[Cialug] Security and the browser
Jeffrey Ollie
jeff at ocjtech.us
Mon Oct 20 11:00:07 CDT 2008
On Mon, Oct 20, 2008 at 10:53 AM, Nathan C. Smith
<nathan.smith at ipmvs.com> wrote:
>
> Some of the risk elements might include plug-ins, types of plug-ins, rendering engines,
The ActiveX plugins seem to be a favorite vector for attack because
they don't run in any kind of "sandbox" once you let them onto your
system.
> open-source v. closed source and whether a code review is possible,
Obviously open-source is a win here, as a code review of the FireFox
source is possible (but perhaps not practical for a small company to
do on it's own). Throw enough money at Microsoft and I'm sure they'll
let you see the IE source code but that seems a bit silly.
> and the track record of the company supplying the product.
Microsoft. Need I say more?
--
Jeff Ollie
"You know, I used to think it was awful that life was so unfair. Then
I thought, wouldn't it be much worse if life were fair, and all the
terrible things that happen to us come because we actually deserve
them? So, now I take great comfort in the general hostility and
unfairness of the universe."
-- Marcus to Franklin in Babylon 5: "A Late Delivery from Avalon"
More information about the Cialug
mailing list