Ben Bucksch wrote:
> Mitch wrote:
>
>> What "implementation issues" are you concerned about? Anything specific?
>>
> I think he is concerned about the same thing I am: It is a fact that
> almost all security holes discovered in the last time (in both Mozilla
> and 4.x) need Javascript to work or often even are about bugs in the
> JavaScript/DOM implementation and their security policies. In other
> words, if you disable JavaScript, you are protected from most exploits.
You could say the same for Java. JavaScript is not inherently insecure;
it's just a powerful language, and with power comes risk.
>
> Unfortunately, disabling JavaScript is not feasible in the current web
> (at least not for me).
>
> I am sure that you know that there are often tradeoffs between
> functionality and security.
> AOL/Netscape being a content provider often takes the functionality
> route. (Some people will remember the discussion about remote chrome and
> the arguments of some Netscape employees for enabling it.)
Believe me, Microsoft takes the "functionality route" much more often
than Netscape. Remote chrome was not and is not secure enough for
deployment - it may be so eventually. This is generally understood at
Netscape. We don't ship fundamentally insecure technologies. This is not
to say we don't have exploits, just that we *do* in fact place a pretty
high emphasis on security, more so than M$ in my opinion.
That said, yes, I would like to create a "high-privacy mode" that can be enabled with
a single checkbox.
-Mitch
