Slashdot Mirror
Is There Room For a Secure Web Browser?
An anonymous reader points out an eWeek story about researchers from the University of Illinois at Urbana-Champaign who are designing a new web browser based on security. The new software, code-named OP for Opus Palladianum, will separate various components of the browser into subsystems which are monitored and managed by the browser kernel. Quoting:
"'We believe Web browsers are the most important network-facing application, but the current browsers are fundamentally flawed from security perspective,' King said in an interview with eWEEK. 'If you look at how the Web was originally designed, it was an application with static Web pages as data. Now, it has become a platform for hosting all kinds of important data and businesses, but unfortunately, [existing] browsers haven't evolved to deal with this change and that's why we have a big malware problem.' The idea behind the OP security browser is to partition the browser into smaller subsystems and make all communication between subsystems simple and explicit."
"Our policy removes the burden of security from plug-in writers, and gives plug-ins the flexibility to use innovative network architectures to deliver content while still maintaining the confidentiality and integrity of our browser, even if attackers compromise the plug-in," he said.
Great! :)
But even if it works as planned...this new browser is going to enter the market and who is going to download it? A tiny percentage of internet users--those would be part of the same minority who would also know how to use Firefox (and other browsers) quite safely *right now*.
So who is this product for? Seems interesting from a design point of view, but unelss one of the big browsers adopts it, could it really make even a tiny dent on the security of the internet?
I predict no. The internet's main problem is between the monitor and keyboard ;-)
*iza
Careful What You Wish For....
M$ has a malware problem. I'm all for better design but we should avoid sweeping generalizations about computer security. It's not a "computer virus" it's a Word Macro, a pdf pass through exploit, an Outlook problem, etc. People who pretend to be "platform neutral" are either ignorant or trying to sell you something second rate. Any platform can use more security but only one of them really needs it.
The general approach sounds much like what any browser, or any program for that matter, already does. A main process calls and monitors subroutines that do different things on demand. Calling the main program a kernel and it's messaging "OS level" does not do much for me. All modern software is as modularized as possible. What's really going on here besides Microsoft Research hype?
Friends don't help friends install M$ junk.
But then they weren't cool anymore, so I stopped wearing them.
One quick and easy way to make the web a safer place would be for ActiveX to be shunned by everyone. If you are a web developer, simply refuse to use it.
Users with strong privacy protections can't get past the stupid ad screen. Find another source, please.
as you say. who will adopt it? The people who would most benefit from it? Of course not.
Security is low on the list of features people notice, so sacrificing anything higher on that list for the sake of security will be perceived as a negative feature.
So no.
http://www.microsoft.com/windows/products/winfamily/ie/default.mspx
Ad-free version of article.
How hard is it to look for the "Print version" w/o ads and link to that?
You think Microsoft wants people to equate Firefox with security like you just did? This piece of vapor is all marketing.
This is more of the same from them, promising things they never deliver. Security has been job one for them for the last six years and it has yet to make a dent on the malware problem their customers have. Yet there they go again, "our next version of X will completely blow away the things you could enjoy from our competitors today." It gets tiresome.
The scant description makes their new concept sound like a Mosaic UAC and it's ripe for abuse. The company that's been accused of manipulating search results and political based email filtering would love to have a complicated "security" wrapped around the world wide web.
No calls now, I'm
Partition? Unpatriotic wimps I say! Give me repartition or give me vulnerability! Besides, to really be an "Opus" shouldn't it be a penguin?
...emacs is getting a browser. Still no word on the implementation of a usable editor.
This is just another layer of software to further destroy the performance of our modern PCs. Even just to render a string on-screen in a web app goes through numerous layers on a typical Linux system:
1) The browser's UI layer.
2) The GUI toolkit's high-level rendering layer.
3) The GUI toolkit's low-level rendering layer.
4) Xlib.
5) The network connection, UNIX domain socket or shared memory between the Xlib and the X server.
6) The X server's high-level graphics layer.
7) The X server's low-level graphics layer.
8) The X driver.
9) The Linux kernel.
10) Finally the hardware itself.
So even a "Hello World!" app for a browser goes through at least 10 layers of code, and that's in an ideal situation. It's no wonder that PCs today don't feel any faster than those of a decade ago, even though we've got hundreds of times the processing power and RAM; we keep slowing them down by adding further layers for such basic operations.
Lynx.
