What happened to hiring an architect?

Magnus Melin mkmelin+mozilla at iki.fi
Mon Dec 19 20:44:23 UTC 2016


If you're really interested in knowing which advisories applied to 
Thunderbird, you're free to go click through them and count - see 
https://www.mozilla.org/en-US/security/advisories/ - the product is 
listed for each. Of course not everything applies to Thunderbird, but a 
lot of them do apply.

I don't see it as fruitful to discuss some "stripped down version". At 
the end of the day, even very simple use cases like showing pictures 
could expose you to remote code exploits (like mfsa2016-92 fixed a 
couple of weeks ago). That is, you open your mail and BOOM, the attacker 
can do whatever he wants with your machine.

  -Magnus

On 19.12.2016 21:50, Disaster Master wrote:
> On 12/17/2016 7:10 AM, Magnus Melin <mkmelin+mozilla at iki.fi> wrote:
>> On 16.12.2016 17:24, Disaster Master wrote:
>>> On 12/15/2016 7:02 PM, R Kent James <kent at caspia.com> wrote:
>>>> Postbox's new release is on Gecko 7.0.1, which is now over 5 years old. I have not heard any great outcry about their security issues, and someone on this list (...cough..  BK...cough..ensa) keeps telling us what a great product that is, and how popular it is in Mozilla. So clearly forking Gecko is a CHOICE, and if people at Mozilla are using it then some people at Mozilla must not care that it is based on old Gecko, either.
>>>
>>> This supports my feeling that the security risks are actually much 
>>> smaller for TB than they would be for, for example, Pale Moon.
>>
>> The security risks are very present,
>
> Only one person (Jim) has responded with any specifics on these risks, 
> but alas didn't respond to my follow-up about how or whether or not it 
> would be possible to mitigate said risks - regardless, I didn't grok 
> his response, so have no way of knowing if the risks are real (for TB) 
> or not.
>
> Care to elaborate on what *you* mean by risks? Specifically with 
> respect to TB? Specifically, with regard to my comments about there 
> possibly being ways to mitigate or even eliminate said risks by simply 
> locking down the HTML capabilities to a bare minimum necessary for 
> rendering HTML emails in a safe way?
>
> Again, it will apparently be *years* before the need to fork Gecko 
> would come to pass - *if* it did, so it isn't like there isn't some 
> time to make informed decisions and have our options ready.
>
>> you're just living on hope thatnobody bothers to target you.
>
> No, seriously, I'm not, so please stop presuming to know my mind.
>
>> Just to put things in numbers: there have been 96 security advisories 
>> from Mozilla this year alone. So with Gecko 7.0.1 (from 2011) there 
>> are virtually hundreds of holes just looming along in Postbox. These 
>> are so old security bugs that they are public by now, many with 
>> explicit instructions...
>
> Are you sure that every one of these security advisories apply to TB 
> and the way it uses Gecko?
>
> I mean - Firefox is a web browser. TB is *not*. Surely there are a 
> *ton* of 'features' in Gecko that TB doesn't use and has no need for?
>
> Again...
>
> Would it not be possible to lock down TB to a specific subset of Gecko 
> functions in order to let it render basic HTML emails, but minimize or 
> even eliminate the security risks that would otherwise plague a full 
> blown web browser?
>
>
> _______________________________________________
> tb-planning mailing list
> tb-planning at mozilla.org
> https://mail.mozilla.org/listinfo/tb-planning

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/tb-planning/attachments/20161219/757abe36/attachment.html>


More information about the tb-planning mailing list