NoOp schrieb:
On 05/12/2011 05:36 PM, David E. Ross wrote:
On 5/12/11 4:55 PM, Robert Kaiser wrote:
WLS schrieb:
Robert Kaiser wrote:
WLS schrieb:
Is WebGL going to be disabled by default or is that something we will
need to do in about:config?
Why should it?
Because of the security threat.
http://www.theregister.co.uk/2011/05/11/chrome_firefox_security_threat/
None of that is a real security threat that requires immediate action,
from all I know and heard (and I'm in Mozilla's security group). This
looks very much like some "investigator" trying to gather massive media
attention in his favor without a really good backing. Both "threats" are
low-impact concerns that we will look into but require no immediate
action. There will be a Mozilla blog post on this topic very soon.
Media is making every fly into an elephant if they think they can "sell
a scandal".
Robert Kaiser
US-CERT, an agency within the U.S. Department of Homeland Security,
gives credence to this threat. See
<http://www.us-cert.gov/current/index.html#web_users_warned_to_turn>.
Don't worry... be happy. :-) (that's a joke)
http://blog.jprosevear.org/2011/05/13/webgl-security/ is the Mozilla
statement to that topic.
I don't care too much for researchers or the media creating scandals for
their publicity, I don't care too much for the DHS weakly informed
statements, but I do care a lot about what the experts from multiple
browser vendors are saying in the respective working group and security
groups and they say it's something to look into but nothing that can
immediately be put to danger.
Robert Kaiser
--
Note that any statements of mine - no matter how passionate - are never
meant to be offensive but very often as food for thought or possible
arguments that we as a community needs answers to. And most of the time,
I even appreciate irony and fun! :)
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
