W3C home > Mailing lists > Public > public-usable-authentication@w3.org > June 2006

Re: Secure Chrome

From: James A. Donald <jamesd@echeque.com>
Date: Tue, 13 Jun 2006 10:09:14 +1000
Message-ID: <448E022A.2050506@echeque.com>
To: public-usable-authentication@w3.org

Frederick Hirsch wrote:
 > I have a general question about secure chrome, which I
 > think reiterates what George said.
 >
 > What is to prevent an attack on secure chrome by
 > simply replacing the entire browser implementation, so
 > that the secure chrome isn't effective since the
 > underlying code is modified? Is the intent to remove
 > insecure functionality so that this attack would not
 > work undetected?
 >
 > (in this case open source seems to enable a
 > modification/replacement attack on the entire browser
 > implementation itself)

The best we can do is ensure that only installed
programs can commit fraud against a reasonably competent
and vigilant user, which at present we are not doing.
Right now web pages can commit fraud against a competent
and vigilant user.

With trusted computing, we can do better than that, but
that is not a reason to deploy trusted computing until
we do the best we can with what we already have.

     --digsig
          James A. Donald
      6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
      k+IHXg2ILW7fi6B8oNMBEGVyvcTVySWCy+jnhcSf
      4iHwsVpS2Wz7/UYldV4dAsd9Xsw82AhF6IttAd06o
Received on Tuesday, 13 June 2006 15:04:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:15 UTC