Why we need Gecko updates
tanstaafl at libertytrek.org
Wed Dec 9 15:07:55 UTC 2015
On 12/8/2015 7:40 PM, Ben Bucksch <ben.bucksch at beonex.com> wrote:
> As you know from being at the Mozilla Security Group and the public
> advisories, the Gecko rendering and JS engine has security holes fairly
> regularly. Every month (or every few months), there's a critical
> security hole, whereby "critical" means that any random ad published via
> an ad server on a website you visit can read all your files on your
> computer, install random malware, impersonate as you, and generally can
> do whatever you can do on your own computer.
Has anyone ever looked into how much effort would be involved in making
the HTML rendering engine somehow modular? But I guess that would
introduce other build issues of its own...
More information about the tb-planning