

submitted 1 week ago by BrikoX@lemmy.zip to c/technology@lemmy.zip

9 comments fedilink hide all child comments

Edge stores passwords in plaintext memory at startup; a tool has been released to test against the flaw.

all 10 comments

sorted by: hot top controversial new old

[–] rando@sh.itjust.works 16 points 1 week ago (1 children)

Use a real password manager people

[–] craneum_@lemmy.zip 17 points 1 week ago

*operating system

[–] possiblylinux127@lemmy.zip 11 points 1 week ago (1 children)

This requires reading application memory

[–] kogasa@programming.dev 17 points 1 week ago* (last edited 1 week ago) (1 children)

Seems like a pretty basic security precaution to avoid loading decrypted secrets into memory before they're needed. Someone who can access application memory can already own you but there isn't really a good reason why they should be able to access secrets that you never accessed while they were in.

I wouldn't say it's an alarming flaw, just seems weirdly and unnecessarily unsafe

[–] possiblylinux127@lemmy.zip 2 points 6 days ago (1 children)

At some point they will need to be decrypted anyway

I think this was done for performance and simplicity

[–] kogasa@programming.dev 2 points 6 days ago

Yep, and at that point they will be in memory until a reasonable time to clean up. But decrypting the whole password database and leaving it there forever seems needlessly unsafe.

[–] ejs@piefed.social 4 points 1 week ago* (last edited 1 week ago)

TIL: If you cat /proc/sys/kernel/yama/ptrace_scope on your linux distro:

0: All processes with same UID can read each other's memory
1: Restricted (Only parents can read children)
2: Admin only (Requires sudo).

Most distros have this set to 1 by default.

More details: man 2 ptrace, search using /: scope

[–] favoredponcho@lemmy.zip 2 points 1 week ago

Didn’t Bitwarden store your passwords in application memory too?