-- Simon Josefsson wrote: > Would it be possible for one malicious web site to be > able to access (or even influence) what is being done > in another tab or window of the browser? > > If the user is talking to a bank, then that scenario > may threaten the user's privacy. > > Sandboxing the browser instance for each site would > solve that problem.
As designed, hard to VM each browser instance. If one uses something less than VM, one relies on quite a lot of code that one does not really understand being correct. I do not see any alternative to this, short of a major browser rewrite. Ideally, there should be a separate VM responsible for talking to each site, interpreting javascript, etc, which is created when the conversation is started, and shut down when one browses away from that site. Big project. Or instead of VMing things, one could structure the code so that automatic code checks make it impossible to compile code that is bad in certain ways - again a big project. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG txnLOsPeyJqwn5LYEMAdBUQoBArt6OJO8Rp8P6Vn 4GQB25JeUovLVxb1JZBHA6Q0qjCGFQGkhchihumVh --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]