Just think of what Microsoft would like to do with UAC for your browser. "This website is not Microsoft signed, Cancel or Allow?"
No calls now, I'm
Divide your software into subsystems managed by a kernel. That's certainly guaranteed to make things more secure -- just look how well it worked for Windows.
The solution for a more secure browser isn't to guild it with ever-growing layers of security and virtual machines, quite the reverse, it's to keep things simple.
If we allow an internet to exist without the need for complex interpreted languages, if people open mostly static HTML documents when they open web pages instead of opening a pandora's box of plugins, languages, interpreted bytecodes, activeX gotchas and other unnecessary exploitable garbage, then the entire internet will be more secure.
By making it more complex, exploits and backdoors are virtually guaranteed. But well, that's just *my* ignorant opinion.
You can't send a takedown notice to an already printed newspaper.
What the hell makes these UIUC people think that they know how to make a browser? You'd think they'd leave this kind of thing to people who've done it before. Sheesh! :)
I have said for years that an application and a kernel are the same damn thing. I gave up eventually on trying to explain microkernel architecture and how to make an application resistant to faults and attacks because no one listened. Not even when Flash and Java crashed and took down the whole browser (oops). Looks like someone's finally getting the idea of protected mode memory schemes and operating system security policies (which you can apply to different processes, but not different bodies of code... well you can, but it's hard and causes huge performance problems)
Support my political activism on Patreon.
Security isn't important enough to people right now to make the change away from IE (or older versions of it). A new browser deemed more secure will be met with less interest because those people not wanting to deal with current secure features in Firefox like NoScript and AdBlock plugins, surely they won't want to fiddle with something having even more restraints.
I don't see why this couldn't fly. Samuel King appears to be a well-established professor with solid credentials. It's based on SELinux at present, but they've designed it to work with various other resource segmenting programs (they named AppArmor).
I'd say the key to finding a market will be standards-compliance. If it supports HTML 4 and XHTML reasonably well (like anyone can do it perfectly) and has ECMAScript, then it can work with a properly-designed webapp. While they're designing plugin support, I don't think it matters much whether Flash will be supported. People who care about security don't tend to be distracted by shiny things.
Sure, it won't even come close to top of the browser list. The purpose of this browser, however, is to bring web browsers to locations that can't use them because of security concerns. As a developer, I can certainly say that my productivity is improved with web access - forums, developer documentation, bug reports. I've been at companies that won't let their developers work on the Internet at all, probably for fear of espionage. The web browser is probably the second largest target (after e-mail clients) for malware writers. Web browsers are ubiquitous now, so spending some time researching "white-hat" web techniques is a worthwhile effort regardless, and I'm sure there are some who will find this browser useful. I will continue to use Firefox, despite the security concerns associated with JavaScript and Flash. My tin-foil hat is back in the closet, and I want to keep it there.
"Please describe the scientific nature of the 'whammy'" - Agent Scully
Here is a link to the full research paper, we hope you enjoy it!
OK, if you really want a truly secure safe OS (and by extension, to a browser mapped to the same address space), this is what you need in your OS:
Not one microkernel, for extra safety you need redundant nanokernels, with a microkernel over those, then the user kernel. To prevent buffer overruns, all messages passed between these are sent as emails, with spamassassin checking lest any of them get any ideas about sending spams.
OK, next you need lots of verification. Every time you write to disk there should be a second process to verify that what was written is correct. Then you need a process to check that the verifier process is checking things correctly. If memory doesn't run out while doing this, a body of processes should vote democratically as to whether the whole thing finished correctly. In case of collusion between the processes, some of them will be strictly dice rolls.
The least trusted part of the computer is the user, otherwise known as the "owner" of said computer. Thus, that person should not be allowed to do anything because that is a sure way to introduce problems. Harass that person with questions and popups at every opportunity. That will make sure they go out and read a book and not get in the way of the important things that the operating system is trying to do.
To prevent hardware from crashing any of the kernels, they must be separated by a special interface layer that works a lot like a chat room (IRC). What this means is that devices that speak the protocol correctly can connect and be listened to by the kernel(s). Those that misbehave or that use foul language are kicked off by the watchdog process. The watchdog process is watched by a bulldog process. Sometimes the bulldog just barks, other times the two are wrestling it out on the ground while the rest of the system waits for them to sort out their differences. Alas, such is the price of progress.
