What a load of crap. Some guy in his free time tried to port palemoon to one of the bsds (i think it was open), and they got all up in arms about use of their name before the guy even published anything. He was hacking in his own github repo, and these clowns created a scene there.
> Hopefully, in the future everyone can learn from this incident
Yeah, I know I sure learned something. I learned that Palemoon and its development team are hostile as hell.
The search continues.
Then Mozilla could be free as in freedom and stuff. (If you don’t know what I mean, go read the hoops the license created for the packagers in the github issue. Now I see why the whole ice weasel debacle happened!)
The Pale Moon devs weren't super polite about it, but they were objective and clear in their statements.
The weren't super polite. In fact, they weren't polite at all. They were rude and demanding. I can't blame anyone for not wanting to collaborate with them after reading that thread. I wouldn't.
Well there were 2 "issues" in that case. Being right about one certainly doesn't justify the other. One was the "technical" one of the conditions of redistribution. The other one was that one guy decided to start off the discussion as a grade A a-hole, rude, arrogant, dismissive, confrontational, and probably a few more. Discussions can degenerate but how often is it productive to start one with such a hostile attitude, especially in public?
Right as he may have been I wouldn't touch such a toxic person with a 10-foot pole. Such an attitude sabotages any amount of skill until the net contribution is actually lower than that of a less skilled person you want to work with. Case in point, so many devs actively stay away from the project (or more likely the person).
That thread burnt most of my goodwill toward Palemoon which wouldn't have happened if they'd at least approached them civilly in the first place. Even if it had escalated from there.
on HN(2017): https://news.ycombinator.com/item?id=15112524
And I frankly don't see any problem with that.
This is a self-inflicted wound.
You mean OCSP/CRL? Every browser does that.
I'm not sure if XUL and XPCOM really makes sense the way that it did when it emerged sometime in the history of Firefox (or Mozilla or Netscape - I'm not sure.) If I were to use a Firefox fork, I think the most I would ask is one that is more defensive and less full of services I don't care about. I don't trust studies or experiments anymore, and I don't care about Pocket.
XUL and XPCOM start with Netscape Navigator 6, the bulk of whose code was made open source and would eventually become Firefox (and Thunderbird). So we're talking about stuff that was designed around 1998 and never really updated to track the latter development.
For its time, XUL was really a major departure from HTML. But several of its ideas were eventually implemented in HTML: the Web Components specification originates from an attempt to standardize some of the custom component work in XUL, and the CSS box model explicitly listed the XUL box model as prior work. But, given the influence of the other browser engines in their development, the resulting specifications aren't XUL, and there's important but subtle differences in how they work. And maintaining two very similar but actually different ways to do the same thing is a recipe for bugs and security holes. At the scale of Mozilla, that unused code can be a very fruitful way to hack users' computers--the NSA actually used a vulnerability related to unused features in JS (specifically, E4X) to track Tor users, since Tor was using an out-of-date version of Firefox that wasn't getting security updates.
NPAPI is dead. There are no longer any mainstream browsers which support it; as such, upstream development of NPAPI plugins has largely ceased. NPAPI plugins present a significant attack surface, especially ones which interpret code like Flash and Silverlight, so continuing to support them presents a significant risk to users.
Anyone got the story on this one?
At first I was thinking, "Oh, neat. A browser I know nothing about. Maybe I'll give it a try."
After reading how multiple Pale Moon people acted in that thread, I'll pass. I've worked with people like that in the past, and I don't want to support them in any way, or validate their work.
(EDIT): Ah shucks, USPTO TESS links don't work correctly. Anyway just search for "Pale Moon", I couldn't find anything relevant.
Pale Moon's developers will threaten legal action if you use the wrong compile flags for their software??!
I don't think MOzilla ever threatened legal action out of the gate like that though.
I've also tried qutebrowser, which is nice, but it's missing uMatrix/NoScript, RequestPolicy, and uBlock Origin-like extensions. So I'm stuck with Firefox for now.
They can pry my NPAPI plugins out of my bare hands.
These 3 are the main reason I still have a semi-legacy browser (Waterfox)