I’d seen it in my Firefox/Win10 + uBlockO setup. I just used yt-dlp and then a uBlock “quick fixes” update sorted it.

I’d seen someone calling all us Kagi fans shills which I thought was stupid at the time, but now I’m starting to see why they might think that.

I’m not sure I even knew they had a Captcha, I guess I don’t look like a bot.

Apart from that archive.today seemed down yesterday - I was worried they weren’t coming back!

Yeah, which is good, right? Built-in generally works better.

The last section makes me think they can’t be bothered to take it into production. It’s weird; they spend all these words describing the problem and their solution then conclude with but 🤷‍♂️ no-one really cares.

I use Gboard which does the same, but I also have multiple languages enabled which you switch by long-pressing the spacebar and I regularly trigger the wrong one - very annoying.

Thursday’s patch is the product of recent penetration testing work that the Mozilla Foundation funded, Mastodon cofounder and CTO Renaud Chaput told Ars. He said a firm called Cure53 performed the pentesting and that the code fixes were developed by the several-person team inside the Mastodon nonprofit.

This is good to see, although it’s worrying that such a serious vulnerability went unspotted for this long. At least, I hope it wasn’t spotted; maybe some bad actor’s made subtle use and all our bases are belong to them.