The Web Won't Be Safe Or Secure Until We Break It

CowboyRobot writes "Jeremiah Grossman of Whitehat Security has an article at the ACM in which he outlines the current state of browser security, specifically drive-by downloads. 'These attacks are primarily written with HTML, CSS, and JavaScript, so they are not identifiable as malware by antivirus software in the classic sense. They take advantage of the flawed way in which the Internet was designed to work.' Grossman's proposed solution is to make the desktop browser more like its mobile cousins. 'By adopting a similar application model on the desktop using custom-configured Web browsers (let's call them DesktopApps), we could address the Internet's inherent security flaws. These DesktopApps could be branded appropriately and designed to launch automatically to Bank of America's or Facebook's Web site, for example, and go no further. Like their mobile application cousins, these DesktopApps would not present an URL bar or anything else making them look like the Web browsers they are on the surface, and of course they would be isolated from one another.'"

Yeah. Sounds F***ing Awful

[presidenteloco]

I want the wild wild web, where the deer and the antelope roam, and the skies are (not cloudy) all day, not some locked-down police-state prison-cell silo-world of commercial money-sucking, mind-***king apps.

Re:Uh...

[mellon]

So basically he's proposing that instead of using a carefully insulated browser, we install code on our computers provided by banks that will never be updated, and will be full of unpatched bugs. And this will make our machines more secure. Are we sure this guy is a white hat?

SELinux Containers can do this

[dutchwhizzman]

Dan Walsh, one of the principal developers of SELinux has blogged about a way to do this on your linux desktop box. You can start a "virgin" browser in it's own Xserver with optional presets you copy in the loopmounted container. Every time you run it, it starts the same fresh image built on the fly when you run the command. This makes it easy to have separate browsers for each task you want isolated from the rest of your web experience or your desktop computer. Even if it gets infected, it will not remain on your computer and the infection is gone as soon as you close the browser. He's not the only one that has written about it, there are many more people giving useful examples on the web.

Completely misses the point.

[Vellmont]

The idea is just completely tangential to what the problem is. The problem isn't that "If we just had a secure little app that could ONLY go to my Bank, everything would be OK". The problem is that the internet is a series of interconnected sites, many of which you discover without even realizing what the site is, compounded by the fact that browsers aren't secure. We all know once the machine is infected from visiting a compromised site, all bets are off.

Drive bys happen because the browser isn't secure, not because people are supposed to have some inherent understanding of what sites are "good" and what sites are "bad". I've worked security in multiple different capacities, and even I can't tell you if a site is going to be "safe" or not. That's because a lot of drivebys are from the 3rd party adware server getting infected. Despite what some totally uninformed IT professionals will tell you, you can't protect yourself by just "knowing where not to click" or "knowing not to click on the fake anti-virus thing". Sadly, I know IT professionals that absolutely SWEAR that this is how people get malware, despite me repeatedly providing them examples of how that's just not that case.