Why we need Gecko updates

Tanstaafl tanstaafl at libertytrek.org
Wed Dec 9 15:12:12 UTC 2015


On 12/9/2015 3:04 AM, Mihovil Stanić <mihovil at miho.im> wrote:
> If remote servers are disabled by default and java script disabled in
> email, how big threat are those vurnabilities?
> That doesn't sound like a big threat to me, but I might be mistaken.
> 
> Additionaly, I really don't see point in surfing webpages with TB.

I agree, and I neglected to follow-up, but this - 'surfing web pages
with TB' - is what I meant when I said the 'browser should be ripped out
at its roots'...

I understand that we need an HTML rendering engine for rendering HTML
emails, but that should be a very stripped down engine, no need for a
full blown browser engine. Personally, I don't see a problem with
completely disabling JS in the rendering of the email itself (separate
from magic done by Addons using JS)...



More information about the tb-planning mailing list