To further prevent buffer overruns, a new character encoding is introduced where a previously one-byte code now needs ten bytes to encode it. This means that buffers have to be ten times bigger and thus there is a lot more space before an overrun occurs.
Let me know if you can think of any more features to add to this future super-OS.
You can't send a takedown notice to an already printed newspaper.
They're using a rendering engine written in a language that gets its stack smashed by buffer overflows. Nearly all browser security bugs that aren't of the XSS-type are due to buffer overflows.
Next.
Seriously, yes, I'd love to see a secure browser I could recommend for my family's computers, but it's alot of hard ground-up work. (It might actually be faster to write a tool to port the current Gecko/Webkit tree to another language automatically than to start in on a whole new rendering engine in a secure language).
Get started now and the silicon will be fast enough by time the browser is ready.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
He'd know what to say...
Whiny-bitch-free version of the motherfucking link provided by parent.
or
Really fucking easy, which is why we don't need a karma whoring bitch such as yourself providing the motherfucking thing.
or
About as easy as shutting your editorializing bitchass mouth motherfucker.
Then they would blame 3rd party attackers.
If these guys only have security in mind, imagine what will become of standards compliance. It's already a pain to code for Firefox/Safari/Opera and IE5/IE6/IE7/IE(infinity), we don't need a new one.
Typical OSS mindset... Instead of helping others make their stuff better, they just make their own version.
How about simply throttling the CPU usage Flash can use in Firefox? The whole system can slow down to a crawl just from ONE ad-laden web page. I'm not on some slouch of a computer, but every once in a while I wonder why things are sluggish. I close the suspect tab and everything's back to normal.
To me a secure browser would be non-modular, and be pretty slim on the list of features.
NO activeX
NO plug-ins, period. Once you introduce a 3rd party software entry point, it's spoiled
No giving out referrer info unless you say so
strict cookie control
mike's ad blocking hosts file built in, and configurable(or something similar)
CANCELABLE javascript. Wha? Any time you get a javascript prompt, you'll have OK, cancel, and "stop all javascript right fucking now".
Javscript turn off URL bars, resizing of windows? I don't think so. Leave that to the user.
And I'm betting there's 20 other things I haven't thought of that's mandatory. The web browser has become so fluidic that there's tons of entry points to a user's system now.
I am the CIO of a technology company and would welcome reasonable solutions that allow me to help plug the risk that unmanaged code in today's browsers represent. Browsers remain one of the most prevalent sources of infections and malware which risk my corporate network and are also a source of data-loss/leak risk.
In the age of SOX, HIPAA, PCI and others, I would welcome a tool to add a layer of protection, enforcement, and a compliance trail for auditors.
Heck, this might be the first browser variant I would be willing to consider PAYING for.
Maybe it won't fly as a consumer browser, but corporations may flock to it.
-M
Well they are just applying Brooks' Law... a bit late but better late than never.
Mosiac begat IE. The original Mosiac authors begat Netscape which begat Mozilla which finally (with a few namechanges we can skip) begat Firefox. Now with over a decade to see just how those original designs failed to scale to what the Internet became it is about time to toss the whole codebase and start over with the knowledge of what didn't work.
Hope they can do it faster than the whole Mozilla rewrite ended up taking.
Democrat delenda est
The browser is the single flakiest application in modern operating systems, and has long needed an overhaul to make it robust and protected by design.
In Firefox on Linux, to lose 20 open tabs just because of a single bad web page is incompetent browser design, and Mozilla should be taken to task over it. The fact that some lost sessions can be recovered on restart is just a band aid --- the entire browser should not have gone down in the first place.
A robust browser kernel plus strong MMU-guaranteed separation and protection between pages or websites is exactly the way to go.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I know, I know... this is Slashdot, I shouldn't bother. But IE 7 on Vista (running in Protected Mode) is pretty damn secure.
While there have been exploits for IE 7, not a single one of them could successfully bypass Protected Mode. I'd say that's a pretty damn good track record for a browser that has been out for about a year and a half and has undoubtedly been targeted by many, many bad guys. (And good guys, for that matter.)
The kid-Blake Ross that worked(haha, more like cut and paste) on Firefox didn't do much other than reduce mozillas size to create firefox. He really didn't program anything.
Now firefox is just google's bitch for ad money kickbacks. $10 million dollars a year to him.
http://www.dulcenegosyante.com/top-20-internet-millionaires-under-30/
Although ff beta is not bad and has reduced memory usage but still way buggy.
