Anthony G. Atkielski wrote:
- Firefox should define a generous number of security categories into
which sites can be grouped, ranging from fully trusted to fully
untrusted. There should be security settings for each category
appropriate to its level by default, but it should be possible to modify
the settings for any category to any degree.
Question of clarification - do you mean that the
user is capable of adding and deleting these
categories? Or that they are a fixed set that
are pre-ordained?
Or, would these be better off on a per-site basis?
For example as you enter a new site, the little
bar appears at the bottom giving you the option
to turn on features that are spotted, if you trust
the site?
These enhancements would be a huge step forward for security and would
largely eliminate the problems of adware, spyware, viruses, etc., since
conscientious users could lock down their Firefox browser to any desired
degree.
Bear in mind that the target user as expressed
here has been the average user. So the notion
would be that Firefox is shipped 'secure' out of
the box, and experienced users can loosen things
accordingly.
(Whether that survives as a policy, I know not.)
After using Firefox for a few weeks now, I think the only real
hesitation I have in abandoning MSIE is the lack of features such as
I've outlined above. MSIE is far from ideal, but it still provides more
granular control over security than Firefox does. But if Firefox begins
to provide the same control or better, there will be no real reason to
retain MSIE for anything.
BTW, I personally don't care if Firefox ever allows anything like
ActiveX. I've never encountered a site that had a truly serious and
legitimate need to use ActiveX controls, and I think the Web would be
better off without them. That includes Flash.
FWIW some people I have come across swear
by Flash. In my area, if I had the budget, I'd be
moving a lot of client work over to it. (They only
thing that slows me down is that the coding
has to be outsourced, which makes for a lot of
direct/unhidden cost.) I personally hate it but
the systems I've seen make a whole lotta sense.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
