Obviously Internet Explorer on Windows, because it's developed by good paid developers, not long bearded unix nerds.
On Tue, Mar 3, 2009 at 7:56 PM, <[email protected]> wrote: > On Tue, 03 Mar 2009 19:31:35 EST, [email protected] said: > >> code execution power hacks, etc). I would like to start a >> discussion, weighing in every expert opinion on what the most >> secure web browser is and why. > > Does 'telnet www.example.com 80' or 'netcat' count as a browser? Do > ascii-only things that only render static html count? Does a mainstream > browser with javascript and/or plugins disabled count? > > You then get to do a similar analysis defining "secure". It isn't a binary > yes/no - it's a continuum of different issues and relative importance, and > different people may rank things in different orders. Somebody who is > responsible for regulatory compliance probably cares more about data exposure > and identity theft issues - but a browser crash resulting in no data loss > isn't an issue. Meanwhile, the guy who has to run the help desk cares > if an issue crashes browsers and generates phone calls (anybody who was > working > in a NOC when Nachi came around knows how fast the costs of an outage can > pile up, even if no data is permanently lost). > > Gotta draw a boundary box if you want reasonable answers. > >> Also whether or not the underlying >> operating system matters - is firefox more secure under BeOS than >> mosaic under IBM's dos? > > Again, you have to make a decision - if an exploit *did* manage to abuse > a browser's code, but was then foiled by an OS security feature (ACLs, ASLR, > SELinux, or whatever), does that count as "a secure browser", or "a secure > OS"? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