Oprah is better than regular Firefox and only opensource people with an agenda have been pushing FF because it was viewed as holy,free and not compromising to greedy companies. Not so fast....
And the MoFo likes to blame 3rd party extensions for FireFox's memory leaks and instability.
Do you even lift?
These aren't the 'roids you're looking for.
I keep it updated to the latest non-beta release. I use no-script. I don't feel safe, how many fortune 500 companies get compromised on a regular basis? How often has /. been compromised? Whitelisting only works when you have some sense that there is *anyone* you can trust to run code on your machine. And anytime I allow jscript/flash/pdfs/quicktime etc. for a page, that is what I'm doing. I know one thing I should be doing is browsing only from a user with limited rights, but so much crap doesn't work without superuser that it just seems infeasible. And even a user account can spam people all day.
refactor the law, its bloated, confusing and unmaintainable.
Parent was attempting for 'funny'(not commenting on that), but not a troll - go easy, mods.
I have 180 GB free. That should be enough room. I hope.
More music, fewer hits
How long would it take us to recognize the web browser is too much flawed as an application platform?
IMHO all of we should strive to let HTML (and perhaps HTTP) behind and create a sound platform for internet application distribution,
one where I don't have to spend so many hours suffering for a old IE/firefox/ bug or the poor support of javascript programming tools,
one where I don't have to worry about security policies tinkered from a platform designed for content, not applications.
You could say that it would never catch up because of the widespread adoption of browsers (did you notice the name? browser!),
but then we are condemned to suffering ridioulous 'innovations' (AJAX ? come on! smart terminals were a long time ago,
a secure web browser?! why should I bother more about it than my OS security? After all, is my application platform ).
It's just a matter of when do we want to do it, because you just can't continue stretch it's limits ad infinitum.
We have payed too much for the sweetness of application distribution offered by the web. It just doesn't make sense anymore.
why bother with a new, slow design. The world already has a 100% secure browser immune to security threats -- Safari.
If they want to write a more secure web browser, they shouldn't start with a C++-based layout engine.
Oh, great. Now I have to virus check my pens, ashtray, spare batteries and what not. As if it wasn't bad enough. Damn you.
Bernstein was working on the idea of a Unix-based web browser where every component of the software was locked in a jail. For instance if you wanted to decode image data like a jpeg, the browser would spawn a process that couldn't do anything but take jepg data on stdin and produce a decoded pixel bitmap on stdout. Each process would run under a separate randomly-generated UID, etc.
Basically, it would be next to impossible to hijack this via malformed data. Each component of the system would work the same way... it would take untrusted data from the network and output low-level decoded data in a safe way (for instance, the jpeg decoder would output the length of the bitmap, and then the bitmap). Of course there are limitations to this design (how could you possibly secure Javascript... maybe just leave it out!).
This is of course an excellent idea, which means it will never get implemented.
Programmers simply have too much ego to believe that they could possibly write a piece of code with bugs in it... either that, or they have this stupid belief that "all software has security holes" so they don't try to reduce them *by design*.
I'd like to see what they come up with though. If it's not brain-dead simple like djb's design, it will just move the security holes around rather than render them useless.
Mac OS X gets hacked first in a contest to hack 3 notebooks, running Mac OS X, Ubuntu and Vista, earning the hacker $10,000. Network attacks failed against all three yesterday causing the $20,000 offered to go unclaimed, today browser attacks were tested and Mac OS X failed in 2 minutes, Vista running IE7 and Ubuntu running Firefox managed to deflect all attacks. Tommorow 3rd party applications will be added into the mix to increase the attack surface of the remaining contestants.
http://security.itworld.com/5013/mac-hacked-first-in-contest-080327/page_1.html
Just goes to show the culture of the alternate OS types. Anything that proves them wrong is covered up and denied.
I'd rather wait for one named after Bill The Cat, if you don't mind. I'll "Breathed" easier.
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
"So how do you improve browsers from here?"
Give us the Internet as originally envisioned by Berners-Lee.
The point of all this is that the browser is insecure. OK, I grok that.
The *problem* is lazy programmers and "who gives a shit" product managers. I worked on a web system a few years ago and they wanted to do a lot of "cross site scripting" and I told them that was bad. They said, write an activeX control to do it. We'll leave the API undocumented and it will be safe. LOL.
