Comment 16 for bug 991982

Marc Deslauriers (mdeslaur) wrote :

While I think the twitter feed in the slideshow is pretty cool, the fact is having this on media we can't change is problematic. The webkit engine that is being used to display the twitter feed gets around 20 security fixes every single month. As soon as one of those issues makes the twitter feed susceptible to being used as a way to systematically alter Ubuntu during installation, our installation media becomes useless and we need to re-spin a new one.

Once we publicize the fact that the twitter feed needed a security fix, I suspect it will start getting poked at by security researchers for the simple reason that fixing it requires issuing a whole new disc image.

If we really want to have this in the installer, I believe we need to rethink the way it is being done to have it use a server that is under our control and has a kill switch function.