The Web Won't Be Safe Or Secure Until We Break It 180
CowboyRobot writes "Jeremiah Grossman of Whitehat Security has an article at the ACM in which he outlines the current state of browser security, specifically drive-by downloads. 'These attacks are primarily written with HTML, CSS, and JavaScript, so they are not identifiable as malware by antivirus software in the classic sense. They take advantage of the flawed way in which the Internet was designed to work.' Grossman's proposed solution is to make the desktop browser more like its mobile cousins. 'By adopting a similar application model on the desktop using custom-configured Web browsers (let's call them DesktopApps), we could address the Internet's inherent security flaws. These DesktopApps could be branded appropriately and designed to launch automatically to Bank of America's or Facebook's Web site, for example, and go no further. Like their mobile application cousins, these DesktopApps would not present an URL bar or anything else making them look like the Web browsers they are on the surface, and of course they would be isolated from one another.'"
Broke it (Score:5, Funny)
Re:Brilliant! (Score:4, Funny)
Yes.
But for Security! Instead of you know, what ever reason we used them before then got rid of them the first time around.
Re:An App For Every Website (Score:5, Funny)
Someone would come up with another app that let you search through your other apps. They could call it... a search engine, maybe?
Then we'd rename those apps as "web pages", as they're pages networked together in a giant web.
Then someone else would think of making a single, unified app viewer, which would let you browse through multiple apps in an interlinked fashion. Browser could be a good name for that.
Dude, that sounds so revolutionary. Nobody would've thought of that before.
Re:Uh... (Score:3, Funny)
Maybe we should mix "computer program" and "app" to form a new word. I suggest we call these things Crap.
Re:Uh... (Score:5, Funny)