> Lack of goodwill is *qualitatively* more dangerous than lack of ability.
Here again, it is not a uni-dimensional case of ability vs. goodwill.
(1) Obese software are generally better ripe for smuggling in some malware,
than slim and lean ones.
(2) Obese organizations are generally better ripe for infiltration. (1) and
(2) go usually in lockstep: If you have 1, then you have 2 too, and vice
versa.
(3) For the reasons above, large software are more likely to be targeted by
institutional intelligence attack (I hoped we would discuss this in the other
thread but it is drawned among the other things)
(4) Obese software means complexity, which translates into larger exposure to
threats.
(5) Obese software are resource hogs.
If you think about (3), then it becomes all too plain why "lack of goodwill"
mostly occurs in obese software circles. Add other drawbacks to that, and you
can see why I prefer keeping away from obese software. It is a practical,
easy, and radical approach, than putting a monstrous of software with
millions of LOC under microscope and trying to secure it. It is practically
impossible, and possibly a good waste of your time.
You already know one of my strategical approaches to *practical security*
(shrink exposure, get rid of ballast, simplify all). It is quite easy and
straightforward to implement. And quite an efficient one.
So, there is more to it than just "lack of ability vs. lack of goodwill".
As for IceCat being endorsed by FSF, I believe it was just a tactical error.
As humans we all are prone to errors.
I guess the rationale behind it was "if we take a successful browser with
good www compatibility, and if we prune it (mission impossible) then we would
be able to offer something *desirable* for the masses, instead of some
theorethically perfect niche browser with a niche user base."
Your warning RMS of the issues with IceCat is indeed a *BIG* service to FOSS.
Because it will hopefully prompt FSF to think it all over again. I don't
expect a quick decision any time soon, because it inherently entails radical
measures to be taken. I *do* really hope GNU adopts Midori and starts
offering it instead of Mozilla derivatives.
> https://trisquel.info/en/forum/web-browser?page=6#comment-128395
Mission impossible, and a tactical approach. They should question the base
instead.
