I think the ideal mainstream browser to be hardened should be a webkit2 one,Īlthough i'm biased to UXP/PM due to design decisions, way cleaner/smaller codebase, and architectural differences, i think these are my views about the three main platforms.Best Chromium-Based Browsers Google Chrome Firefox is better in that respect, and some kind of safari-like browser would be better than the two, as webkit seems to be, in a contradictory way, the freest and easiest community maintainable open source engine from the 3 mainstream ones today, and you can even see people backporting webkit2 code to webkit1 in the WebPositive Haiku browser. The browser may be jailed like people in OpenBSD world do, but sometimes you can't jail the browser because you do not want to lose performance (i'm fully anti-sandbox in a desktop system level, for me it was a way of reducing OS and virus protection costs from microsoft, google and apple, the same i think about real time protection). but the complexity of things like its true multi-process architecture, and, particularly, the way the architecture works in certain operating systems, brings extra attack vectors where things do not always happen in userland in a more dominant way and things get mixed (windows NT is an example where that may be a security liability from the way the browser manipulates the OS, but linux is just a kernel and we know there are plenty distros that operate in a very similar way). By that i mean, chromium may be the worst because it's a whole operating system inside a binary with so much stuff that isn't even browsing-related and the code is just so massive and long-standing. I think the main point about the viability of hardening a browser is the case where the code from it is already safe enough along with how architecturally vulnerable it is.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |