Re: Secure Chrome

On Monday 17 April 2006 10:35, Hallam-Baker, Phillip wrote:
> Lets break the problem down.
>
> Secure Chrome has a number of attributes:
>
> * Must be recognizable as secure chrome to the user

   It would be ideal to reduce this burden, but it's still important.

> * Must be under exclusive control of the application

  This is the most important point I think.

> * Secure Chrome - security guaranteed by the operating system

  How does this happen?  I don't see what makes "operating system" greater 
than "web browser application".  The only place this changes is in a TPC 
environment.

> * Spoof resistant chrome - security guaranteed by application level best
> effort

  I think this is more accessible right now.

> Adding the Google toolbar is an unintentional but effective protection
> against many phishing attacks spoofing the address bar in javascript
> because it mucks up their pixel counts.

   Exactly.  Unfortunately it doesn't scale well to mobility, but I think we 
can learn quite a bit from it.  I've seen other plugins that have techniques 
of personalizing the chrome as well.  The next question this brings up, in my 
mind, is does the user notice if this personalization changes?

> Refusing to create frameless pop ups. Rejecting the idiotic notion that the
> content provider has the right to determine the end user experience does a
> lot.

  I'm all for this and plan to have it in future releases.

> To get to absolutely secure chrome we are going to need close coupling to
> the O/S security layer. But this is a goal to work towards not a must
> achieve first day requirement.

  Ok, I think we're on the same page. :-)

-- 
George Staikos
KDE Developer    http://www.kde.org/
Staikos Computing Services Inc.  http://www.staikos.net/

Received on Tuesday, 18 April 2006 00:39:05 UTC