Gecko vs Goanna for Thunderbird Independence
Ben Bucksch
ben.bucksch at beonex.com
Thu Apr 13 22:11:11 UTC 2017
Jörg Knobloch wrote on 13.04.2017 23:26:
> On 13/04/2017 22:10, ace wrote:
>> Are there any devs left who could join us?
> I think they need all their manpower for Pale Moon.
They are speaking about security holes in their announcement, which is a
responsible act for me. I did the same after I could not longer support
Beonex Communicator, and it pained me, but it was necessary.
The fact that they mention security holes as reason for users to have to
switch mail clients, tell me that they have the problem on the radar at
least. This is good news. It means Pale Moon is at least trying to
maintain the security.
But it's futile. Pale Moon will soon fold as well. They'll make it a
little longer, but cannot continue indefinitely like that.
Coincidentally, I just did some research on that. In the last 8 years,
there were no less than 250 known critical *1 security holes and 600
memory corruption bugs that might be exploitable. One critical security
is already a very serious risk.
The further you are from Gecko mozilla-central, the harder it gets to
backport them.
*1 A "critical" security hole means, by definition, that the bad guy can
take over your computer from the Internet by sitting in his arm chair in
Russia, or using a botnet or worm, and he can then do everything that
you can do on your computer, including getting at all the data on your
harddrive, reading your keypresses, and doing the same things that you do.
More information about the tb-planning
mailing list