funsec mailing list archives
Re: fog of cyberwar
From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 22 Jan 2010 19:02:41 -0500
On Fri, Jan 22, 2010 at 04:45:03PM +0100, Dan Kaminsky wrote:
So which browser exactly is the secure one?
w3m in text-only mode...on OpenBSD...on Sparc? ;-) More seriously, there is no secure one, any more than there's a "safe" car. Just some that are more so, or less so. I think Firefox + NoScript + AdBlock + TACO is a pretty good move in the direction of "more so". (Certainly not the only such possibly move, nor necessarily the optimal move, just one of many.) I think IE is a very large move in the direction of "less so", to the point where nobody should be making it: I'm not sure how it's possible to do any worse. Meanwhile, Microsoft has essentially unlimited personnel and financial resources. They could hire 500 top-notch staff tomorrow, pay them out of petty cash, and completely rewrite IE with security as the overarching design goal -- if they wanted to. They could have done so years ago -- if they wanted to. That they haven't speaks volumes about their disinterest in making it secure. Oh, they'll make nice noises and patch it and whatnot, but that's just more "We Take This Matter Very Seriously" corporate BS. Meanwhile, they're plowing enormous resources into what I'll loosely term The Placate Big Content Effort. ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: fog of cyberwar, (continued)
- Re: fog of cyberwar steve pirk [egrep] (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar steve pirk [egrep] (Jan 22)
- Re: fog of cyberwar Vaughn, Randal L. (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar Joel Helgeson (Jan 23)
- Re: fog of cyberwar Vaughn, Randal L. (Jan 22)
- Re: fog of cyberwar Rich Kulawiec (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar phester (Jan 23)
- Re: fog of cyberwar Rich Kulawiec (Jan 23)
- Re: fog of cyberwar Gadi Evron (Jan 23)
- Re: fog of cyberwar Jason Lewis (Jan 24)
- Re: fog of cyberwar Dan White (Jan 24)
- Re: fog of cyberwar phester (Jan 24)
- Re: fog of cyberwar steve pirk [egrep] (Jan 24)
- Re: fog of cyberwar Rich Kulawiec (Feb 01)
- Re: fog of cyberwar Valdis . Kletnieks (Jan 23)