freebsd-listen at fabiankeil.de
Fri Jun 28 11:10:35 UTC 2013
Matthias Kirschner <mk at fsfe.org> wrote:
> I'd like to have some feedback from you. Do you agree with those points?
It's enabled by default in most browsers, but lots of embedded computers
> 2) This gives anyone a platform to play with parts of their owners
Not anyone, "only" anyone who controls a website the browser accepts
> 3) From a security point you are lost as soon as you give an adversary
> the opportunity to control your system.
system is limited by the "sandbox".
system less secure, though.
> 4) Only non-active web content can guarantee that you keep control over
> your equipment.
"Non-active web content" tends to cause a lot less security problems
than "active content", but that's about it.
> And the last question: if all above is true, do we want to tell this to
> the public? Does it help? Or would we be seen as being completely
I think at first the FSFE should make sure that its own website
fixing or ditching EtherPad whose developers apparently don't care
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 196 bytes
Desc: not available
More information about the Discussion