this post was submitted on 08 Jul 2024
485 points (98.4% liked)

Memes

45726 readers
882 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
485
submitted 4 months ago* (last edited 4 months ago) by hydroptic@sopuli.xyz to c/memes@lemmy.ml
 
you are viewing a single comment's thread
view the rest of the comments
[–] hydroptic@sopuli.xyz 10 points 4 months ago (10 children)

Why do so many folks dislike webp? I really have no strong feelings towards it one way or the other

[–] SnotFlickerman@lemmy.blahaj.zone 11 points 4 months ago* (last edited 4 months ago) (8 children)

JPEG-XL is better, for one, if we are talking still images, and for two, webp is just one more instance of Google forcing a preference for their own technology over others.

They refuse to implement JPEG-XL support similar to how they stripped Miracast out of Pixel devices so you can only cast to Chromecast devices unless you root your phone and put on LineageOS, which has brought back Miracast.

Things like webp are Google trying to do an end-run around web standards with the intent of allowing Google, the company, to be the final arbiter of web standards instead of the W3C (World Wide Web Consortium).

People who hate webp are most likely people who hate Google's quest to dominate the web and be the arbiter of standards.

[–] miridius@lemmy.world 2 points 4 months ago (5 children)

JPEG-XL is better

Citation needed

[–] optissima@possumpat.io 4 points 4 months ago (1 children)

In September 2023, two critical vulnerabilities[108] relating to WebP images were discovered by Apple Security Engineering and Architecture (SEAR) and the Citizen Lab, potentially affecting Google Chrome, Chromium-based browsers and the Google's libwebp project, among any application implementing libwebp. Among these vulnerabilities, CVE-2023-4863 was an actively exploited vulnerability with a high risk rating of CVSS 8.8. This could lead to an out of bounds/overflow condition in applications using the affected libwebp library, upon exploitation of a maliciously crafted .webp lossless file. This could result in a denial of service (DoS), or worse, enabling malicious remote code execution (RCE). The extensive use of libwebp packages across hundreds of applications, including all categories from web browsers to mobile apps, posed a major patching challenge to mitigate the vulnerability due to the demanding testing requirements before release, highlighting the implications of this vulnerability on a wide scale.

https://en.m.wikipedia.org/w/index.php?title=WebP

[–] miridius@lemmy.world 1 points 4 months ago

So what, we're not supposed to use any library that's ever had a vulnerability? You better go uninstall literally everything on your computer then

load more comments (3 replies)
load more comments (5 replies)
load more comments (6 replies)