Security breaches are the result of "product managers" who demand more than is safe on a web browser, software engineers that are too lazy to create a secure protocol, marketing weasels who set the deadlines too early to do it right, and customers who don't know any better.
It sounds nice but what happens when there's an exploit on the so called "kernel" as there so often is from other fine Microsoft products that actually make it to market? How is this thing going to contain the buffer overflow that writes over just the right bits in Window's ancient and identical from machine to machine, i386 memory layout? I'll believe something secure came out of Microsoft Research when the product has been on the market for two years and it takes a real bite out of the malware problem Microsoft has.
No calls now, I'm
Just take Firefox Portable and disable many of the nasty defaults like third-party cookies etc. Then load all the paranoia extensions like no-script, safecache, safehistory, refcontrol, cslite etc. and you can create a pretty secure browser without having to develop one yourself.
You want fun, go home and buy a monkey!
It could have been an albatross.
I thin that's the security model our government uses. Wrap everything in massive layers of bureaucracy and nothing bad happens. Of course, nothing good happens either, but that's OK.
When the performance is the main problem, such as to decode video, we have to use ActiveX. Although it a desktop client software might be better than a web page with an activex control, we have to provide this browser version to our customers because our competitor could this kind of feature. Everything on Web is stupid, but this is the trend.
Making a secure browser is like making a car that is safe to drive - impossible. Just like driving a car carries some inherent risks because you can't guarantee that other drivers drive safely, you can't make a browser that cannot be used in an way that compromises the security of your system. And just like you have to learn to drive safely, you have to learn to browse safely: don't allow adverts, don't allow Javascript or Flash by default etc. In Firefox at least there are tools that make it easy - eg NoScript which allows you to turn on Javascript temporarily for a single website as and when you need it. It's not really that hard.
As parent says, the product doesn't have to gain great popularity to have a great effect on the field, especially after a few years.
/proc filesystem, and more concepts are being ported still, such as PortalFS, applying the theory that everything should be a file to network sockets.
Plan 9 never "made it big", but it wasn't supposed to. Now most Unix systems have adopted ideas from Plan 9, like the
Plan 9 isn't a superstar, and in my personal opinion it's a pain to try to use, but it's considered a highly successful project. I'd like to try this browser, just because it sounds cool, even if it isn't my new browser of choice. I hear people praise Firefox, not because it's the best browser ever, but because it put pressure on Explorer to keep up with the market.
Proof of concept is worth a lot.
It's obvious something's wrong with most Internet software. Either the world is full of *inadequate programmers* or the problem is something more fundamental. I think we need to ask why an Internet application has to run in a browser? Why not make it a native (Windows, Linux etc.) application and only provide data to the browser (via HTTP) when it's necessary to expose it to the general public? This would make things a lot easier for the programmer and also provide significant security if the HTTP protocol is not used to transfer sensitive data across the Internet. Here's an example of the concept implemented in Delphi for Windows http://www.responsive.co.nz/source.html
into smaller subsystems and make all communication between subsystems simple and explicit."
Heah. Like MINIX.
I wan't something I can play with for 15 minutes and then shelve until they make the next press release. At this point the software probably tanks, but it's better than what I'd mange to write. And I tend to agree that Internaut Exploder (and all the rest o' those browsers) need to cut back a bit on the freaking eye candy.
Every one else (Microsoft, Mozilla etc) have said their browsers are secure, why should we think these guys are any better ?
Just because it runs as seperate 'modules' which communicate using set message passing functions, that can't directly mess with each others memory or the rest of the system, making it a zillion times more stable and secure than Other Browsers(tm), does not mean that it's going to be loads slower, or more complicated to develop for, or harder to find developers that will commit to developing for it. Monolithic browsers are a thing of the past. It's all about the micro-browser now. Just you watch. The Hirp of Internet Replacing Plugins (HIRP) browser will be what drives all of our web needs in the next 2-5 years/decades. You'll see.
The revolution will not be televised... but it will have a page on Wikipedia
plan b worked.....
which allows you to manually authorise cookies, gives pretty good control over the involutary activity.
The whole concept of http(get, post etc), html (static context), various plugins (java applets, flash etc), javascript etc is flawed right from the start.
What is required is a client application which is an application host (i.e. virtual machine for a language) and provides a 2d/3d graphical output.
