This project is archived. Its data is read-only.

Audit Instantbird's security

We need a thorough security audit of Instantbird which checks for things like:

render attack surface (content window, XSS filter, etc.)
crypto in NSS and how JS uses it (if we use it?)
interface between the UI and OTR
Proxy by-pass issues

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information