Don't even worry about Quicktime. There's all sorts of open source video players (VLC is the big one, and on Linux there's Xine, mplayer, etc), and they do have browser plugins.
The real problem is Flash -- which seems to be the defacto evolution of the Web, and is quite disturbing. Anything that contains Flash will have to do so with Adobe's help, because Flash is a proprietary plugin. Unless Gnash catches up...
Don't thank God, thank a doctor!
"as for security, as long as it is open-source it will probably be patched and up to date well enough to deal with all the problems except the one typing on the keyboard. - by webmaster404 (1148909) on Thursday March 27, @08:43PM (#22888732) Well, apparently? You are NOT correct:
SECUNIA DATA ON BROWSER SECURITY (dated 03/289/2008):
Opera 9.26 security advisories @ SECUNIA (0% unpatched):
http://secunia.com/product/10615/?task=advisories
---
FireFox 2.0.0.13 security advisories @ SECUNIA (18% unpatched):
http://secunia.com/product/12434/
---
IE 7 (latest cumulative update from MS) security advisories @ SECUNIA (35% unpatched):
http://secunia.com/product/12366/
---
It seems that OPERA "bucks your trend/hypothesis", especially vs. FF (is this "open sores", by the way? Nobody seems to understand that when an app IS "open source", it is FAR SIMPLER to find bugs in it, than it is taking a closed-source app & using disassembly + steptracing as well).
"Open Sores" is truly that... FAR easier to spot bugs in, than closed source code, period.
APK
Get rid of auto-run, auto-install auto-anything applets.
Here's my idea of what a secure browser needs, at a minimum:
* No XPI, ActiveX, auto-install mechanism. At all. All plugins or other non-sandboxed components must be explicitly installed from outside the browser window.
* No application that does not explicitly declare itself to be a plugin or a handler for a URI method will be called by the browser. Ever. If there is a desktop bindings mechanism already existing in the OS, this must NOT ne used unless it provides this capability.
* The mechanism for passing URIs to handlers or embedded objects to plugins must not require quoting by the browser. For example, passing them as a UNIX argv, that would be allowed. Passing them as a quoted string to system() or ShellExecute()? No. Saving them as a file with a name completely determined by the browser, and passing that name to an application? Yes. Saving them as the name they had on the remote system, and passing them? No!
* The browser will not automatically open, unpack, play, view, or otherwise pass on any downloaded file to another application. It will save them to a downloads folder, and if desired provide a download manager that the user can (at their leisure) use to decide what to do with them. At the very least the download manager must allow displaying the file in the local file manager, deleting the file, and calling up details on the file.
Other security features (like writing the browser in a fully managed language) are also desirable, but this list should be an absolute minimum. At this point in time, there are no graphical browsers that I know of that fulfill these requirements.
There are some good ideas in the article but I think it's a bit incomplete.
I think browser security is already a major feature of Firefox so the article title is misleading.
The security features I see and which are part of Firefox are :
- automatic update and making sure users update
- good reactivity to correct bugs (means people working on security stuff, clean and understandable code,...)
- proactive security audit (mozilla has been doing this for a while, including developing specific stuff like jstfuzz)
- good security model (ie no ActiveX,...). This will be made better with post firefox 3 work (see http://wiki.mozilla.org/Mozilla_2/Work_List about centralized security check feature)
- UI : good communication with the user (ie for example reworked ssl dialogs in firefox 3...). I think this is the most difficult part as we all wan't to have a easy and powerfull to use browser without loosing security...
- not too much attack surface (ie not implementing too much things (or reimplementing similar things with differents api) , which multiply the risk) without sacrifying functionality
I agree that some stuff should be done in separate process and I think I read somewhere that it may be done in future Firefox version (something like the different privilege for different part of the browser done by MS with Vista and IE). Browser update should also be done by a separate process with different privilege, which is unfortunately not possible with Firefox at this time.
Some feature could also be provided by the os (ie even if I run my browser with my user account, I would like it to be in a "less powerful" mode by default and have this enforcable via the os (and not only the browser)
In the end, I think it's a good thing that some people experiment stuff to improve browser security.
Precisely. It's called Windows (or Linux if you prefer.)
Twitter is nothing more than a walking failed-abortion. His was an accidental conception and his cheap-ass egg & sperm donor couldn't afford the coat hanger to terminate the unwanted pregnancy. This is why he claims to be such a huge proponent of 'FREE' software...if only that coat hanger were free...